@alienplatform/core 1.4.1 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/.turbo/turbo-build.log +10 -9
  2. package/dist/index.d.ts +9 -1
  3. package/dist/index.d.ts.map +1 -1
  4. package/dist/stack.js +8 -1
  5. package/dist/stack.js.map +1 -1
  6. package/package.json +1 -1
  7. package/src/generated/schemas/azureCustomCertificateConfig.json +1 -1
  8. package/src/generated/schemas/azureNetworkImportData.json +1 -1
  9. package/src/generated/schemas/azureVnetNetworkHeartbeatData.json +1 -1
  10. package/src/generated/schemas/customCertificateConfig.json +1 -1
  11. package/src/generated/schemas/customDomainConfig.json +1 -1
  12. package/src/generated/schemas/domainSettings.json +1 -1
  13. package/src/generated/schemas/networkHeartbeatData.json +1 -1
  14. package/src/generated/schemas/networkSettings.json +1 -1
  15. package/src/generated/schemas/resourceHeartbeat.json +1 -1
  16. package/src/generated/schemas/resourceHeartbeatData.json +1 -1
  17. package/src/generated/schemas/stackImportRequest.json +1 -1
  18. package/src/generated/schemas/stackImportResponse.json +1 -1
  19. package/src/generated/schemas/stackSettings.json +1 -1
  20. package/src/generated/zod/azure-custom-certificate-config-schema.ts +2 -1
  21. package/src/generated/zod/azure-network-import-data-schema.ts +3 -1
  22. package/src/generated/zod/azure-vnet-network-heartbeat-data-schema.ts +2 -1
  23. package/src/generated/zod/network-settings-schema.ts +2 -1
package/src/generated/schemas/stackSettings.json CHANGED
@@ -1 +1 @@
1
- {"type":"object","description":"User-customizable deployment settings specified at deploy time.\n\nThese settings are provided by the customer via CloudFormation parameters,\nTerraform attributes, CLI flags, or Helm values. They customize how the\ndeployment runs and what capabilities are enabled.\n\n**Key distinction**: StackSettings is user-customizable, while ManagementConfig\nis platform-derived (from the Manager's ServiceAccount).","properties":{"deploymentModel":{"description":"Deployment model: push (Manager) or pull (Agent).\nDefault: Push.\n- Push: Manager drives updates. For cloud platforms, requires cross-account\n credentials established during initial setup. For push-mode local\n deployments (currently `alien dev`), the manager has direct access —\n no bootstrap needed.\n- Pull: Agent in the target environment drives updates via polling.\n Required for Kubernetes and remote local deployments.","type":"string","enum":["push","pull"],"x-readme-ref-name":"DeploymentModel"},"domains":{"oneOf":[{"type":"null"},{"description":"Domain configuration (future).","type":"object","properties":{"customDomains":{"type":["object","null"],"description":"Custom domain configuration per resource ID.","additionalProperties":{"type":"object","description":"Custom domain configuration for a single resource.","required":["domain","certificate"],"properties":{"certificate":{"description":"Customer-provided certificate reference.","type":"object","properties":{"aws":{"oneOf":[{"type":"null"},{"description":"AWS ACM certificate ARN","type":"object","required":["certificateArn"],"properties":{"certificateArn":{"type":"string"}},"x-readme-ref-name":"AwsCustomCertificateConfig"}]},"azure":{"oneOf":[{"type":"null"},{"description":"Azure Key Vault certificate ID","type":"object","required":["keyVaultCertificateId"],"properties":{"keyVaultCertificateId":{"type":"string"}},"x-readme-ref-name":"AzureCustomCertificateConfig"}]},"gcp":{"oneOf":[{"type":"null"},{"description":"GCP Certificate Manager certificate name","type":"object","required":["certificateName"],"properties":{"certificateName":{"type":"string"}},"x-readme-ref-name":"GcpCustomCertificateConfig"}]},"kubernetes":{"oneOf":[{"type":"null"},{"description":"Kubernetes TLS Secret reference for Secret-backed route profiles.","type":"object","required":["tlsSecretRef"],"properties":{"tlsSecretRef":{"description":"Existing TLS Secret containing `tls.crt` and `tls.key`.","type":"object","required":["secretName"],"properties":{"namespace":{"type":["string","null"],"description":"Secret namespace. Defaults to the release namespace when omitted."},"secretName":{"type":"string","description":"Secret name."}},"x-readme-ref-name":"KubernetesTlsSecretRef"}},"x-readme-ref-name":"KubernetesCustomCertificateConfig"}]}},"x-readme-ref-name":"CustomCertificateConfig"},"domain":{"type":"string","description":"Fully qualified domain name to use."}},"x-readme-ref-name":"CustomDomainConfig"},"propertyNames":{"type":"string"}}},"x-readme-ref-name":"DomainSettings"}]},"externalBindings":{"type":["object","null"],"description":"External bindings for pre-existing infrastructure.\nAllows using existing resources (MinIO, Redis, shared Container Apps\nEnvironment, etc.) instead of having Alien provision them.\nRequired for Kubernetes platform, optional for cloud platforms."},"heartbeats":{"description":"How heartbeat health checks are handled.\n- off: No heartbeat permissions\n- on: Heartbeat enabled (default)","type":"string","enum":["off","on"],"x-readme-ref-name":"HeartbeatsMode"},"kubernetes":{"oneOf":[{"type":"null"},{"description":"Kubernetes runtime substrate configuration.","type":"object","properties":{"cluster":{"oneOf":[{"type":"null"},{"description":"Cluster selection or creation settings.","type":"object","required":["ownership"],"properties":{"cloud":{"oneOf":[{"type":"null"},{"description":"Optional provider-specific cloud identity for existing clusters.","type":"object","properties":{"accountId":{"type":["string","null"]},"clusterId":{"type":["string","null"]},"clusterName":{"type":["string","null"]},"projectId":{"type":["string","null"]},"region":{"type":["string","null"]},"resourceGroup":{"type":["string","null"]},"subscriptionId":{"type":["string","null"]}},"additionalProperties":false,"x-readme-ref-name":"KubernetesCloudReference"}]},"namespace":{"type":["string","null"],"description":"Namespace where the Alien chart and application resources run."},"ownership":{"description":"Whether Alien should create the cluster, use a setup-owned existing\ncluster, or bind to an external/on-prem cluster.","type":"string","enum":["managed","existing","external"],"x-readme-ref-name":"KubernetesClusterOwnership"}},"x-readme-ref-name":"KubernetesClusterSettings"}]},"exposure":{"oneOf":[{"type":"null"},{"description":"Public HTTPS exposure contract shared by setup, Helm, and runtime.","oneOf":[{"type":"object","description":"Do not create Alien-managed external routing.","required":["mode"],"properties":{"mode":{"type":"string","enum":["disabled"]}}},{"type":"object","description":"Use Alien-generated DNS and Platform-managed certificate material.","required":["route","certificate","mode"],"properties":{"certificate":{"description":"How managed certificate material reaches the route profile.","oneOf":[{"type":"object","description":"Platform-managed cert imported into AWS ACM by the runtime.","required":["mode"],"properties":{"mode":{"type":"string","enum":["managedAcmImport"]},"region":{"type":["string","null"],"description":"ACM region. Defaults to the deployment region when omitted."},"tags":{"type":"object","description":"Tags applied to runtime-imported ACM certificates.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}}}},{"type":"object","description":"Customer-provided AWS ACM certificate ARN.","required":["certificateArn","mode"],"properties":{"certificateArn":{"type":"string","description":"Existing ACM certificate ARN."},"mode":{"type":"string","enum":["awsAcmArn"]}}},{"type":"object","description":"Platform-managed cert written to a Kubernetes TLS Secret.","required":["secretNameTemplate","mode"],"properties":{"mode":{"type":"string","enum":["managedTlsSecret"]},"secretNameTemplate":{"type":"string","description":"Secret name template. Runtime may substitute resource/deployment tokens."}}},{"allOf":[{"description":"Customer-provided Kubernetes TLS Secret.","type":"object","required":["secretName"],"properties":{"namespace":{"type":["string","null"],"description":"Secret namespace. Defaults to the release namespace when omitted."},"secretName":{"type":"string","description":"Secret name."}},"x-readme-ref-name":"KubernetesTlsSecretRef"},{"type":"object","required":["mode"],"properties":{"mode":{"type":"string","enum":["tlsSecretRef"]}}}],"description":"Customer-provided Kubernetes TLS Secret."},{"type":"object","description":"No TLS certificate should be configured by Alien.","required":["mode"],"properties":{"mode":{"type":"string","enum":["none"]}}}],"x-readme-ref-name":"KubernetesCertificateMode"},"mode":{"type":"string","enum":["generated"]},"route":{"description":"Runtime route profile to materialize.","oneOf":[{"allOf":[{"description":"`networking.k8s.io/v1` Ingress route profile.","type":"object","required":["ingressClassName"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example `eks.amazonaws.com/alb`."},"ingressClassName":{"type":"string","description":"`spec.ingressClassName` for generated Ingresses."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesIngressRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["ingress"]}}}],"description":"`networking.k8s.io/v1` Ingress route profile."},{"allOf":[{"description":"Gateway API `Gateway` + `HTTPRoute` route profile.","type":"object","required":["gatewayClassName","listenerPort"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example a cloud Gateway controller."},"gatewayClassName":{"type":"string","description":"GatewayClass selected for generated Gateways."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"listenerPort":{"type":"integer","format":"int32","description":"Listener port, usually 443.","minimum":0},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesGatewayRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["gateway"]}}}],"description":"Gateway API `Gateway` + `HTTPRoute` route profile."}],"x-readme-ref-name":"KubernetesRouteProfile"}}},{"type":"object","description":"Use a customer hostname and customer-owned certificate reference.","required":["domain","route","certificate","mode"],"properties":{"certificate":{"description":"Customer-owned certificate reference consumed by the route profile.","oneOf":[{"type":"object","description":"Platform-managed cert imported into AWS ACM by the runtime.","required":["mode"],"properties":{"mode":{"type":"string","enum":["managedAcmImport"]},"region":{"type":["string","null"],"description":"ACM region. Defaults to the deployment region when omitted."},"tags":{"type":"object","description":"Tags applied to runtime-imported ACM certificates.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}}}},{"type":"object","description":"Customer-provided AWS ACM certificate ARN.","required":["certificateArn","mode"],"properties":{"certificateArn":{"type":"string","description":"Existing ACM certificate ARN."},"mode":{"type":"string","enum":["awsAcmArn"]}}},{"type":"object","description":"Platform-managed cert written to a Kubernetes TLS Secret.","required":["secretNameTemplate","mode"],"properties":{"mode":{"type":"string","enum":["managedTlsSecret"]},"secretNameTemplate":{"type":"string","description":"Secret name template. Runtime may substitute resource/deployment tokens."}}},{"allOf":[{"description":"Customer-provided Kubernetes TLS Secret.","type":"object","required":["secretName"],"properties":{"namespace":{"type":["string","null"],"description":"Secret namespace. Defaults to the release namespace when omitted."},"secretName":{"type":"string","description":"Secret name."}},"x-readme-ref-name":"KubernetesTlsSecretRef"},{"type":"object","required":["mode"],"properties":{"mode":{"type":"string","enum":["tlsSecretRef"]}}}],"description":"Customer-provided Kubernetes TLS Secret."},{"type":"object","description":"No TLS certificate should be configured by Alien.","required":["mode"],"properties":{"mode":{"type":"string","enum":["none"]}}}],"x-readme-ref-name":"KubernetesCertificateMode"},"domain":{"type":"string","description":"Hostname routed by the Kubernetes public endpoint."},"mode":{"type":"string","enum":["custom"]},"route":{"description":"Runtime route profile to materialize.","oneOf":[{"allOf":[{"description":"`networking.k8s.io/v1` Ingress route profile.","type":"object","required":["ingressClassName"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example `eks.amazonaws.com/alb`."},"ingressClassName":{"type":"string","description":"`spec.ingressClassName` for generated Ingresses."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesIngressRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["ingress"]}}}],"description":"`networking.k8s.io/v1` Ingress route profile."},{"allOf":[{"description":"Gateway API `Gateway` + `HTTPRoute` route profile.","type":"object","required":["gatewayClassName","listenerPort"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example a cloud Gateway controller."},"gatewayClassName":{"type":"string","description":"GatewayClass selected for generated Gateways."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"listenerPort":{"type":"integer","format":"int32","description":"Listener port, usually 443.","minimum":0},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesGatewayRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["gateway"]}}}],"description":"Gateway API `Gateway` + `HTTPRoute` route profile."}],"x-readme-ref-name":"KubernetesRouteProfile"}}}],"x-readme-ref-name":"KubernetesExposureSettings"}]}},"x-readme-ref-name":"KubernetesSettings"}]},"network":{"oneOf":[{"type":"null"},{"description":"Network configuration for the stack (VPC/VNet settings).\nIf `None`, an isolated VPC with NAT is auto-created when the stack has resources\nthat require networking (e.g., containers). Set explicitly to customize:\n`UseDefault` for the provider's default network (fast, dev/test only),\n`Create` for an isolated VPC with managed NAT (production), or `ByoVpc*`\nto reference an existing customer-managed VPC.","oneOf":[{"type":"object","description":"Use the cloud provider's default VPC/network.\n\nDesigned for fast dev/test provisioning. No isolated VPC is created, so there\nis nothing to wait for or clean up. VMs receive ephemeral public IPs for internet\naccess — no NAT gateway is provisioned.\n\n- **AWS**: Discovers the account's default VPC. Subnets are public with auto-assigned IPs.\n- **GCP**: Discovers the project's `default` network and regional subnet. Instance\n templates include an `AccessConfig` to assign an ephemeral external IP.\n- **Azure**: Azure has no default VNet, so one is created along with a NAT Gateway.\n VMs stay private and use NAT for egress.\n\nNot recommended for production. Use `Create` instead.","required":["type"],"properties":{"type":{"type":"string","enum":["use-default"]}}},{"type":"object","description":"Create a new isolated VPC/VNet with a managed NAT gateway.\n\nAll networking infrastructure is provisioned by Alien and cleaned up on delete.\nVMs use private IPs only; all outbound traffic routes through the NAT gateway.\n\nRecommended for production deployments.","required":["type"],"properties":{"availability_zones":{"type":"integer","format":"int32","description":"Number of availability zones (default: 2).","minimum":0},"cidr":{"type":["string","null"],"description":"VPC/VNet CIDR block. If not specified, auto-generated from stack ID\nto reduce conflicts (e.g., \"10.{hash}.0.0/16\")."},"type":{"type":"string","enum":["create"]}}},{"type":"object","description":"Use an existing VPC (AWS).\n\nAlien validates the references but creates no networking infrastructure.\nThe customer is responsible for routing and egress (NAT, proxy, VPN, etc.).","required":["vpc_id","public_subnet_ids","private_subnet_ids","type"],"properties":{"private_subnet_ids":{"type":"array","items":{"type":"string"},"description":"IDs of private subnets"},"public_subnet_ids":{"type":"array","items":{"type":"string"},"description":"IDs of public subnets (required for public ingress)"},"security_group_ids":{"type":"array","items":{"type":"string"},"description":"Optional security group IDs to use"},"type":{"type":"string","enum":["byo-vpc-aws"]},"vpc_id":{"type":"string","description":"The ID of the existing VPC"}}},{"type":"object","description":"Use an existing VPC (GCP).\n\nAlien validates the references but creates no networking infrastructure.\nThe customer is responsible for routing and egress (Cloud NAT, proxy, VPN, etc.).","required":["network_name","subnet_name","region","type"],"properties":{"network_name":{"type":"string","description":"The name of the existing VPC network"},"region":{"type":"string","description":"The region of the subnet"},"subnet_name":{"type":"string","description":"The name of the subnet to use"},"type":{"type":"string","enum":["byo-vpc-gcp"]}}},{"type":"object","description":"Use an existing VNet (Azure).\n\nAlien validates the references but creates no networking infrastructure.\nThe customer is responsible for routing and egress (NAT Gateway, proxy, VPN, etc.).","required":["vnet_resource_id","public_subnet_name","private_subnet_name","type"],"properties":{"private_subnet_name":{"type":"string","description":"Name of the private subnet within the VNet"},"public_subnet_name":{"type":"string","description":"Name of the public subnet within the VNet"},"type":{"type":"string","enum":["byo-vnet-azure"]},"vnet_resource_id":{"type":"string","description":"The full resource ID of the existing VNet"}}}],"x-readme-ref-name":"NetworkSettings"}]},"telemetry":{"description":"How telemetry (logs, metrics, traces) is handled.\n- off: No telemetry permissions\n- auto: Telemetry flows automatically (default)\n- approval-required: Telemetry waits for explicit approval","type":"string","enum":["off","auto","approval-required"],"x-readme-ref-name":"TelemetryMode"},"updates":{"description":"How updates are delivered.\n- auto: Updates deploy automatically (default)\n- approval-required: Updates wait for explicit approval","type":"string","enum":["auto","approval-required"],"x-readme-ref-name":"UpdatesMode"}},"x-readme-ref-name":"StackSettings"}
1
+ {"type":"object","description":"User-customizable deployment settings specified at deploy time.\n\nThese settings are provided by the customer via CloudFormation parameters,\nTerraform attributes, CLI flags, or Helm values. They customize how the\ndeployment runs and what capabilities are enabled.\n\n**Key distinction**: StackSettings is user-customizable, while ManagementConfig\nis platform-derived (from the Manager's ServiceAccount).","properties":{"deploymentModel":{"description":"Deployment model: push (Manager) or pull (Agent).\nDefault: Push.\n- Push: Manager drives updates. For cloud platforms, requires cross-account\n credentials established during initial setup. For push-mode local\n deployments (currently `alien dev`), the manager has direct access —\n no bootstrap needed.\n- Pull: Agent in the target environment drives updates via polling.\n Required for Kubernetes and remote local deployments.","type":"string","enum":["push","pull"],"x-readme-ref-name":"DeploymentModel"},"domains":{"oneOf":[{"type":"null"},{"description":"Domain configuration (future).","type":"object","properties":{"customDomains":{"type":["object","null"],"description":"Custom domain configuration per resource ID.","additionalProperties":{"type":"object","description":"Custom domain configuration for a single resource.","required":["domain","certificate"],"properties":{"certificate":{"description":"Customer-provided certificate reference.","type":"object","properties":{"aws":{"oneOf":[{"type":"null"},{"description":"AWS ACM certificate ARN","type":"object","required":["certificateArn"],"properties":{"certificateArn":{"type":"string"}},"x-readme-ref-name":"AwsCustomCertificateConfig"}]},"azure":{"oneOf":[{"type":"null"},{"description":"Azure Key Vault certificate ID","type":"object","required":["keyVaultCertificateId"],"properties":{"keyVaultCertificateId":{"type":"string"},"keyVaultResourceId":{"type":["string","null"]}},"x-readme-ref-name":"AzureCustomCertificateConfig"}]},"gcp":{"oneOf":[{"type":"null"},{"description":"GCP Certificate Manager certificate name","type":"object","required":["certificateName"],"properties":{"certificateName":{"type":"string"}},"x-readme-ref-name":"GcpCustomCertificateConfig"}]},"kubernetes":{"oneOf":[{"type":"null"},{"description":"Kubernetes TLS Secret reference for Secret-backed route profiles.","type":"object","required":["tlsSecretRef"],"properties":{"tlsSecretRef":{"description":"Existing TLS Secret containing `tls.crt` and `tls.key`.","type":"object","required":["secretName"],"properties":{"namespace":{"type":["string","null"],"description":"Secret namespace. Defaults to the release namespace when omitted."},"secretName":{"type":"string","description":"Secret name."}},"x-readme-ref-name":"KubernetesTlsSecretRef"}},"x-readme-ref-name":"KubernetesCustomCertificateConfig"}]}},"x-readme-ref-name":"CustomCertificateConfig"},"domain":{"type":"string","description":"Fully qualified domain name to use."}},"x-readme-ref-name":"CustomDomainConfig"},"propertyNames":{"type":"string"}}},"x-readme-ref-name":"DomainSettings"}]},"externalBindings":{"type":["object","null"],"description":"External bindings for pre-existing infrastructure.\nAllows using existing resources (MinIO, Redis, shared Container Apps\nEnvironment, etc.) instead of having Alien provision them.\nRequired for Kubernetes platform, optional for cloud platforms."},"heartbeats":{"description":"How heartbeat health checks are handled.\n- off: No heartbeat permissions\n- on: Heartbeat enabled (default)","type":"string","enum":["off","on"],"x-readme-ref-name":"HeartbeatsMode"},"kubernetes":{"oneOf":[{"type":"null"},{"description":"Kubernetes runtime substrate configuration.","type":"object","properties":{"cluster":{"oneOf":[{"type":"null"},{"description":"Cluster selection or creation settings.","type":"object","required":["ownership"],"properties":{"cloud":{"oneOf":[{"type":"null"},{"description":"Optional provider-specific cloud identity for existing clusters.","type":"object","properties":{"accountId":{"type":["string","null"]},"clusterId":{"type":["string","null"]},"clusterName":{"type":["string","null"]},"projectId":{"type":["string","null"]},"region":{"type":["string","null"]},"resourceGroup":{"type":["string","null"]},"subscriptionId":{"type":["string","null"]}},"additionalProperties":false,"x-readme-ref-name":"KubernetesCloudReference"}]},"namespace":{"type":["string","null"],"description":"Namespace where the Alien chart and application resources run."},"ownership":{"description":"Whether Alien should create the cluster, use a setup-owned existing\ncluster, or bind to an external/on-prem cluster.","type":"string","enum":["managed","existing","external"],"x-readme-ref-name":"KubernetesClusterOwnership"}},"x-readme-ref-name":"KubernetesClusterSettings"}]},"exposure":{"oneOf":[{"type":"null"},{"description":"Public HTTPS exposure contract shared by setup, Helm, and runtime.","oneOf":[{"type":"object","description":"Do not create Alien-managed external routing.","required":["mode"],"properties":{"mode":{"type":"string","enum":["disabled"]}}},{"type":"object","description":"Use Alien-generated DNS and Platform-managed certificate material.","required":["route","certificate","mode"],"properties":{"certificate":{"description":"How managed certificate material reaches the route profile.","oneOf":[{"type":"object","description":"Platform-managed cert imported into AWS ACM by the runtime.","required":["mode"],"properties":{"mode":{"type":"string","enum":["managedAcmImport"]},"region":{"type":["string","null"],"description":"ACM region. Defaults to the deployment region when omitted."},"tags":{"type":"object","description":"Tags applied to runtime-imported ACM certificates.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}}}},{"type":"object","description":"Customer-provided AWS ACM certificate ARN.","required":["certificateArn","mode"],"properties":{"certificateArn":{"type":"string","description":"Existing ACM certificate ARN."},"mode":{"type":"string","enum":["awsAcmArn"]}}},{"type":"object","description":"Platform-managed cert written to a Kubernetes TLS Secret.","required":["secretNameTemplate","mode"],"properties":{"mode":{"type":"string","enum":["managedTlsSecret"]},"secretNameTemplate":{"type":"string","description":"Secret name template. Runtime may substitute resource/deployment tokens."}}},{"allOf":[{"description":"Customer-provided Kubernetes TLS Secret.","type":"object","required":["secretName"],"properties":{"namespace":{"type":["string","null"],"description":"Secret namespace. Defaults to the release namespace when omitted."},"secretName":{"type":"string","description":"Secret name."}},"x-readme-ref-name":"KubernetesTlsSecretRef"},{"type":"object","required":["mode"],"properties":{"mode":{"type":"string","enum":["tlsSecretRef"]}}}],"description":"Customer-provided Kubernetes TLS Secret."},{"type":"object","description":"No TLS certificate should be configured by Alien.","required":["mode"],"properties":{"mode":{"type":"string","enum":["none"]}}}],"x-readme-ref-name":"KubernetesCertificateMode"},"mode":{"type":"string","enum":["generated"]},"route":{"description":"Runtime route profile to materialize.","oneOf":[{"allOf":[{"description":"`networking.k8s.io/v1` Ingress route profile.","type":"object","required":["ingressClassName"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example `eks.amazonaws.com/alb`."},"ingressClassName":{"type":"string","description":"`spec.ingressClassName` for generated Ingresses."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesIngressRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["ingress"]}}}],"description":"`networking.k8s.io/v1` Ingress route profile."},{"allOf":[{"description":"Gateway API `Gateway` + `HTTPRoute` route profile.","type":"object","required":["gatewayClassName","listenerPort"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example a cloud Gateway controller."},"gatewayClassName":{"type":"string","description":"GatewayClass selected for generated Gateways."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"listenerPort":{"type":"integer","format":"int32","description":"Listener port, usually 443.","minimum":0},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesGatewayRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["gateway"]}}}],"description":"Gateway API `Gateway` + `HTTPRoute` route profile."}],"x-readme-ref-name":"KubernetesRouteProfile"}}},{"type":"object","description":"Use a customer hostname and customer-owned certificate reference.","required":["domain","route","certificate","mode"],"properties":{"certificate":{"description":"Customer-owned certificate reference consumed by the route profile.","oneOf":[{"type":"object","description":"Platform-managed cert imported into AWS ACM by the runtime.","required":["mode"],"properties":{"mode":{"type":"string","enum":["managedAcmImport"]},"region":{"type":["string","null"],"description":"ACM region. Defaults to the deployment region when omitted."},"tags":{"type":"object","description":"Tags applied to runtime-imported ACM certificates.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}}}},{"type":"object","description":"Customer-provided AWS ACM certificate ARN.","required":["certificateArn","mode"],"properties":{"certificateArn":{"type":"string","description":"Existing ACM certificate ARN."},"mode":{"type":"string","enum":["awsAcmArn"]}}},{"type":"object","description":"Platform-managed cert written to a Kubernetes TLS Secret.","required":["secretNameTemplate","mode"],"properties":{"mode":{"type":"string","enum":["managedTlsSecret"]},"secretNameTemplate":{"type":"string","description":"Secret name template. Runtime may substitute resource/deployment tokens."}}},{"allOf":[{"description":"Customer-provided Kubernetes TLS Secret.","type":"object","required":["secretName"],"properties":{"namespace":{"type":["string","null"],"description":"Secret namespace. Defaults to the release namespace when omitted."},"secretName":{"type":"string","description":"Secret name."}},"x-readme-ref-name":"KubernetesTlsSecretRef"},{"type":"object","required":["mode"],"properties":{"mode":{"type":"string","enum":["tlsSecretRef"]}}}],"description":"Customer-provided Kubernetes TLS Secret."},{"type":"object","description":"No TLS certificate should be configured by Alien.","required":["mode"],"properties":{"mode":{"type":"string","enum":["none"]}}}],"x-readme-ref-name":"KubernetesCertificateMode"},"domain":{"type":"string","description":"Hostname routed by the Kubernetes public endpoint."},"mode":{"type":"string","enum":["custom"]},"route":{"description":"Runtime route profile to materialize.","oneOf":[{"allOf":[{"description":"`networking.k8s.io/v1` Ingress route profile.","type":"object","required":["ingressClassName"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example `eks.amazonaws.com/alb`."},"ingressClassName":{"type":"string","description":"`spec.ingressClassName` for generated Ingresses."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesIngressRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["ingress"]}}}],"description":"`networking.k8s.io/v1` Ingress route profile."},{"allOf":[{"description":"Gateway API `Gateway` + `HTTPRoute` route profile.","type":"object","required":["gatewayClassName","listenerPort"],"properties":{"annotations":{"type":"object","description":"Annotations applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"controller":{"type":["string","null"],"description":"Route controller identifier, for example a cloud Gateway controller."},"gatewayClassName":{"type":"string","description":"GatewayClass selected for generated Gateways."},"labels":{"type":"object","description":"Labels applied to route objects.","additionalProperties":{"type":"string"},"propertyNames":{"type":"string"}},"listenerPort":{"type":"integer","format":"int32","description":"Listener port, usually 443.","minimum":0},"provider":{"oneOf":[{"type":"null"},{"description":"Provider-specific route options that are required by the selected class.","oneOf":[{"type":"object","description":"AWS ALB route options for EKS.","required":["scheme","targetType","provider"],"properties":{"ipAddressType":{"type":["string","null"],"description":"Optional ALB IP address type, such as `dualstack`."},"provider":{"type":"string","enum":["awsAlb"]},"scheme":{"type":"string","description":"Internet-facing or internal ALB scheme."},"subnetIds":{"type":"array","items":{"type":"string"},"description":"Explicit subnet IDs when the profile cannot rely on controller discovery."},"targetType":{"type":"string","description":"ALB target type, usually `ip`."}}},{"type":"object","description":"GKE Gateway route options.","required":["provider"],"properties":{"provider":{"type":"string","enum":["gkeGateway"]},"staticAddressName":{"type":["string","null"],"description":"Optional static address name for the Gateway frontend."}}},{"type":"object","description":"Azure Application Gateway for Containers route options.","required":["frontend","provider"],"properties":{"albName":{"type":["string","null"],"description":"Optional ALB name when using BYO Application Gateway resources."},"albNamespace":{"type":["string","null"],"description":"Optional ALB namespace when using BYO Application Gateway resources."},"frontend":{"type":"string","description":"Public or internal frontend exposure."},"provider":{"type":"string","enum":["azureApplicationGatewayForContainers"]}}}],"x-readme-ref-name":"KubernetesRouteProviderOptions"}]}},"x-readme-ref-name":"KubernetesGatewayRouteProfile"},{"type":"object","required":["routeApi"],"properties":{"routeApi":{"type":"string","enum":["gateway"]}}}],"description":"Gateway API `Gateway` + `HTTPRoute` route profile."}],"x-readme-ref-name":"KubernetesRouteProfile"}}}],"x-readme-ref-name":"KubernetesExposureSettings"}]}},"x-readme-ref-name":"KubernetesSettings"}]},"network":{"oneOf":[{"type":"null"},{"description":"Network configuration for the stack (VPC/VNet settings).\nIf `None`, an isolated VPC with NAT is auto-created when the stack has resources\nthat require networking (e.g., containers). Set explicitly to customize:\n`UseDefault` for the provider's default network (fast, dev/test only),\n`Create` for an isolated VPC with managed NAT (production), or `ByoVpc*`\nto reference an existing customer-managed VPC.","oneOf":[{"type":"object","description":"Use the cloud provider's default VPC/network.\n\nDesigned for fast dev/test provisioning. No isolated VPC is created, so there\nis nothing to wait for or clean up. VMs receive ephemeral public IPs for internet\naccess — no NAT gateway is provisioned.\n\n- **AWS**: Discovers the account's default VPC. Subnets are public with auto-assigned IPs.\n- **GCP**: Discovers the project's `default` network and regional subnet. Instance\n templates include an `AccessConfig` to assign an ephemeral external IP.\n- **Azure**: Azure has no default VNet, so one is created along with a NAT Gateway.\n VMs stay private and use NAT for egress.\n\nNot recommended for production. Use `Create` instead.","required":["type"],"properties":{"type":{"type":"string","enum":["use-default"]}}},{"type":"object","description":"Create a new isolated VPC/VNet with a managed NAT gateway.\n\nAll networking infrastructure is provisioned by Alien and cleaned up on delete.\nVMs use private IPs only; all outbound traffic routes through the NAT gateway.\n\nRecommended for production deployments.","required":["type"],"properties":{"availability_zones":{"type":"integer","format":"int32","description":"Number of availability zones (default: 2).","minimum":0},"cidr":{"type":["string","null"],"description":"VPC/VNet CIDR block. If not specified, auto-generated from stack ID\nto reduce conflicts (e.g., \"10.{hash}.0.0/16\")."},"type":{"type":"string","enum":["create"]}}},{"type":"object","description":"Use an existing VPC (AWS).\n\nAlien validates the references but creates no networking infrastructure.\nThe customer is responsible for routing and egress (NAT, proxy, VPN, etc.).","required":["vpc_id","public_subnet_ids","private_subnet_ids","type"],"properties":{"private_subnet_ids":{"type":"array","items":{"type":"string"},"description":"IDs of private subnets"},"public_subnet_ids":{"type":"array","items":{"type":"string"},"description":"IDs of public subnets (required for public ingress)"},"security_group_ids":{"type":"array","items":{"type":"string"},"description":"Optional security group IDs to use"},"type":{"type":"string","enum":["byo-vpc-aws"]},"vpc_id":{"type":"string","description":"The ID of the existing VPC"}}},{"type":"object","description":"Use an existing VPC (GCP).\n\nAlien validates the references but creates no networking infrastructure.\nThe customer is responsible for routing and egress (Cloud NAT, proxy, VPN, etc.).","required":["network_name","subnet_name","region","type"],"properties":{"network_name":{"type":"string","description":"The name of the existing VPC network"},"region":{"type":"string","description":"The region of the subnet"},"subnet_name":{"type":"string","description":"The name of the subnet to use"},"type":{"type":"string","enum":["byo-vpc-gcp"]}}},{"type":"object","description":"Use an existing VNet (Azure).\n\nAlien validates the references but creates no networking infrastructure.\nThe customer is responsible for routing and egress (NAT Gateway, proxy, VPN, etc.).","required":["vnet_resource_id","public_subnet_name","private_subnet_name","type"],"properties":{"application_gateway_subnet_name":{"type":["string","null"],"description":"Name of the dedicated classic Application Gateway subnet within the VNet."},"private_subnet_name":{"type":"string","description":"Name of the private subnet within the VNet"},"public_subnet_name":{"type":"string","description":"Name of the public subnet within the VNet"},"type":{"type":"string","enum":["byo-vnet-azure"]},"vnet_resource_id":{"type":"string","description":"The full resource ID of the existing VNet"}}}],"x-readme-ref-name":"NetworkSettings"}]},"telemetry":{"description":"How telemetry (logs, metrics, traces) is handled.\n- off: No telemetry permissions\n- auto: Telemetry flows automatically (default)\n- approval-required: Telemetry waits for explicit approval","type":"string","enum":["off","auto","approval-required"],"x-readme-ref-name":"TelemetryMode"},"updates":{"description":"How updates are delivered.\n- auto: Updates deploy automatically (default)\n- approval-required: Updates wait for explicit approval","type":"string","enum":["auto","approval-required"],"x-readme-ref-name":"UpdatesMode"}},"x-readme-ref-name":"StackSettings"}
package/src/generated/zod/azure-custom-certificate-config-schema.ts CHANGED
@@ -6,7 +6,8 @@
6
6
  import * as z from "zod";
7
7
 
8
8
  export const AzureCustomCertificateConfigSchema = z.object({
9
- "keyVaultCertificateId": z.string()
9
+ "keyVaultCertificateId": z.string(),
10
+ "keyVaultResourceId": z.string().nullish()
10
11
  })
11
12
 
12
13
  export type AzureCustomCertificateConfig = z.infer<typeof AzureCustomCertificateConfigSchema>
package/src/generated/zod/azure-network-import-data-schema.ts CHANGED
@@ -9,7 +9,9 @@ import * as z from "zod";
9
9
  * @description Azure Network ImportData — VNet + subnets + NAT topology.
10
10
  */
11
11
  export const AzureNetworkImportDataSchema = z.object({
12
- "isByoVnet": z.boolean().describe("True when the VNet is owned outside this stack."),
12
+ "applicationGatewaySubnetId": z.string().describe("Dedicated subnet for classic Azure Application Gateway ingress.").nullish(),
13
+ "applicationGatewaySubnetName": z.string().describe("Dedicated subnet name for classic Azure Application Gateway ingress.").nullish(),
14
+ "isByoVnet": z.boolean().describe("True when the VNet is owned outside this stack."),
13
15
  "natGatewayId": z.string().describe("NAT gateway resource id when one was created.").nullish(),
14
16
  "networkSecurityGroupId": z.string().describe("Network Security Group resource id attached to workload subnets.").nullish(),
15
17
  "resourceGroup": z.string().describe("Resource group containing the VNet."),
package/src/generated/zod/azure-vnet-network-heartbeat-data-schema.ts CHANGED
@@ -7,7 +7,8 @@ import * as z from "zod";
7
7
  import { NetworkHeartbeatStatusSchema } from "./network-heartbeat-status-schema.js";
8
8
 
9
9
  export const AzureVnetNetworkHeartbeatDataSchema = z.object({
10
- "cidrBlock": z.string().nullish(),
10
+ "applicationGatewaySubnetName": z.string().nullish(),
11
+ "cidrBlock": z.string().nullish(),
11
12
  "isByoVnet": z.boolean(),
12
13
  "lastByoVnetVerificationErrorCode": z.string().nullish(),
13
14
  "location": z.string().nullish(),
package/src/generated/zod/network-settings-schema.ts CHANGED
@@ -26,7 +26,8 @@ export const NetworkSettingsSchema = z.union([z.object({
26
26
  "subnet_name": z.string().describe("The name of the subnet to use"),
27
27
  "type": z.enum(["byo-vpc-gcp"])
28
28
  }), z.object({
29
- "private_subnet_name": z.string().describe("Name of the private subnet within the VNet"),
29
+ "application_gateway_subnet_name": z.string().describe("Name of the dedicated classic Application Gateway subnet within the VNet.").nullish(),
30
+ "private_subnet_name": z.string().describe("Name of the private subnet within the VNet"),
30
31
  "public_subnet_name": z.string().describe("Name of the public subnet within the VNet"),
31
32
  "type": z.enum(["byo-vnet-azure"]),
32
33
  "vnet_resource_id": z.string().describe("The full resource ID of the existing VNet")