@pulumi/azure 6.31.0-alpha.1766471064 → 6.31.0-alpha.1767033592

package/types/output.d.ts

@@ -3537,7 +3537,7 @@ export declare namespace appservice {
     }
     interface AppFlexConsumptionAlwaysReady {
         /**
-         * The instance count of the `alwaysReady` of the  Function App. The minimum number is `0`. The total number of `instanceCount` should not exceed the `maximumInstanceCount`.
+         * The instance count of the `alwaysReady` of the Function App. The minimum number is `0`. The total number of `instanceCount` should not exceed the `maximumInstanceCount`.
          */
         instanceCount?: number;
         /**
@@ -4231,7 +4231,7 @@ export declare namespace appservice {
          */
         scmUseMainIpRestriction?: boolean;
         /**
-         * Should the Linux Web App  Linux Function App use a 32-bit worker. Defaults to `false`.
+         * Should the Linux Web App Linux Function App use a 32-bit worker. Defaults to `false`.
          */
         use32BitWorker?: boolean;
         /**
@@ -11217,7 +11217,7 @@ export declare namespace appservice {
          */
         dockers?: outputs.appservice.LinuxFunctionAppSiteConfigApplicationStackDocker[];
         /**
-         * The version of .NET to use. Possible values include `3.1`, `6.0`, `7.0`, `8.0` and `9.0`.
+         * The version of .NET to use. Possible values include `3.1`, `6.0`, `7.0`, `8.0`, `9.0` and `10.0`.
          */
         dotnetVersion?: string;
         /**
@@ -12195,11 +12195,11 @@ export declare namespace appservice {
          */
         dockers?: outputs.appservice.LinuxFunctionAppSlotSiteConfigApplicationStackDocker[];
         /**
-         * The version of .Net. Possible values are `3.1`, `6.0`, `7.0`, `8.0` and `9.0`.
+         * The version of .Net. Possible values are `3.1`, `6.0`, `7.0`, `8.0`, `9.0` and `10.0`.
          */
         dotnetVersion?: string;
         /**
-         * The version of Java to use. Possible values are `8`, `11` & `17` (In-Preview).
+         * The version of Java to use. Possible values are `8`, `11`, `17` and `21`.
          */
         javaVersion?: string;
         /**
@@ -13230,7 +13230,7 @@ export declare namespace appservice {
          */
         scmIpRestrictions?: outputs.appservice.LinuxWebAppSiteConfigScmIpRestriction[];
         /**
-         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values are `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         scmMinimumTlsVersion?: string;
         scmType: string;
@@ -13275,7 +13275,7 @@ export declare namespace appservice {
          */
         dockerRegistryUsername?: string;
         /**
-         * The version of .NET to use. Possible values include `3.1`, `5.0`, `6.0`, `7.0`, `8.0` and `9.0`.
+         * The version of .NET to use. Possible values include `3.1`, `5.0`, `6.0`, `7.0`, `8.0`, `9.0`and `10.0`.
          */
         dotnetVersion?: string;
         /**
@@ -14330,7 +14330,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: string;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values are `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: string;
         /**
@@ -14350,7 +14350,7 @@ export declare namespace appservice {
          */
         scmIpRestrictions?: outputs.appservice.LinuxWebAppSlotSiteConfigScmIpRestriction[];
         /**
-         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values are `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         scmMinimumTlsVersion?: string;
         scmType: string;
@@ -14395,7 +14395,7 @@ export declare namespace appservice {
          */
         dockerRegistryUsername?: string;
         /**
-         * The version of .NET to use. Possible values include `3.1`, `5.0`, `6.0`, `7.0`, `8.0` and `9.0`.
+         * The version of .NET to use. Possible values include `3.1`, `5.0`, `6.0`, `7.0`, `8.0`, `9.0` and `10.0`.
          */
         dotnetVersion?: string;
         /**
@@ -14413,7 +14413,7 @@ export declare namespace appservice {
          */
         javaServerVersion?: string;
         /**
-         * The Version of Java to use. Possible values include `8`, `11`, and `17`.
+         * The Version of Java to use. Possible values are `8`, `11`, `17` and `21`.
          *
          * > **Note:** The valid version combinations for `javaVersion`, `javaServer` and `javaServerVersion` can be checked from the command line via `az webapp list-runtimes --os-type linux`.
          */
@@ -16185,7 +16185,7 @@ export declare namespace appservice {
     }
     interface WindowsFunctionAppSiteConfigApplicationStack {
         /**
-         * The version of .NET to use. Possible values include `v3.0`, `v4.0` `v6.0`, `v7.0`, `v8.0` and `v9.0`. Defaults to `v4.0`.
+         * The version of .NET to use. Possible values include `v3.0`, `v4.0` `v6.0`, `v7.0`, `v8.0`, `v9.0` and `v10.0`. Defaults to `v4.0`.
          */
         dotnetVersion?: string;
         /**
@@ -17121,11 +17121,11 @@ export declare namespace appservice {
     }
     interface WindowsFunctionAppSlotSiteConfigApplicationStack {
         /**
-         * The version of .Net. Possible values are `v3.0`, `v4.0`, `v6.0`, `v7.0`, `v8.0` and `v9.0`. Defaults to `v4.0`.
+         * The version of .Net. Possible values are `v3.0`, `v4.0`, `v6.0`, `v7.0`, `v8.0`, `v9.0` and `v10.0`. Defaults to `v4.0`.
          */
         dotnetVersion?: string;
         /**
-         * The version of Java to use. Possible values are `1.8`, `11` and `17` (In-Preview).
+         * The version of Java to use. Possible values are `1.8`, `11`, `17` and `21`.
          */
         javaVersion?: string;
         /**
@@ -18130,7 +18130,7 @@ export declare namespace appservice {
          */
         scmIpRestrictions?: outputs.appservice.WindowsWebAppSiteConfigScmIpRestriction[];
         /**
-         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values are `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         scmMinimumTlsVersion?: string;
         scmType: string;
@@ -18192,7 +18192,7 @@ export declare namespace appservice {
          */
         dotnetCoreVersion?: string;
         /**
-         * The version of .NET to use when `currentStack` is set to `dotnet`. Possible values include `v2.0`,`v3.0`, `v4.0`, `v5.0`, `v6.0`, `v7.0`, `v8.0` and `v9.0`.
+         * The version of .NET to use when `currentStack` is set to `dotnet`. Possible values include `v2.0`,`v3.0`, `v4.0`, `v5.0`, `v6.0`, `v7.0`, `v8.0`, `v9.0` and `v10.0`.
          *
          * > **Note:** The Portal displayed values and the actual underlying API values differ for this setting, as follows:
          * Portal Value | API value
@@ -18203,6 +18203,7 @@ export declare namespace appservice {
          * .NET 7 (STS) | v7.0
          * .NET 8 (LTS) | v8.0
          * .NET 9 (STS) | v9.0
+         * .NET 10 (LTS) | v10.0
          */
         dotnetVersion: string;
         /**
@@ -19318,7 +19319,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: string;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values are `1.1`, `1.3`, `1.2` and `1.0`. Defaults to `1.2`.
          */
         minimumTlsVersion?: string;
         /**
@@ -19338,7 +19339,7 @@ export declare namespace appservice {
          */
         scmIpRestrictions?: outputs.appservice.WindowsWebAppSlotSiteConfigScmIpRestriction[];
         /**
-         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests to the SCM site Possible values are `1.1`, `1.3`, `1.2` and `1.0`. Defaults to `1.2`.
          */
         scmMinimumTlsVersion?: string;
         scmType: string;
@@ -19398,7 +19399,7 @@ export declare namespace appservice {
          */
         dotnetCoreVersion?: string;
         /**
-         * The version of .NET to use when `currentStack` is set to `dotnet`. Possible values include `v2.0`,`v3.0`, `v4.0`, `v5.0`, `v6.0`, `v7.0`, `v8.0` and `v9.0`.
+         * The version of .NET to use when `currentStack` is set to `dotnet`. Possible values include `v2.0`,`v3.0`, `v4.0`, `v5.0`, `v6.0`, `v7.0`, `v8.0`, `v9.0` and `v10.0`.
          */
         dotnetVersion: string;
         /**
@@ -20068,7 +20069,7 @@ export declare namespace arcmachine {
          */
         tenantId: string;
         /**
-         * Specifies the type of Managed Service Identity assigned to this Arc Machine. At this time the only possible value is `SystemAssigned`. Changing this forces a new resource to be created.
+         * Specifies the type of Managed Service Identity assigned to this Arc Machine. At this time the only possible value is `SystemAssigned`.
          */
         type: string;
     }
@@ -20871,6 +20872,9 @@ export declare namespace automation {
          * The end time of the schedule.
          */
         expiryTime: string;
+        /**
+         * The time offset in minutes for the expiry time.
+         */
         expiryTimeOffsetMinutes?: number;
         /**
          * The frequency of the schedule. - can be either `OneTime`, `Day`, `Hour`, `Week`, or `Month`.
@@ -20890,11 +20894,17 @@ export declare namespace automation {
          */
         monthlyOccurrence?: outputs.automation.SoftwareUpdateConfigurationScheduleMonthlyOccurrence;
         nextRun: string;
+        /**
+         * The time offset in minutes for the next run time.
+         */
         nextRunOffsetMinutes?: number;
         /**
          * Start time of the schedule. Must be at least five minutes in the future. Defaults to seven minutes in the future from the time the resource is created.
          */
         startTime: string;
+        /**
+         * The time offset in minutes for the start time.
+         */
         startTimeOffsetMinutes?: number;
         /**
          * The timezone of the start time. Defaults to `Etc/UTC`. For possible values see: <https://docs.microsoft.com/en-us/rest/api/maps/timezone/gettimezoneenumwindows>
@@ -23473,7 +23483,13 @@ export declare namespace cdn {
     }
     interface FrontdoorFirewallPolicyManagedRuleOverrideRule {
         /**
-         * The action to be applied when the managed rule matches or when the anomaly score is 5 or greater. Possible values for `DefaultRuleSet 1.1` and below are `Allow`, `Log`, `Block`, or `Redirect`. Possible values for `DefaultRuleSet 2.0` and above are `Log` or `AnomalyScoring`. Possible values for `Microsoft_BotManagerRuleSet` are `Allow`, `Log`, `Block`, `Redirect`, or `JSChallenge`.
+         * The action to be applied when the managed rule matches or when the anomaly score is 5 or greater. Possible values are `Allow`, `CAPTCHA`, `Log`, `Block`, `Redirect`, `AnomalyScoring` and `JSChallenge`.
+         *
+         * > **Note:** Possible values for `DefaultRuleSet 1.1` and below are `Allow`, `Log`, `Block`, or `Redirect`.
+         *
+         * > **Note:** Possible values for `DefaultRuleSet 2.0` and above are `Log` or `AnomalyScoring`.
+         *
+         * > **Note:** Possible values for `Microsoft_BotManagerRuleSet` are `Allow`, `Log`, `Block`, `Redirect`, or `JSChallenge`.
          *
          * > **Note:** Please see the `DefaultRuleSet` [product documentation](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-drs?tabs=drs20#anomaly-scoring-mode) or the `Microsoft_BotManagerRuleSet` [product documentation](https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview) for more information.
          *
@@ -24400,7 +24416,6 @@ export declare namespace cognitive {
     interface AIServicesNetworkAcls {
         /**
          * Whether to allow trusted Azure Services to access the service. Possible values are `None` and `AzureServices`. Defaults to `AzureServices`.
-         * *
          */
         bypass?: string;
         /**
@@ -24510,6 +24525,24 @@ export declare namespace cognitive {
          */
         subnetId: string;
     }
+    interface AccountProjectIdentity {
+        /**
+         * Specifies a list of User Assigned Managed Identity IDs to be assigned to this Cognitive Account Project.
+         */
+        identityIds?: string[];
+        /**
+         * The Principal ID associated with this Managed Service Identity.
+         */
+        principalId: string;
+        /**
+         * The Tenant ID associated with this Managed Service Identity.
+         */
+        tenantId: string;
+        /**
+         * Specifies the type of Managed Service Identity that should be configured on this Cognitive Account Project. Possible values are `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned` (to enable both).
+         */
+        type: string;
+    }
     interface AccountRaiPolicyContentFilter {
         /**
          * Whether the filter should block content. Possible values are `true` or `false`.
@@ -24579,24 +24612,82 @@ export declare namespace cognitive {
          */
         tier?: string;
     }
+    interface GetAccountCustomerManagedKey {
+        /**
+         * The client ID of the managed identity associated with the storage resource.
+         */
+        identityClientId: string;
+        /**
+         * The ID of the Key Vault Key which is used to encrypt the data in this Cognitive Services Account.
+         */
+        keyVaultKeyId: string;
+    }
     interface GetAccountIdentity {
         /**
-         * The list of User Assigned Managed Identity IDs assigned to this Cognitive Account.
+         * The list of User Assigned Managed Identity IDs assigned to this Cognitive Services Account.
          */
         identityIds: string[];
         /**
-         * The Principal ID of the System Assigned Managed Service Identity that is configured on this Cognitive Account.
+         * The Principal ID of the System Assigned Managed Service Identity that is configured on this Cognitive Services Account.
          */
         principalId: string;
         /**
-         * The Tenant ID of the System Assigned Managed Service Identity that is configured on this Cognitive Account.
+         * The Tenant ID of the System Assigned Managed Service Identity that is configured on this Cognitive Services Account.
          */
         tenantId: string;
         /**
-         * The type of Managed Service Identity that is configured on this Cognitive Account.
+         * The type of Managed Service Identity that is configured on this Cognitive Services Account.
          */
         type: string;
     }
+    interface GetAccountNetworkAcl {
+        /**
+         * Whether trusted Azure Services are allowed to access the service.
+         */
+        bypass: string;
+        /**
+         * The Default Action to use when no rules match from `ipRules` / `virtualNetworkRules`.
+         */
+        defaultAction: string;
+        /**
+         * One or more IP Addresses, or CIDR Blocks that are able to access the Cognitive Services Account.
+         */
+        ipRules: string[];
+        /**
+         * A `virtualNetworkRules` block as defined below.
+         */
+        virtualNetworkRules: outputs.cognitive.GetAccountNetworkAclVirtualNetworkRule[];
+    }
+    interface GetAccountNetworkAclVirtualNetworkRule {
+        /**
+         * Whether missing vnet service endpoint is ignored or not.
+         */
+        ignoreMissingVnetServiceEndpoint: boolean;
+        /**
+         * The ID of the subnet which is able to access this Cognitive Services Account.
+         */
+        subnetId: string;
+    }
+    interface GetAccountNetworkInjection {
+        /**
+         * The feature that network injection is applied to.
+         */
+        scenario: string;
+        /**
+         * The ID of the subnet which is able to access this Cognitive Services Account.
+         */
+        subnetId: string;
+    }
+    interface GetAccountStorage {
+        /**
+         * The client ID of the managed identity associated with the storage resource.
+         */
+        identityClientId: string;
+        /**
+         * The ID of the Storage Account resource associated with this Cognitive Services Account.
+         */
+        storageAccountId: string;
+    }
 }
 export declare namespace communication {
     interface EmailServiceDomainVerificationRecord {
@@ -26922,7 +27013,7 @@ export declare namespace compute {
     }
     interface OrchestratedVirtualMachineScaleSetSkuProfile {
         /**
-         * Specifies the allocation strategy for the virtual machine scale set based on which the VMs will be allocated. Possible values are `LowestPrice` and `CapacityOptimized`.
+         * Specifies the allocation strategy for the virtual machine scale set based on which the VMs will be allocated. Possible values are `CapacityOptimized`, `LowestPrice` and `Prioritized`.
          */
         allocationStrategy: string;
         /**
@@ -29561,6 +29652,10 @@ export declare namespace containerapp {
          * One or more `container` blocks as detailed below.
          */
         containers: outputs.containerapp.AppTemplateContainer[];
+        /**
+         * The number of seconds to wait before scaling down the number of instances again. Defaults to `300`.
+         */
+        cooldownPeriodInSeconds?: number;
         /**
          * One or more `customScaleRule` blocks as defined below.
          */
@@ -29581,6 +29676,10 @@ export declare namespace containerapp {
          * The minimum number of replicas for this container.
          */
         minReplicas?: number;
+        /**
+         * The interval in seconds used for polling KEDA. Defaults to `30`.
+         */
+        pollingIntervalInSeconds?: number;
         /**
          * The suffix for the revision. This value must be unique for the lifetime of the Resource. If omitted the service will use a hash function to create one.
          */
@@ -30034,10 +30133,22 @@ export declare namespace containerapp {
          */
         storageName?: string;
         /**
-         * The type of storage volume. Possible values are `AzureFile`, `EmptyDir` and `Secret`. Defaults to `EmptyDir`.
+         * The type of storage volume. Possible values are `AzureFile`, `EmptyDir`, `NfsAzureFile` and `Secret`. Defaults to `EmptyDir`.
          */
         storageType?: string;
     }
+    interface EnvironmentCertificateCertificateKeyVault {
+        /**
+         * The managed identity to authenticate with Azure Key Vault. Possible values are the resource ID of user-assigned identity, and `System` for system-assigned identity. Defaults to `System`. Changing this forces a new resource to be created.
+         *
+         * > **Note:** Please make sure [required permissions](https://learn.microsoft.com/en-us/azure/container-apps/key-vault-certificates-manage) are correctly configured for your Key Vault and managed identity.
+         */
+        identity?: string;
+        /**
+         * The ID of the Key Vault Secret containing the certificate. Changing this forces a new resource to be created.
+         */
+        keyVaultSecretId: string;
+    }
     interface EnvironmentDaprComponentMetadata {
         /**
          * The name of the Metadata configuration item.
@@ -30054,11 +30165,11 @@ export declare namespace containerapp {
     }
     interface EnvironmentDaprComponentSecret {
         /**
-         * The identity to use for accessing key vault reference.
+         * The identity to use for accessing key vault reference. Possible values are the Resource ID of a User Assigned Managed Identity, or `System` to use the System Assigned Managed Identity.
          */
         identity?: string;
         /**
-         * The Key Vault Secret ID. Could be either one of `id` or `versionlessId`.
+         * The Key Vault Secret ID.
          */
         keyVaultSecretId?: string;
         /**
@@ -30096,7 +30207,7 @@ export declare namespace containerapp {
          */
         name: string;
         /**
-         * Workload profile type for the workloads to run on. Possible values include `Consumption`, `D4`, `D8`, `D16`, `D32`, `E4`, `E8`, `E16` and `E32`.
+         * Workload profile type for the workloads to run on. Possible values include `Consumption`, `Consumption-GPU-NC24-A100`, `Consumption-GPU-NC8as-T4`, `D4`, `D8`, `D16`, `D32`, `E4`, `E8`, `E16`, `E32`, `NC24-A100`, `NC48-A100` and `NC96-A100`.
          *
          * > **Note:** A `Consumption` type must have a name of `Consumption` and an environment may only have one `Consumption` Workload Profile.
          *
@@ -30294,6 +30405,10 @@ export declare namespace containerapp {
          * One or more `container` blocks as detailed below.
          */
         containers: outputs.containerapp.GetAppTemplateContainer[];
+        /**
+         * The number of seconds to wait before scaling down the number of instances again.
+         */
+        cooldownPeriodInSeconds: number;
         customScaleRules?: outputs.containerapp.GetAppTemplateCustomScaleRule[];
         httpScaleRules: outputs.containerapp.GetAppTemplateHttpScaleRule[];
         /**
@@ -30308,6 +30423,10 @@ export declare namespace containerapp {
          * The minimum number of replicas for this container.
          */
         minReplicas: number;
+        /**
+         * The interval in seconds used for polling KEDA.
+         */
+        pollingIntervalInSeconds: number;
         /**
          * The suffix string to which this `trafficWeight` applies.
          */
@@ -30742,7 +30861,7 @@ export declare namespace containerapp {
          */
         authentications?: outputs.containerapp.JobEventTriggerConfigScaleRuleAuthentication[];
         /**
-         * Type of the scale rule.
+         * Type of the scale rule. Possible values are `activemq`, `artemis-queue`, `kafka`, `pulsar`, `aws-cloudwatch`, `aws-dynamodb`, `aws-dynamodb-streams`, `aws-kinesis-stream`, `aws-sqs-queue`, `azure-app-insights`, `azure-blob`, `azure-data-explorer`, `azure-eventhub`, `azure-log-analytics`, `azure-monitor`, `azure-pipelines`, `azure-servicebus`, `azure-queue`, `cassandra`, `cpu`, `cron`, `datadog`, `elasticsearch`, `external`, `external-push`, `gcp-stackdriver`, `gcp-storage`, `gcp-pubsub`, `graphite`, `http`, `huawei-cloudeye`, `ibmmq`, `influxdb`, `kubernetes-workload`, `liiklus`, `memory`, `metrics-api`, `mongodb`, `mssql`, `mysql`, `nats-jetstream`, `stan`, `tcp`, `new-relic`, `openstack-metric`, `openstack-swift`, `postgresql`, `predictkube`, `prometheus`, `rabbitmq`, `redis`, `redis-cluster`, `redis-sentinel`, `redis-streams`, `redis-cluster-streams`, `redis-sentinel-streams`, `selenium-grid`, `solace-event-queue` and `github-runner`.
          */
         customRuleType: string;
         /**
@@ -30780,7 +30899,7 @@ export declare namespace containerapp {
          */
         tenantId: string;
         /**
-         * The type of identity used for the Container App Job. Possible values are `SystemAssigned`, `UserAssigned` and `None`. Defaults to `None`.
+         * The type of identity used for the Container App Job. Possible values are `SystemAssigned`, `UserAssigned` and `None`.
          */
         type: string;
     }
@@ -31190,7 +31309,7 @@ export declare namespace containerapp {
          */
         storageName?: string;
         /**
-         * The type of storage to use for the volume. Possible values are `AzureFile`, `EmptyDir` and `Secret`.
+         * The type of storage to use for the volume. Possible values are `AzureFile`, `EmptyDir`, `NfsAzureFile` and `Secret`. Defaults to `EmptyDir`.
          */
         storageType?: string;
     }
@@ -32588,6 +32707,9 @@ export declare namespace containerservice {
          * Should the nodes in this Node Pool have Federal Information Processing Standard enabled? `temporaryNameForRotation` must be specified when changing this block.
          */
         fipsEnabled?: boolean;
+        /**
+         * Specifies the driver type for GPU nodes. Possible values are `Install` and `None`. Changing this forces a new resource to be created.
+         */
         gpuDriver?: string;
         /**
          * Specifies the GPU MIG instance profile for supported GPU VM SKU. The allowed values are `MIG1g`, `MIG2g`, `MIG3g`, `MIG4g` and `MIG7g`. Changing this forces a new resource to be created.
@@ -32953,7 +33075,9 @@ export declare namespace containerservice {
          */
         maxSurge: string;
         /**
-         * The amount of time in minutes to wait after draining a node and before reimaging and moving on to next node. Defaults to `0`. <!-- The 0 default happens in code, not in Schema -->
+         * The amount of time in minutes to wait after draining a node and before reimaging and moving on to next node.
+         *
+         * > **Note:** The default value for `nodeSoakDurationInMinutes` is `0`. <!-- The 0 default happens in code, not in Schema -->.
          */
         nodeSoakDurationInMinutes?: number;
         /**
@@ -33753,6 +33877,13 @@ export declare namespace containerservice {
          */
         outboundNatEnabled?: boolean;
     }
+    interface KubernetesClusterNodeProvisioningProfile {
+        /**
+         * Specifies whether default node pools should be provisioned automatically. Possible values are `Auto` and `None`. Defaults to `Auto`. At least one of `mode` or `defaultNodePools` must be specified.
+         */
+        defaultNodePools?: string;
+        mode?: string;
+    }
     interface KubernetesClusterOmsAgent {
         /**
          * The ID of the Log Analytics Workspace which the OMS Agent should send data to.
@@ -33875,7 +34006,7 @@ export declare namespace containerservice {
     }
     interface KubernetesClusterWebAppRouting {
         /**
-         * Specifies the ingress type for the default `NginxIngressController` custom resource. The allowed values are `None`, `Internal`, `External` and `AnnotationControlled`. It defaults to `AnnotationControlled`.
+         * Specifies the ingress type for the default `NginxIngressController` custom resource. The allowed values are `None`, `Internal`, `External` and `AnnotationControlled`. Defaults to `AnnotationControlled`.
          */
         defaultNginxController?: string;
         /**
@@ -35299,6 +35430,38 @@ export declare namespace cosmosdb {
          */
         value: string;
     }
+    interface MongoClusterCustomerManagedKey {
+        /**
+         * The ID of the key vault key used for encryption. For example: `https://example-vault-name.vault.azure.net/keys/example-key-name`.
+         */
+        keyVaultKeyId: string;
+        /**
+         * The ID of the User Assigned Identity that has access to the Key Vault Key.
+         */
+        userAssignedIdentityId: string;
+    }
+    interface MongoClusterIdentity {
+        /**
+         * A list of one or more Resource IDs for User Assigned Managed identities to assign.
+         *
+         * > **Note:** Required when `type` is set to `UserAssigned`.
+         */
+        identityIds: string[];
+        /**
+         * The type of managed identity to assign. Possible value is `UserAssigned`.
+         */
+        type: string;
+    }
+    interface MongoClusterRestore {
+        /**
+         * The point in time (in UTC) to restore from, in ISO 8601 format (e.g., `2024-01-01T00:00:00Z`). Changing this forces a new resource to be created.
+         */
+        pointInTimeUtc: string;
+        /**
+         * The ID of the source MongoDB Cluster to restore from. Changing this forces a new resource to be created.
+         */
+        sourceId: string;
+    }
     interface MongoCollectionAutoscaleSettings {
         /**
          * The maximum throughput of the MongoDB collection (RU/s). Must be between `1,000` and `1,000,000`. Must be set in increments of `1,000`. Conflicts with `throughput`.
@@ -37891,7 +38054,7 @@ export declare namespace dataprotection {
         scheduledBackupTimes?: string[];
         /**
          * Possible values are `First`, `Second`, `Third`, `Fourth` and `Last`. Changing this forces a new resource to be created.
-         * *
+         *
          * > **Note:** When not using `absoluteCriteria`, you must use exactly one of `daysOfMonth` or `daysOfWeek`. Regarding the remaining two properties, `weeksOfMonth` and `monthsOfYear`, you may use either, both, or neither. If you would like to set multiple intervals, you may do so by using multiple `retentionRule` blocks.
          */
         weeksOfMonths?: string[];
@@ -37946,7 +38109,7 @@ export declare namespace dataprotection {
          */
         absoluteCriteria?: string;
         /**
-         * Possible values are `Monday`, `Tuesday`, `Thursday`, `Friday`, `Saturday` and `Sunday`. Changing this forces a new resource to be created.
+         * Possible values are `Monday`, `Tuesday`, `Wednesday`, `Thursday`, `Friday`, `Saturday` and `Sunday`. Changing this forces a new resource to be created.
          */
         daysOfWeeks?: string[];
         /**
@@ -38014,7 +38177,7 @@ export declare namespace dataprotection {
          */
         absoluteCriteria?: string;
         /**
-         * Possible values are `Monday`, `Tuesday`, `Thursday`, `Friday`, `Saturday` and `Sunday`. Changing this forces a new resource to be created.
+         * Possible values are `Monday`, `Tuesday`, `Wednesday`, `Thursday`, `Friday`, `Saturday` and `Sunday`. Changing this forces a new resource to be created.
          */
         daysOfWeeks?: string[];
         /**
@@ -38856,9 +39019,12 @@ export declare namespace dns {
          * The expire time for the SOA record. Defaults to `2419200`.
          */
         expireTime?: number;
+        /**
+         * The fully qualified domain name.
+         */
         fqdn: string;
         /**
-         * The domain name of the authoritative name server for the SOA record. If not set, computed value from Azure will be used.
+         * The domain name of the authoritative name server for the SOA record.
          */
         hostName: string;
         /**
@@ -40867,7 +41033,7 @@ export declare namespace eventhub {
     }
     interface EventHubRetentionDescription {
         /**
-         * Specifies the Cleanup Policy for the EventHub. Possible values are `Delete` and `Compact`.
+         * Specifies the Cleanup Policy for the EventHub. Possible values are `Delete` and `Compact`. Changing this forces a new resource to be created.
          */
         cleanupPolicy: string;
         /**
@@ -42146,6 +42312,9 @@ export declare namespace hdinsight {
          * The ID of the private link service group.
          */
         groupId: string;
+        /**
+         * An `ipConfiguration` block as defined below.
+         */
         ipConfiguration: outputs.hdinsight.HBaseClusterPrivateLinkConfigurationIpConfiguration;
         /**
          * The name of the private link configuration.
@@ -42154,7 +42323,7 @@ export declare namespace hdinsight {
     }
     interface HBaseClusterPrivateLinkConfigurationIpConfiguration {
         /**
-         * Specifies the name for this HDInsight HBase Cluster. Changing this forces a new resource to be created.
+         * The name of the IP configuration.
          */
         name: string;
         /**
@@ -42166,9 +42335,12 @@ export declare namespace hdinsight {
          */
         privateIpAddress?: string;
         /**
-         * The private IP allocation method. The only possible value now is `Dynamic`.
+         * The private IP allocation method. Possible values are `Dynamic` and `Static`.
          */
         privateIpAllocationMethod?: string;
+        /**
+         * The ID of the Subnet within the Virtual Network where the IP configuration should be provisioned.
+         */
         subnetId?: string;
     }
     interface HBaseClusterRoles {
@@ -42594,6 +42766,9 @@ export declare namespace hdinsight {
          * The ID of the private link service group.
          */
         groupId: string;
+        /**
+         * An `ipConfiguration` block as defined below.
+         */
         ipConfiguration: outputs.hdinsight.HadoopClusterPrivateLinkConfigurationIpConfiguration;
         /**
          * The name of the private link configuration.
@@ -42602,18 +42777,24 @@ export declare namespace hdinsight {
     }
     interface HadoopClusterPrivateLinkConfigurationIpConfiguration {
         /**
-         * Specifies the name for this HDInsight Hadoop Cluster. Changing this forces a new resource to be created.
+         * The name of the IP configuration.
          */
         name: string;
         /**
          * Indicates whether this IP configuration is primary.
          */
         primary?: boolean;
+        /**
+         * The private IP address of the IP configuration.
+         */
         privateIpAddress?: string;
         /**
-         * The private IP allocation method. The only possible value now is `Dynamic`.
+         * The private IP allocation method. Possible values are `Dynamic` and `Static`.
          */
         privateIpAllocationMethod?: string;
+        /**
+         * The ID of the Subnet within the Virtual Network where the IP configuration should be provisioned.
+         */
         subnetId?: string;
     }
     interface HadoopClusterRoles {
@@ -43129,6 +43310,9 @@ export declare namespace hdinsight {
          * The ID of the private link service group.
          */
         groupId: string;
+        /**
+         * An `ipConfiguration` block as defined below.
+         */
         ipConfiguration: outputs.hdinsight.InteractiveQueryClusterPrivateLinkConfigurationIpConfiguration;
         /**
          * The name of the private link configuration.
@@ -43137,7 +43321,7 @@ export declare namespace hdinsight {
     }
     interface InteractiveQueryClusterPrivateLinkConfigurationIpConfiguration {
         /**
-         * Specifies the name for this HDInsight Interactive Query Cluster. Changing this forces a new resource to be created.
+         * The name of the IP configuration.
          */
         name: string;
         /**
@@ -43149,9 +43333,12 @@ export declare namespace hdinsight {
          */
         privateIpAddress?: string;
         /**
-         * The private IP allocation method. The only possible value now is `Dynamic`.
+         * The private IP allocation method. Possible values are `Dynamic` and `Static`.
          */
         privateIpAllocationMethod?: string;
+        /**
+         * The ID of the Subnet within the Virtual Network where the IP configuration should be provisioned.
+         */
         subnetId?: string;
     }
     interface InteractiveQueryClusterRoles {
@@ -43579,6 +43766,9 @@ export declare namespace hdinsight {
          * The ID of the private link service group.
          */
         groupId: string;
+        /**
+         * An `ipConfiguration` block as defined below.
+         */
         ipConfiguration: outputs.hdinsight.KafkaClusterPrivateLinkConfigurationIpConfiguration;
         /**
          * The name of the private link configuration.
@@ -43587,7 +43777,7 @@ export declare namespace hdinsight {
     }
     interface KafkaClusterPrivateLinkConfigurationIpConfiguration {
         /**
-         * Specifies the name for this HDInsight Kafka Cluster. Changing this forces a new resource to be created.
+         * The name of the IP configuration.
          */
         name: string;
         /**
@@ -43599,9 +43789,12 @@ export declare namespace hdinsight {
          */
         privateIpAddress?: string;
         /**
-         * The private IP allocation method. The only possible value now is `Dynamic`.
+         * The private IP allocation method. Possible values are `Dynamic` and `Static`.
          */
         privateIpAllocationMethod?: string;
+        /**
+         * The ID of the Subnet within the Virtual Network where the IP configuration should be provisioned.
+         */
         subnetId?: string;
     }
     interface KafkaClusterRestProxy {
@@ -44063,6 +44256,9 @@ export declare namespace hdinsight {
          * The ID of the private link service group.
          */
         groupId: string;
+        /**
+         * An `ipConfiguration` block as defined below.
+         */
         ipConfiguration: outputs.hdinsight.SparkClusterPrivateLinkConfigurationIpConfiguration;
         /**
          * The name of the private link configuration.
@@ -44071,7 +44267,7 @@ export declare namespace hdinsight {
     }
     interface SparkClusterPrivateLinkConfigurationIpConfiguration {
         /**
-         * Specifies the name for this HDInsight Spark Cluster. Changing this forces a new resource to be created.
+         * The name of the IP configuration.
          */
         name: string;
         /**
@@ -44083,9 +44279,12 @@ export declare namespace hdinsight {
          */
         privateIpAddress?: string;
         /**
-         * The private IP allocation method. The only possible value now is `Dynamic`.
+         * The private IP allocation method. Possible values are `Dynamic` and `Static`.
          */
         privateIpAllocationMethod?: string;
+        /**
+         * The ID of the Subnet within the Virtual Network where the IP configuration should be provisioned.
+         */
         subnetId?: string;
     }
     interface SparkClusterRoles {
@@ -46626,7 +46825,7 @@ export declare namespace loadtest {
 export declare namespace loganalytics {
     interface ClusterIdentity {
         /**
-         * A list of User Assigned Managed Identity IDs to be assigned to this Windows Web App Slot.
+         * A list of User Assigned Managed Identity IDs to be assigned to this Windows Web App Slot. Changing this forces a new resource to be created.
          *
          * > **Note:** This is required when `type` is set to `UserAssigned`.
          */
@@ -46640,12 +46839,50 @@ export declare namespace loganalytics {
          */
         tenantId: string;
         /**
-         * Specifies the type of Managed Service Identity that should be configured on this Log Analytics Cluster. Possible values are `SystemAssigned` and  `UserAssigned`. Changing this forces a new resource to be created.
+         * Specifies the type of Managed Service Identity that should be configured on this Log Analytics Cluster. Possible values are `SystemAssigned` and `UserAssigned`. Changing this forces a new resource to be created.
          *
          * > **Note:** The assigned `principalId` and `tenantId` can be retrieved after the identity `type` has been set to `SystemAssigned` and the Log Analytics Cluster has been created. More details are available below.
          */
         type: string;
     }
+    interface WorkspaceTableCustomLogColumn {
+        /**
+         * The description of the column.
+         */
+        description?: string;
+        /**
+         * The display name of the column.
+         */
+        displayName?: string;
+        /**
+         * Specifies the name of the column.
+         */
+        name: string;
+        /**
+         * The data type of the column. Possible values are `boolean`, `datetime`, `dynamic`, `guid`, `int`, `long`, `real`, and `string`.
+         */
+        type: string;
+    }
+    interface WorkspaceTableCustomLogStandardColumn {
+        /**
+         * The description of the table.
+         */
+        description: string;
+        /**
+         * The display name of the table.
+         */
+        displayName: string;
+        /**
+         * Specifies the name of the Log Analytics Workspace Table Custom Log. Changing this forces a new resource to be created.
+         *
+         * > **Note:** `name` must end with `_CL`.
+         */
+        name: string;
+        /**
+         * The data type of the standard column.
+         */
+        type: string;
+    }
 }
 export declare namespace logicapps {
     interface ActionHttpRunAfter {
@@ -47110,7 +47347,7 @@ export declare namespace logicapps {
          */
         linuxFxVersion: string;
         /**
-         * The minimum supported TLS version for the Logic App. Possible values are `1.0`, `1.1`, and `1.2`. Defaults to `1.2` for new Logic Apps.
+         * The minimum supported TLS version for the Logic App. Possible values are `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2` for new Logic Apps.
          *
          * > **Note:** Azure Services will require TLS 1.2+ by August 2025, please see this [announcement](https://azure.microsoft.com/en-us/updates/v2/update-retirement-tls1-0-tls1-1-versions-azure-services/) for more.
          */
@@ -47134,7 +47371,7 @@ export declare namespace logicapps {
          */
         scmIpRestrictions?: outputs.logicapps.StandardSiteConfigScmIpRestriction[];
         /**
-         * Configures the minimum version of TLS required for SSL requests to the SCM site. Possible values are `1.0`, `1.1` and `1.2`.
+         * Configures the minimum version of TLS required for SSL requests to the SCM site. Possible values are `1.0`, `1.1`, `1.2` and `1.3`.
          *
          * > **Note:** Azure Services will require TLS 1.2+ by August 2025, please see this [announcement](https://azure.microsoft.com/en-us/updates/v2/update-retirement-tls1-0-tls1-1-versions-azure-services/) for more.
          */
@@ -47394,7 +47631,7 @@ export declare namespace logicapps {
 export declare namespace machinelearning {
     interface ComputeClusterIdentity {
         /**
-         * Specifies a list of User Assigned Managed Identity IDs to be assigned to this Machine Learning Compute Cluster. Changing this forces a new resource to be created.
+         * Specifies a list of User Assigned Managed Identity IDs to be assigned to this Machine Learning Compute Cluster.
          *
          * > **Note:** This is required when `type` is set to `UserAssigned` or `SystemAssigned, UserAssigned`.
          */
@@ -47408,7 +47645,7 @@ export declare namespace machinelearning {
          */
         tenantId: string;
         /**
-         * Specifies the type of Managed Service Identity that should be configured on this Machine Learning Compute Cluster. Possible values are `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned` (to enable both). Changing this forces a new resource to be created.
+         * Specifies the type of Managed Service Identity that should be configured on this Machine Learning Compute Cluster. Possible values are `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned` (to enable both).
          */
         type: string;
     }
@@ -47542,7 +47779,7 @@ export declare namespace machinelearning {
          */
         leafDomainLabel?: string;
         /**
-         * Whether or not to overwrite existing leaf domain. Conflicts with `ssl[0].cert`,`ssl[0].key`,`ssl[0].cname` Changing this forces a new Machine Learning Inference Cluster to be created. Defaults to `""`.
+         * Whether or not to overwrite existing leaf domain. Conflicts with `ssl[0].cert`,`ssl[0].key`,`ssl[0].cname` Changing this forces a new Machine Learning Inference Cluster to be created.
          */
         overwriteExistingDomain?: boolean;
     }
@@ -47648,7 +47885,7 @@ export declare namespace maintenance {
          */
         locations?: string[];
         /**
-         * Specifies a list of allowed operating systems.
+         * Specifies a list of allowed operating systems. Possible values are `Linux` and `Windows`.
          */
         osTypes?: string[];
         /**
@@ -47656,7 +47893,7 @@ export declare namespace maintenance {
          */
         resourceGroups?: string[];
         /**
-         * Specifies a list of allowed resources.
+         * Specifies a list of allowed resources. Possible values are `Microsoft.Compute/virtualMachines` and `Microsoft.HybridCompute/machines`.
          */
         resourceTypes?: string[];
         /**
@@ -47664,7 +47901,7 @@ export declare namespace maintenance {
          */
         tagFilter?: string;
         /**
-         * A mapping of tags for the VM
+         * One or more `tags` blocks as defined below.
          */
         tags?: outputs.maintenance.AssignmentDynamicScopeFilterTag[];
     }
@@ -47979,10 +48216,22 @@ export declare namespace managedredis {
          * A list of linked database IDs for geo-replication.
          */
         geoReplicationLinkedDatabaseIds: string[];
+        /**
+         * The ID of the Managed Redis Database Instance.
+         */
+        id: string;
         /**
          * A list of `module` blocks as defined below.
          */
         modules: outputs.managedredis.GetDefaultDatabaseModule[];
+        /**
+         * The frequency of Append Only File (AOF) backups.
+         */
+        persistenceAppendOnlyFileBackupFrequency: string;
+        /**
+         * The frequency of Redis Database (RDB) backups.
+         */
+        persistenceRedisDatabaseBackupFrequency: string;
         /**
          * The TCP port of the database endpoint.
          */
@@ -48048,7 +48297,9 @@ export declare namespace managedredis {
          */
         clientProtocol?: string;
         /**
-         * Clustering policy specified at create time. Possible values are `EnterpriseCluster` and `OSSCluster`. Defaults to `OSSCluster`. Changing this forces a new database to be created, data will be lost and Managed Redis will be unavailable during the operation.
+         * Clustering policy specified at create time. Possible values are `EnterpriseCluster`, `OSSCluster` and `NoCluster`. Defaults to `OSSCluster`.
+         *
+         * !> **Note:** Changing `clusteringPolicy` forces database recreation. Data will be lost and Managed Redis will be unavailable during the operation.
          */
         clusteringPolicy?: string;
         /**
@@ -48056,13 +48307,27 @@ export declare namespace managedredis {
          */
         evictionPolicy?: string;
         /**
-         * The name of the geo-replication group. If provided, a geo-replication group will be created for this database with itself as the only member. Use `azurermManagedRedisDatabaseGeoReplication` resource to manage group membership, linking and unlinking. All databases to be linked have to have the same group name. Refer to the [Managed Redis geo-replication documentation](https://learn.microsoft.com/azure/redis/how-to-active-geo-replication) for more information. Changing this forces a new database to be created, data will be lost and Managed Redis will be unavailable during the operation.
+         * The name of the geo-replication group. If provided, a geo-replication group will be created for this database with itself as the only member. Use `azurermManagedRedisDatabaseGeoReplication` resource to manage group membership, linking and unlinking. All databases to be linked have to have the same group name. Refer to the [Managed Redis geo-replication documentation](https://learn.microsoft.com/azure/redis/how-to-active-geo-replication) for more information.
+         *
+         * !> **Note:** Changing `geoReplicationGroupName` forces database recreation. Data will be lost and Managed Redis will be unavailable during the operation.
          */
         geoReplicationGroupName?: string;
+        /**
+         * The ID of the Managed Redis Database Instance.
+         */
+        id: string;
         /**
          * A `module` block as defined below. Refer to [the modules documentation](https://learn.microsoft.com/azure/redis/redis-modules) to learn more.
          */
         modules?: outputs.managedredis.ManagedRedisDefaultDatabaseModule[];
+        /**
+         * The frequency of Append Only File (AOF) backups. The only possible value is `1s`. Providing this value implies AOF persistence method is enabled. Conflicts with `persistenceRedisDatabaseBackupFrequency`, only one persistence method is allowed. Conflicts with `geoReplicationGroupName`, persistence can only be enabled on non-geo-replicated databases. Refer to [the persistence documentation](https://learn.microsoft.com/azure/redis/how-to-persistence) to learn more.
+         */
+        persistenceAppendOnlyFileBackupFrequency?: string;
+        /**
+         * The frequency of Redis Database (RDB) backups. Possible values are `1h`, `6h` and `12h`. Providing this value implies RDB persistence method is enabled. Conflicts with `persistenceAppendOnlyFileBackupFrequency`, only one persistence method is allowed. Conflicts with `geoReplicationGroupName`, persistence can only be enabled on non-geo-replicated databases. Refer to [the persistence documentation](https://learn.microsoft.com/azure/redis/how-to-persistence) to learn more.
+         */
+        persistenceRedisDatabaseBackupFrequency?: string;
         /**
          * TCP port of the database endpoint.
          */
@@ -48078,13 +48343,17 @@ export declare namespace managedredis {
     }
     interface ManagedRedisDefaultDatabaseModule {
         /**
-         * Configuration options for the module (e.g. `ERROR_RATE 0.00 INITIAL_SIZE 400`). Changing this forces a new database to be created, data will be lost and Managed Redis will be unavailable during the operation.
+         * Configuration options for the module (e.g. `ERROR_RATE 0.00 INITIAL_SIZE 400`).
+         *
+         * !> **Note:** Changing `args` forces database recreation. Data will be lost and Managed Redis will be unavailable during the operation.
          *
          * > **Note:** Only `RediSearch` and `RedisJSON` modules are allowed with geo-replication.
          */
         args?: string;
         /**
-         * The name which should be used for this module. Possible values are `RedisBloom`, `RedisTimeSeries`, `RediSearch` and `RedisJSON`. Changing this forces a new database to be created, data will be lost and Managed Redis will be unavailable during the operation.
+         * The name which should be used for this module. Possible values are `RedisBloom`, `RedisTimeSeries`, `RediSearch` and `RedisJSON`.
+         *
+         * !> **Note:** Changing `name` forces database recreation. Data will be lost and Managed Redis will be unavailable during the operation.
          */
         name: string;
         /**
@@ -48251,643 +48520,62 @@ export declare namespace maps {
         type: string;
     }
 }
-export declare namespace mobile {
-    interface GetNetworkAttachedDataNetworkNetworkAddressPortTranslation {
-        icmpPinholeTimeoutInSeconds: number;
-        pinholeMaximumNumber?: number;
-        /**
-         * A `portRange` block as defined below.
-         */
-        portRanges: outputs.mobile.GetNetworkAttachedDataNetworkNetworkAddressPortTranslationPortRange[];
-        tcpPinholeTimeoutInSeconds: number;
-        /**
-         * Minimum time in seconds that will pass before a TCP port that was used by a closed pinhole can be reused.
-         */
-        tcpPortReuseMinimumHoldTimeInSeconds: number;
-        udpPinholeTimeoutInSeconds: number;
-        /**
-         * Minimum time in seconds that will pass before a UDP port that was used by a closed pinhole can be reused.
-         */
-        udpPortReuseMinimumHoldTimeInSeconds: number;
-    }
-    interface GetNetworkAttachedDataNetworkNetworkAddressPortTranslationPortRange {
-        /**
-         * The maximum port number.
-         */
-        maximum: number;
-        /**
-         * The minimum port number.
-         */
-        minimum: number;
-    }
-    interface GetNetworkPacketCoreControlPlaneIdentity {
-        /**
-         * A list of User Assigned Managed Identity IDs assigned to this resource.
-         */
-        identityIds: string[];
-        /**
-         * The platform type where the packet core is deployed.
-         */
-        type: string;
-    }
-    interface GetNetworkPacketCoreControlPlaneLocalDiagnosticsAccess {
-        /**
-         * How to authenticate users who access local diagnostics APIs.
-         */
-        authenticationType: string;
-        /**
-         * The versionless certificate URL used to secure local access to packet core diagnostics over local APIs by the Kubernetes ingress.
-         */
-        httpsServerCertificateUrl: string;
-    }
-    interface GetNetworkPacketCoreControlPlanePlatform {
-        /**
-         * The ID of Azure Arc connected cluster where the packet core is deployed.
-         */
-        arcKubernetesClusterId: string;
-        /**
-         * The ID of Azure Arc custom location where the packet core is deployed.
-         */
-        customLocationId: string;
-        /**
-         * The ID of Azure Stack Edge device where the packet core is deployed.
-         */
-        edgeDeviceId: string;
-        /**
-         * The ID of Azure Stack HCI cluster where the packet core is deployed.
-         */
-        stackHciClusterId: string;
-        /**
-         * The platform type where the packet core is deployed.
-         */
-        type: string;
-    }
-    interface GetNetworkServicePccRule {
-        /**
-         * Specifies the name which should be used for this Mobile Network Service.
-         */
-        name: string;
-        /**
-         * A precedence value that is used to decide between data flow policy rules when identifying the QoS values to use for a particular SIM. A lower value means a higher priority.
-         */
-        precedence: number;
-        /**
-         * A `ruleQosPolicy` block as defined below. The QoS policy to use for packets matching this rule.
-         */
-        qosPolicies: outputs.mobile.GetNetworkServicePccRuleQosPolicy[];
-        /**
-         * A `serviceDataFlowTemplate` block as defined below. The set of service data flow templates to use for this PCC rule.
-         */
-        serviceDataFlowTemplates: outputs.mobile.GetNetworkServicePccRuleServiceDataFlowTemplate[];
-        /**
-         * Determines whether flows that match this data flow policy rule are permitted.
-         */
-        trafficControlEnabled: boolean;
-    }
-    interface GetNetworkServicePccRuleQosPolicy {
-        /**
-         * QoS Flow allocation and retention priority (ARP) level.
-         */
-        allocationAndRetentionPriorityLevel: number;
-        /**
-         * A `guaranteedBitRate` block as defined below. The Guaranteed Bit Rate (GBR) for all service data flows that use this PCC Rule.
-         */
-        guaranteedBitRates: outputs.mobile.GetNetworkServicePccRuleQosPolicyGuaranteedBitRate[];
-        /**
-         * A `maximumBitRate` block as defined below. The Maximum Bit Rate (MBR) for all service data flows that use this PCC Rule or Service.
-         */
-        maximumBitRates: outputs.mobile.GetNetworkServicePccRuleQosPolicyMaximumBitRate[];
-        /**
-         * The Preemption Capability of a QoS Flow controls whether it can preempt another QoS Flow with a lower priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        preemptionCapability: string;
-        /**
-         * The Preemption Vulnerability of a QoS Flow controls whether it can be preempted by QoS Flow with a higher priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        preemptionVulnerability: string;
-        /**
-         * The QoS Indicator (5QI for 5G network /QCI for 4G net work) value identifies a set of QoS characteristics that control QoS forwarding treatment for QoS flows or EPS bearers.
-         */
-        qosIndicator: number;
-    }
-    interface GetNetworkServicePccRuleQosPolicyGuaranteedBitRate {
-        /**
-         * Downlink bit rate.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate.
-         */
-        uplink: string;
-    }
-    interface GetNetworkServicePccRuleQosPolicyMaximumBitRate {
-        /**
-         * Downlink bit rate.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate.
-         */
-        uplink: string;
-    }
-    interface GetNetworkServicePccRuleServiceDataFlowTemplate {
+export declare namespace mongocluster {
+    interface MongoClusterConnectionString {
         /**
-         * The direction of this flow. Possible values are `Uplink`, `Downlink` and `Bidirectional`.
+         * The description of the connection string.
          */
-        direction: string;
+        description: string;
         /**
-         * Specifies the name which should be used for this Mobile Network Service.
+         * The name which should be used for the MongoDB Cluster. Changing this forces a new resource to be created.
          */
         name: string;
         /**
-         * The port(s) to which UEs will connect for this flow. You can specify zero or more ports or port ranges.
-         */
-        ports: string[];
-        /**
-         * A list of the allowed protocol(s) for this flow.
-         */
-        protocols: string[];
-        /**
-         * The remote IP address(es) to which UEs will connect for this flow.
-         */
-        remoteIpLists: string[];
-    }
-    interface GetNetworkServiceServiceQosPolicy {
-        /**
-         * QoS Flow allocation and retention priority (ARP) level.
-         */
-        allocationAndRetentionPriorityLevel: number;
-        /**
-         * A `maximumBitRate` block as defined below. The Maximum Bit Rate (MBR) for all service data flows that use this PCC Rule or Service.
-         */
-        maximumBitRates: outputs.mobile.GetNetworkServiceServiceQosPolicyMaximumBitRate[];
-        /**
-         * The Preemption Capability of a QoS Flow controls whether it can preempt another QoS Flow with a lower priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        preemptionCapability: string;
-        /**
-         * The Preemption Vulnerability of a QoS Flow controls whether it can be preempted by QoS Flow with a higher priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        preemptionVulnerability: string;
-        /**
-         * The QoS Indicator (5QI for 5G network /QCI for 4G net work) value identifies a set of QoS characteristics that control QoS forwarding treatment for QoS flows or EPS bearers.
-         */
-        qosIndicator: number;
-    }
-    interface GetNetworkServiceServiceQosPolicyMaximumBitRate {
-        /**
-         * Downlink bit rate.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate.
-         */
-        uplink: string;
-    }
-    interface GetNetworkSimGroupIdentity {
-        /**
-         * A list of User Assigned Managed Identity IDs assigned to this resource.
-         */
-        identityIds: string[];
-        principalId: string;
-        tenantId: string;
-        /**
-         * The type of Managed Service Identity. Possible values are `SystemAssigned`, `UserAssigned`.
-         */
-        type: string;
-    }
-    interface GetNetworkSimPolicySlice {
-        /**
-         * An array of `dataNetwork` block as defined below.
-         */
-        dataNetworks: outputs.mobile.GetNetworkSimPolicySliceDataNetwork[];
-        /**
-         * The ID of default data network to use if the UE does not explicitly specify it.
-         */
-        defaultDataNetworkId: string;
-        /**
-         * The ID of the slice that these settings apply to.
-         */
-        sliceId: string;
-    }
-    interface GetNetworkSimPolicySliceDataNetwork {
-        /**
-         * Allowed session types in addition to the default session type.
-         */
-        additionalAllowedSessionTypes: string[];
-        /**
-         * Default QoS Flow allocation and retention priority (ARP) level. Flows with higher priority preempt flows with lower priority, if the settings of `preemptionCapability` and `preemptionVulnerability` allow it. 1 is the highest level of priority. If this field is not specified then `qosIndicator` is used to derive the ARP value. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        allocationAndRetentionPriorityLevel: number;
-        /**
-         * An array of IDs of services that can be used as part of this SIM policy.
-         */
-        allowedServicesIds: string[];
-        /**
-         * The ID of Mobile Network Data Network which these settings apply to.
-         */
-        dataNetworkId: string;
-        /**
-         * The default PDU session type, which is used if the UE does not request a specific session type.
-         */
-        defaultSessionType: string;
-        /**
-         * The maximum number of downlink packets to buffer at the user plane for High Latency Communication - Extended Buffering.
-         */
-        maxBufferedPackets: number;
-        /**
-         * The Preemption Capability of a QoS Flow controls whether it can preempt another QoS Flow with a lower priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        preemptionCapability: string;
-        /**
-         * The Preemption Vulnerability of a QoS Flow controls whether it can be preempted by QoS Flow with a higher priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        preemptionVulnerability: string;
-        /**
-         * The QoS Indicator (5QI for 5G network /QCI for 4G net work) value identifies a set of QoS characteristics that control QoS forwarding treatment for QoS flows or EPS bearers.
-         */
-        qosIndicator: number;
-        /**
-         * A `sessionAggregateMaximumBitRate` block as defined below.
-         */
-        sessionAggregateMaximumBitRates: outputs.mobile.GetNetworkSimPolicySliceDataNetworkSessionAggregateMaximumBitRate[];
-    }
-    interface GetNetworkSimPolicySliceDataNetworkSessionAggregateMaximumBitRate {
-        /**
-         * Downlink bit rate.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate.
-         */
-        uplink: string;
-    }
-    interface GetNetworkSimPolicyUserEquipmentAggregateMaximumBitRate {
-        /**
-         * Downlink bit rate.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate.
-         */
-        uplink: string;
-    }
-    interface GetNetworkSimStaticIpConfiguration {
-        /**
-         * The ID of attached data network on which the static.
-         */
-        attachedDataNetworkId: string;
-        sliceId: string;
-        /**
-         * The IPv4 address assigned to the SIM at this network scope.
-         */
-        staticIpv4Address: string;
-    }
-    interface GetNetworkSliceSingleNetworkSliceSelectionAssistanceInformation {
-        /**
-         * Slice differentiator (SD).
-         */
-        sliceDifferentiator: string;
-        /**
-         * Slice/service type (SST).
-         */
-        sliceServiceType: number;
-    }
-    interface NetworkAttachedDataNetworkNetworkAddressPortTranslation {
-        /**
-         * Pinhole timeout for ICMP pinholes in seconds. Must between `1` to `180`, Default to `180`.
-         */
-        icmpPinholeTimeoutInSeconds?: number;
-        /**
-         * Maximum number of UDP and TCP pinholes that can be open simultaneously on the core interface. For 5G networks, this is the N6 interface. For 4G networks, this is the SGi interface. Must be between 1 and 65536.
-         */
-        pinholeMaximumNumber?: number;
-        /**
-         * A `portRange` block as defined below.
-         */
-        portRange?: outputs.mobile.NetworkAttachedDataNetworkNetworkAddressPortTranslationPortRange;
-        /**
-         * Pinhole timeout for TCP pinholes in seconds. Must between `1` to `180`, Default to `180`.
-         */
-        tcpPinholeTimeoutInSeconds?: number;
-        /**
-         * Minimum time in seconds that will pass before a TCP port that was used by a closed pinhole can be reused. Defaults to `120`.
-         */
-        tcpPortReuseMinimumHoldTimeInSeconds?: number;
-        /**
-         * Pinhole timeout for UDP pinholes in seconds. Must between `1` to `180`, Default to `180`.
-         */
-        udpPinholeTimeoutInSeconds?: number;
-        /**
-         * Minimum time in seconds that will pass before a UDP port that was used by a closed pinhole can be reused. Defaults to `60`.
-         */
-        udpPortReuseMinimumHoldTimeInSeconds?: number;
-    }
-    interface NetworkAttachedDataNetworkNetworkAddressPortTranslationPortRange {
-        /**
-         * Specifies the maximum port number.
-         */
-        maximum?: number;
-        /**
-         * Specifies the minimum port number.
-         */
-        minimum?: number;
-    }
-    interface NetworkPacketCoreControlPlaneIdentity {
-        /**
-         * A list of the IDs for User Assigned Managed Identity resources to be assigned.
-         */
-        identityIds: string[];
-        /**
-         * Specifies the type of Managed Service Identity. Possible values are `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned` (to enable both).
+         * The value of the Mongo Cluster connection string. The `<user>:<password>` placeholder returned from API will be replaced by the real `administratorUsername` and `administratorPassword` if available in the state.
          */
-        type: string;
+        value: string;
     }
-    interface NetworkPacketCoreControlPlaneLocalDiagnosticsAccess {
+    interface MongoClusterCustomerManagedKey {
         /**
-         * How to authenticate users to access local diagnostics APIs. Possible values are `AAD` and `Password`.
+         * The ID of the key vault key used for encryption. For example: `https://example-vault-name.vault.azure.net/keys/example-key-name`.
          */
-        authenticationType: string;
+        keyVaultKeyId: string;
         /**
-         * The versionless certificate URL used to secure local access to packet core diagnostics over local APIs by the Kubernetes ingress.
+         * The ID of the User Assigned Identity that has access to the Key Vault Key.
          */
-        httpsServerCertificateUrl?: string;
+        userAssignedIdentityId: string;
     }
-    interface NetworkPacketCoreControlPlanePlatform {
-        /**
-         * The ID of the Azure Arc connected cluster where the packet core is deployed.
-         */
-        arcKubernetesClusterId?: string;
+    interface MongoClusterIdentity {
         /**
-         * The ID of the Azure Arc custom location where the packet core is deployed.
+         * A list of one or more Resource IDs for User Assigned Managed identities to assign.
          *
-         * > **Note:** At least one of `edgeDeviceId`, `arcKubernetesClusterId`, `stackHciClusterId` and `customLocationId` should be specified. If multiple are set, they must be consistent with each other.
-         */
-        customLocationId?: string;
-        /**
-         * The ID of the Azure Stack Edge device where the packet core is deployed. If the device is part of a fault-tolerant pair, either device in the pair can be specified.
-         */
-        edgeDeviceId?: string;
-        /**
-         * The ID of the Azure Stack HCI cluster where the packet core is deployed.
-         */
-        stackHciClusterId?: string;
-        /**
-         * Specifies the platform type where the packet core is deployed. Possible values are `AKS-HCI`, `3P-AZURE-STACK-HCI` and `BaseVM`.
-         */
-        type: string;
-    }
-    interface NetworkServicePccRule {
-        /**
-         * Specifies the name of the rule. This must be unique within the parent service. You must not use any of the following reserved strings - `default`, `requested` or `service`.
-         */
-        name: string;
-        /**
-         * A precedence value that is used to decide between data flow policy rules when identifying the QoS values to use for a particular SIM. A lower value means a higher priority. This value should be unique among all data flow policy rules configured in the mobile network. Must be between `0` and `255`.
-         */
-        precedence: number;
-        /**
-         * A `qosPolicy` block as defined below. The QoS policy to use for packets matching this rule. If this field is not specified then the Service will define the QoS settings.
-         */
-        qosPolicy?: outputs.mobile.NetworkServicePccRuleQosPolicy;
-        /**
-         * A `serviceDataFlowTemplate` block as defined below. The set of service data flow templates to use for this PCC rule.
-         */
-        serviceDataFlowTemplates: outputs.mobile.NetworkServicePccRuleServiceDataFlowTemplate[];
-        /**
-         * Determines whether flows that match this data flow policy rule are permitted. Defaults to `true`.
-         */
-        trafficControlEnabled?: boolean;
-    }
-    interface NetworkServicePccRuleQosPolicy {
-        /**
-         * QoS Flow allocation and retention priority (ARP) level. Flows with higher priority preempt flows with lower priority, if the settings of `preemptionCapability` and `preemptionVulnerability` allow it. 1 is the highest level of priority. If this field is not specified then `qosIndicator` is used to derive the ARP value. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        allocationAndRetentionPriorityLevel?: number;
-        /**
-         * A `guaranteedBitRate` block as defined below. The Guaranteed Bit Rate (GBR) for all service data flows that use this PCC Rule. If it's not specified, there will be no GBR set for the PCC Rule that uses this QoS definition.
-         */
-        guaranteedBitRate?: outputs.mobile.NetworkServicePccRuleQosPolicyGuaranteedBitRate;
-        /**
-         * A `maximumBitRate` block as defined below. The Maximum Bit Rate (MBR) for all service data flows that use this PCC Rule or Service.
-         */
-        maximumBitRate: outputs.mobile.NetworkServicePccRuleQosPolicyMaximumBitRate;
-        /**
-         * The Preemption Capability of a QoS Flow controls whether it can preempt another QoS Flow with a lower priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters. Possible values are `NotPreempt` and `MayPreempt`, Defaults to `NotPreempt`.
-         */
-        preemptionCapability?: string;
-        /**
-         * The Preemption Vulnerability of a QoS Flow controls whether it can be preempted by QoS Flow with a higher priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters. Possible values are `NotPreemptable` and `Preemptable`. Defaults to `Preemptable`.
-         */
-        preemptionVulnerability?: string;
-        /**
-         * The QoS Indicator (5QI for 5G network /QCI for 4G net work) value identifies a set of QoS characteristics that control QoS forwarding treatment for QoS flows or EPS bearers. Recommended values: 5-9; 69-70; 79-80. Must be between `1` and `127`.
-         */
-        qosIndicator: number;
-    }
-    interface NetworkServicePccRuleQosPolicyGuaranteedBitRate {
-        /**
-         * Downlink bit rate. Must be a number followed by `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate. Must be a number followed by `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        uplink: string;
-    }
-    interface NetworkServicePccRuleQosPolicyMaximumBitRate {
-        /**
-         * Downlink bit rate. Must be a number followed by `bps`, `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate. Must be a number followed by `bps`, `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        uplink: string;
-    }
-    interface NetworkServicePccRuleServiceDataFlowTemplate {
-        /**
-         * Specifies the direction of this flow. Possible values are `Uplink`, `Downlink` and `Bidirectional`.
-         */
-        direction: string;
-        /**
-         * Specifies the name of the data flow template. This must be unique within the parent data flow policy rule. You must not use any of the following reserved strings - `default`, `requested` or `service`.
-         */
-        name: string;
-        /**
-         * The port(s) to which UEs will connect for this flow. You can specify zero or more ports or port ranges. If you specify one or more ports or port ranges then you must specify a value other than `ip` in the `protocol` field. If it is not specified then connections will be allowed on all ports. Port ranges must be specified as <FirstPort>-<LastPort>. For example: [`8080`, `8082-8085`].
-         */
-        ports?: string[];
-        /**
-         * A list of the allowed protocol(s) for this flow. If you want this flow to be able to use any protocol within the internet protocol suite, use the value `ip`. If you only want to allow a selection of protocols, you must use the corresponding IANA Assigned Internet Protocol Number for each protocol, as described in https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml. For example, for UDP, you must use 17. If you use the value `ip` then you must leave the field `port` unspecified.
-         */
-        protocols: string[];
-        /**
-         * Specifies the remote IP address(es) to which UEs will connect for this flow. If you want to allow connections on any IP address, use the value `any`. Otherwise, you must provide each of the remote IP addresses to which the packet core instance will connect for this flow. You must provide each IP address in CIDR notation, including the netmask (for example, `192.0.2.54/24`).
-         */
-        remoteIpLists: string[];
-    }
-    interface NetworkServiceServiceQosPolicy {
-        /**
-         * QoS Flow allocation and retention priority (ARP) level. Flows with higher priority preempt flows with lower priority, if the settings of `preemptionCapability` and `preemptionVulnerability` allow it. 1 is the highest level of priority. If this field is not specified then `qosIndicator` is used to derive the ARP value. Defaults to `9`. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        allocationAndRetentionPriorityLevel?: number;
-        /**
-         * A `maximumBitRate` block as defined below. The Maximum Bit Rate (MBR) for all service data flows that use this PCC Rule or Service.
-         */
-        maximumBitRate: outputs.mobile.NetworkServiceServiceQosPolicyMaximumBitRate;
-        /**
-         * The Preemption Capability of a QoS Flow controls whether it can preempt another QoS Flow with a lower priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters. Possible values are `NotPreempt` and `MayPreempt`,.
-         */
-        preemptionCapability?: string;
-        /**
-         * The Preemption Vulnerability of a QoS Flow controls whether it can be preempted by QoS Flow with a higher priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters. Possible values are `NotPreemptable` and `Preemptable`.
-         */
-        preemptionVulnerability?: string;
-        /**
-         * The QoS Indicator (5QI for 5G network /QCI for 4G net work) value identifies a set of QoS characteristics that control QoS forwarding treatment for QoS flows or EPS bearers. Recommended values: 5-9; 69-70; 79-80. Must be between `1` and `127`.
-         */
-        qosIndicator?: number;
-    }
-    interface NetworkServiceServiceQosPolicyMaximumBitRate {
-        /**
-         * Downlink bit rate. Must be a number followed by `bps`, `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate. Must be a number followed by `bps`, `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        uplink: string;
-    }
-    interface NetworkSimGroupIdentity {
-        /**
-         * A list of IDs for User Assigned Managed Identity resources to be assigned.
+         * > **Note:** Required when `type` is set to `UserAssigned`.
          */
         identityIds: string[];
         /**
-         * Specifies the type of Managed Service Identity. Possible value is `UserAssigned`.
+         * The type of managed identity to assign. Possible value is `UserAssigned`.
          */
         type: string;
     }
-    interface NetworkSimPolicySlice {
-        /**
-         * An array of `dataNetwork` block as defined below.
-         */
-        dataNetworks: outputs.mobile.NetworkSimPolicySliceDataNetwork[];
-        /**
-         * The ID of default data network to use if the user equipment does not explicitly specify it. Configuration for this object must exist in the `dataNetwork` block.
-         */
-        defaultDataNetworkId: string;
-        /**
-         * The ID of the slice that these settings apply to.
-         */
-        sliceId: string;
-    }
-    interface NetworkSimPolicySliceDataNetwork {
-        /**
-         * Allowed session types in addition to the default session type. Must not duplicate the default session type. Possible values are `IPv4` and `IPv6`.
-         */
-        additionalAllowedSessionTypes?: string[];
-        /**
-         * Default QoS Flow allocation and retention priority (ARP) level. Flows with higher priority preempt flows with lower priority, if the settings of `preemptionCapability` and `preemptionVulnerability` allow it. `1` is the highest level of priority. If this field is not specified then `qosIndicator` is used to derive the ARP value. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters.
-         */
-        allocationAndRetentionPriorityLevel?: number;
-        /**
-         * An array of IDs of services that can be used as part of this SIM policy. The array must not contain duplicate items and must contain at least one item.
-         */
-        allowedServicesIds: string[];
-        /**
-         * The ID of Mobile Network Data Network which these settings apply to.
-         */
-        dataNetworkId: string;
-        /**
-         * The default PDU session type, which is used if the user equipment does not request a specific session type. Possible values are `IPv4` and `IPv6`. Defaults to `IPv4`.
-         */
-        defaultSessionType?: string;
-        /**
-         * The maximum number of downlink packets to buffer at the user plane for High Latency Communication - Extended Buffering. Defaults to `10`, Must be at least `0`, See 3GPP TS29.272 v15.10.0 section 7.3.188 for a full description. This maximum is not guaranteed because there is a internal limit on buffered packets across all PDU sessions.
-         */
-        maxBufferedPackets?: number;
-        /**
-         * The Preemption Capability of a QoS Flow, it controls whether it can preempt another QoS Flow with a lower priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters. Possible values are `NotPreempt` and `MayPreempt`, Defaults to `NotPreempt`.
-         */
-        preemptionCapability?: string;
-        /**
-         * The Preemption Vulnerability of a QoS Flow, it controls whether it can be preempted by QoS Flow with a higher priority level. See 3GPP TS23.501 section 5.7.2.2 for a full description of the ARP parameters. Possible values are `NotPreemptable` and `Preemptable`. Defaults to `NotPreemptable`.
-         */
-        preemptionVulnerability?: string;
-        /**
-         * The QoS Indicator (5QI for 5G network /QCI for 4G net work) value identifies a set of QoS characteristics, it controls QoS forwarding treatment for QoS flows or EPS bearers. Recommended values: 5-9; 69-70; 79-80. Must be between `1` and `127`.
-         */
-        qosIndicator: number;
-        /**
-         * A `sessionAggregateMaximumBitRate` block as defined below.
-         */
-        sessionAggregateMaximumBitRate: outputs.mobile.NetworkSimPolicySliceDataNetworkSessionAggregateMaximumBitRate;
-    }
-    interface NetworkSimPolicySliceDataNetworkSessionAggregateMaximumBitRate {
+    interface MongoClusterRestore {
         /**
-         * Downlink bit rate. Must be a number followed by `Kbps`, `Mbps`, `Gbps` or `Tbps`.
+         * The point in time (in UTC) to restore from, in ISO 8601 format (e.g., `2024-01-01T00:00:00Z`). Changing this forces a new resource to be created.
          */
-        downlink: string;
+        pointInTimeUtc: string;
         /**
-         * Uplink bit rate. Must be a number followed by `Kbps`, `Mbps`, `Gbps` or `Tbps`.
+         * The ID of the source MongoDB Cluster to restore from. Changing this forces a new resource to be created.
          */
-        uplink: string;
-    }
-    interface NetworkSimPolicyUserEquipmentAggregateMaximumBitRate {
-        /**
-         * Downlink bit rate. Must be a number followed by `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        downlink: string;
-        /**
-         * Uplink bit rate. Must be a number followed by `Kbps`, `Mbps`, `Gbps` or `Tbps`.
-         */
-        uplink: string;
-    }
-    interface NetworkSimStaticIpConfiguration {
-        /**
-         * The ID of attached data network on which the static IP address will be used. The combination of attached data network and slice defines the network scope of the IP address.
-         */
-        attachedDataNetworkId: string;
-        /**
-         * The ID of network slice on which the static IP address will be used. The combination of attached data network and slice defines the network scope of the IP address.
-         */
-        sliceId: string;
-        /**
-         * The IPv4 address assigned to the SIM at this network scope. This address must be in the userEquipmentStaticAddressPoolPrefix defined in the attached data network.
-         */
-        staticIpv4Address?: string;
-    }
-    interface NetworkSliceSingleNetworkSliceSelectionAssistanceInformation {
-        /**
-         * Slice differentiator (SD). Must be a 6 digit hex string. For single-network slice selection assistance information (S-NSSAI). Unique at the scope of a mobile network.
-         *
-         * @deprecated `singleNetworkSliceSelectionAssistanceInformation` has been deprecated and its properties, `sliceDifferentiator` and `sliceServiceType` have been moved to the top level. The `singleNetworkSliceSelectionAssistanceInformation` block will be removed in v5.0 of the AzureRM Provider.
-         */
-        sliceDifferentiator?: string;
-        /**
-         * Slice/service type (SST). Must be between `0` and `255`. For single-network slice selection assistance information (S-NSSAI). Unique at the scope of a mobile network.
-         *
-         * @deprecated `singleNetworkSliceSelectionAssistanceInformation` has been deprecated and its properties, `sliceDifferentiator` and `sliceServiceType` have been moved to the top level. The `singleNetworkSliceSelectionAssistanceInformation` block will be removed in v5.0 of the AzureRM Provider.
-         */
-        sliceServiceType: number;
+        sourceId: string;
     }
-}
-export declare namespace mongocluster {
-    interface MongoClusterConnectionString {
+    interface UserRole {
         /**
-         * The description of the connection string.
+         * The name of the database to which the role will be applied. Changing this forces a new resource to be created.
          */
-        description: string;
+        database: string;
         /**
-         * The name which should be used for the MongoDB Cluster. Changing this forces a new resource to be created.
+         * The role name. The only possible value is `root`. Changing this forces a new resource to be created.
          */
         name: string;
-        /**
-         * The value of the Mongo Cluster connection string. The `<user>:<password>` placeholder returned from API will be replaced by the real `administratorUsername` and `administratorPassword` if available in the state.
-         */
-        value: string;
     }
 }
 export declare namespace monitoring {
@@ -51484,6 +51172,9 @@ export declare namespace mssql {
         storageUri: string;
     }
     interface DatabaseLongTermRetentionPolicy {
+        /**
+         * Specifies if the backups are immutable. Defaults to `false`.
+         */
         immutableBackupsEnabled?: boolean;
         /**
          * The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. `P1Y`, `P1M`, `P4W` or `P30D`. Defaults to `PT0S`.
@@ -51781,6 +51472,9 @@ export declare namespace mssql {
         type: string;
     }
     interface ManagedDatabaseLongTermRetentionPolicy {
+        /**
+         * Specifies if the backups are immutable. Defaults to `false`.
+         */
         immutableBackupsEnabled?: boolean;
         /**
          * The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. `P1Y`, `P1M`, `P4W` or `P30D`. Defaults to `PT0S`.
@@ -53060,7 +52754,7 @@ export declare namespace netapp {
          */
         name: string;
         /**
-         * Indicates which network feature to use, accepted values are `Basic` or `Standard`, it defaults to `Basic` if not defined. This is a feature in public preview and for more information about it and how to register, please refer to [Configure network features for an Azure NetApp Files volume](https://docs.microsoft.com/en-us/azure/azure-netapp-files/configure-network-features). This is required if enabling customer managed keys encryption scenario.
+         * Indicates which network feature to use, Possible values are `Basic`, `Basic_Standard`, `Standard` and `Standard_Basic`. It defaults to `Basic` if not defined. This is a feature in public preview and for more information about it and how to register, please refer to [Configure network features for an Azure NetApp Files volume](https://docs.microsoft.com/en-us/azure/azure-netapp-files/configure-network-features). This is required if enabling customer managed keys encryption scenario.
          */
         networkFeatures: string;
         /**
@@ -53110,7 +52804,7 @@ export declare namespace netapp {
          */
         volumePath: string;
         /**
-         * Volume specification name. Possible values are `ora-data1` through `ora-data8`, `ora-log`, `ora-log-mirror`, `ora-backup` and `ora-binary`. Changing this forces a new Application Volume Group to be created and data will be lost.
+         * Volume specification name. Possible values are `ora-data1`, `ora-data2`, `ora-data3`, `ora-data4`, `ora-data5`, `ora-data6`, `ora-data7`, `ora-data8`, `ora-log`, `ora-log-mirror`, `ora-binary` and `ora-backup`. Changing this forces a new Application Volume Group to be created and data will be lost.
          */
         volumeSpecName: string;
         /**
@@ -53124,7 +52818,7 @@ export declare namespace netapp {
          */
         endpointType?: string;
         /**
-         * Location of the primary volume. Changing this forces a new Application Volume Group to be created and data will be lost.
+         * Location of the primary volume.
          */
         remoteVolumeLocation: string;
         /**
@@ -53253,7 +52947,7 @@ export declare namespace netapp {
          */
         endpointType?: string;
         /**
-         * Location of the primary volume. Changing this forces a new Application Volume Group to be created and data will be lost.
+         * Location of the primary volume.
          */
         remoteVolumeLocation: string;
         /**
@@ -53928,7 +53622,7 @@ export declare namespace network {
          */
         capacity?: number;
         /**
-         * The Name of the SKU to use for this Application Gateway. Possible values are `Basic`, `Standard_v2`, and `WAF_v2`.
+         * The Name of the SKU to use for this Application Gateway. Possible values are `Basic`, `Standard_Small`, `Standard_Medium`, `Standard_Large`, `Standard_v2`, `WAF_Large`, `WAF_Medium` and `WAF_v2`.
          */
         name: string;
         /**
@@ -58606,42 +58300,66 @@ export declare namespace nginx {
          */
         activationStateEnabled: boolean;
         /**
-         * A `web_application_firewall.status` block as defined below:
+         * A `status` block as defined below.
          */
         statuses: outputs.nginx.DeploymentWebApplicationFirewallStatus[];
     }
     interface DeploymentWebApplicationFirewallStatus {
         /**
-         * Indicates the version of the attack signatures package used by NGINX App Protect.
+         * One or more `attackSignaturesPackage` blocks as defined below.
          */
         attackSignaturesPackages: outputs.nginx.DeploymentWebApplicationFirewallStatusAttackSignaturesPackage[];
         /**
-         * Indicates the version of the bot signatures package used by NGINX App Protect.
+         * One or more `botSignaturesPackage` blocks as defined below.
          */
         botSignaturesPackages: outputs.nginx.DeploymentWebApplicationFirewallStatusBotSignaturesPackage[];
         /**
-         * Indicates the version of the WAF Engine and Nginx WAF Module used by NGINX App Protect.
+         * One or more `componentVersions` blocks as defined below.
          */
         componentVersions: outputs.nginx.DeploymentWebApplicationFirewallStatusComponentVersion[];
         /**
-         * Indicates the version of the threat campaigns package used by NGINX App Protect.
+         * One or more `threatCampaignsPackage` blocks as defined below.
          */
         threatCampaignsPackages: outputs.nginx.DeploymentWebApplicationFirewallStatusThreatCampaignsPackage[];
     }
     interface DeploymentWebApplicationFirewallStatusAttackSignaturesPackage {
+        /**
+         * The revision date and time of the threat campaigns package.
+         */
         revisionDatetime: string;
+        /**
+         * The version of the threat campaigns package.
+         */
         version: string;
     }
     interface DeploymentWebApplicationFirewallStatusBotSignaturesPackage {
+        /**
+         * The revision date and time of the threat campaigns package.
+         */
         revisionDatetime: string;
+        /**
+         * The version of the threat campaigns package.
+         */
         version: string;
     }
     interface DeploymentWebApplicationFirewallStatusComponentVersion {
+        /**
+         * The version of the WAF Engine.
+         */
         wafEngineVersion: string;
+        /**
+         * The version of the WAF Nginx module.
+         */
         wafNginxVersion: string;
     }
     interface DeploymentWebApplicationFirewallStatusThreatCampaignsPackage {
+        /**
+         * The revision date and time of the threat campaigns package.
+         */
         revisionDatetime: string;
+        /**
+         * The version of the threat campaigns package.
+         */
         version: string;
     }
     interface GetConfigurationConfigFile {
@@ -59791,6 +59509,107 @@ export declare namespace paloalto {
         templateName: string;
         virtualMachineSshKey: string;
     }
+    interface NextGenerationFirewallVirtualHubStrataCloudManagerDestinationNat {
+        /**
+         * One or more `backendConfig` block as defined below.
+         */
+        backendConfig?: outputs.paloalto.NextGenerationFirewallVirtualHubStrataCloudManagerDestinationNatBackendConfig;
+        /**
+         * One or more `frontendConfig` block as defined below.
+         */
+        frontendConfig?: outputs.paloalto.NextGenerationFirewallVirtualHubStrataCloudManagerDestinationNatFrontendConfig;
+        /**
+         * The name which should be used for this Destination NAT rule.
+         */
+        name: string;
+        /**
+         * The protocol used for this Destination NAT. Possible values include `TCP` and `UDP`.
+         */
+        protocol: string;
+    }
+    interface NextGenerationFirewallVirtualHubStrataCloudManagerDestinationNatBackendConfig {
+        /**
+         * The port number to send traffic to.
+         */
+        port: number;
+        /**
+         * The public IP Address to send the traffic to.
+         */
+        publicIpAddress: string;
+    }
+    interface NextGenerationFirewallVirtualHubStrataCloudManagerDestinationNatFrontendConfig {
+        /**
+         * The port on which traffic will be received.
+         */
+        port: number;
+        /**
+         * The ID of the Public IP Address resource the traffic will be received on.
+         */
+        publicIpAddressId: string;
+    }
+    interface NextGenerationFirewallVirtualHubStrataCloudManagerDnsSettings {
+        azureDnsServers: string[];
+        /**
+         * A list of DNS servers to use. Conflicts with `dns_settings[0].use_azure_dns`.
+         */
+        dnsServers?: string[];
+        /**
+         * Should Azure DNS servers be used? Conflicts with `dns_settings[0].dns_servers`. Defaults to `false`.
+         */
+        useAzureDns?: boolean;
+    }
+    interface NextGenerationFirewallVirtualHubStrataCloudManagerIdentity {
+        /**
+         * A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
+         */
+        identityIds: string[];
+        /**
+         * The type of Managed Service Identity that should be configured on this App Configuration. The only possible value is `UserAssigned`.
+         */
+        type: string;
+    }
+    interface NextGenerationFirewallVirtualHubStrataCloudManagerNetworkProfile {
+        /**
+         * A list of Public IP IDs to use for Egress NAT.
+         */
+        egressNatIpAddressIds?: string[];
+        /**
+         * A list of Egress NAT IP addresses.
+         */
+        egressNatIpAddresses: string[];
+        /**
+         * The IP of trusted subnet for UDR.
+         */
+        ipOfTrustForUserDefinedRoutes: string;
+        /**
+         * The ID of the Palo Alto Network Virtual Appliance in the VHub. Changing this forces a new Palo Alto Next Generation Firewall Virtual Hub Strata Cloud Manager to be created.
+         */
+        networkVirtualApplianceId: string;
+        /**
+         * A list of Public IP IDs to use for this Next Generation Firewall.
+         */
+        publicIpAddressIds: string[];
+        /**
+         * A list of public IPs associated with this Next Generation Firewall.
+         */
+        publicIpAddresses: string[];
+        /**
+         * A list of trusted ranges to use for the Network.
+         */
+        trustedAddressRanges?: string[];
+        /**
+         * The ID of trusted subnet.
+         */
+        trustedSubnetId: string;
+        /**
+         * The ID of untrusted subnet.
+         */
+        untrustedSubnetId: string;
+        /**
+         * The ID of the Virtual Hub this Next Generation Firewall will be deployed in. Changing this forces a new Palo Alto Next Generation Firewall Virtual Hub Strata Cloud Manager to be created.
+         */
+        virtualHubId: string;
+    }
     interface NextGenerationFirewallVirtualNetworkLocalRulestackDestinationNat {
         /**
          * A `backendConfig` block as defined above.
@@ -59993,6 +59812,109 @@ export declare namespace paloalto {
          */
         virtualMachineSshKey: string;
     }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerDestinationNat {
+        /**
+         * One or more `backendConfig` block as defined below.
+         */
+        backendConfig?: outputs.paloalto.NextGenerationFirewallVirtualNetworkStrataCloudManagerDestinationNatBackendConfig;
+        /**
+         * One or more `frontendConfig` block as defined below.
+         */
+        frontendConfig?: outputs.paloalto.NextGenerationFirewallVirtualNetworkStrataCloudManagerDestinationNatFrontendConfig;
+        /**
+         * The name which should be used for this NAT.
+         */
+        name: string;
+        /**
+         * The protocol used for this Destination NAT. Possible values include `TCP` and `UDP`.
+         */
+        protocol: string;
+    }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerDestinationNatBackendConfig {
+        /**
+         * The port number to send traffic to.
+         */
+        port: number;
+        /**
+         * The public IP Address to send the traffic to.
+         */
+        publicIpAddress: string;
+    }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerDestinationNatFrontendConfig {
+        /**
+         * The port on which traffic will be received.
+         */
+        port: number;
+        /**
+         * The ID of the Public IP Address resource the traffic will be received on.
+         */
+        publicIpAddressId: string;
+    }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerDnsSettings {
+        azureDnsServers: string[];
+        /**
+         * A list of DNS servers to use. Conflicts with `dns_settings[0].use_azure_dns`.
+         */
+        dnsServers?: string[];
+        /**
+         * Should the Firewall use Azure Supplied DNS servers. Conflicts with `dns_settings[0].dns_servers`. Defaults to `false`.
+         */
+        useAzureDns?: boolean;
+    }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerIdentity {
+        /**
+         * A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
+         */
+        identityIds: string[];
+        /**
+         * The type of Managed Service Identity that should be configured on this App Configuration. The only possible value is `UserAssigned`.
+         */
+        type: string;
+    }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerNetworkProfile {
+        /**
+         * A list of Azure Public IP Address IDs that can be used for Egress (Source) Network Address Translation.
+         */
+        egressNatIpAddressIds?: string[];
+        /**
+         * A list of Egress NAT IP addresses.
+         */
+        egressNatIpAddresses: string[];
+        /**
+         * A list of Azure Public IP Address IDs.
+         */
+        publicIpAddressIds: string[];
+        /**
+         * A list of public IPs associated with this Next Generation Firewall.
+         */
+        publicIpAddresses: string[];
+        /**
+         * A list of trusted ranges to use for the Network.
+         */
+        trustedAddressRanges?: string[];
+        /**
+         * A `vnetConfiguration` block as defined below.
+         */
+        vnetConfiguration: outputs.paloalto.NextGenerationFirewallVirtualNetworkStrataCloudManagerNetworkProfileVnetConfiguration;
+    }
+    interface NextGenerationFirewallVirtualNetworkStrataCloudManagerNetworkProfileVnetConfiguration {
+        /**
+         * The IP of trusted subnet for UDR.
+         */
+        ipOfTrustForUserDefinedRoutes: string;
+        /**
+         * The ID of the Trust subnet.
+         */
+        trustedSubnetId?: string;
+        /**
+         * The ID of the UnTrust subnet.
+         */
+        untrustedSubnetId?: string;
+        /**
+         * The ID of the Virtual Network.
+         */
+        virtualNetworkId: string;
+    }
 }
 export declare namespace pim {
     interface ActiveRoleAssignmentSchedule {
@@ -60375,7 +60297,7 @@ export declare namespace pim {
          */
         approvalStage: outputs.pim.RoleManagementPolicyActivationRulesApprovalStage;
         /**
-         * The maximum length of time an activated role can be valid, in an ISO8601 Duration format (e.g. `PT8H`). Valid range is `PT30M` to `PT23H30M`, in 30 minute increments, or `PT1D`.
+         * The maximum length of time an activated role can be valid, in an ISO8601 Duration format (e.g. `PT8H`). Valid range is `PT30M` to `PT23H30M`, in 30 minute increments, or `PT1D`. Possible values are `PT30M`, `PT1H`, `PT1H30M`, `PT2H`, `PT2H30M`, `PT3H`, `PT3H30M`, `PT4H`, `PT4H30M`, `PT5H`, `PT5H30M`, `PT6H`, `PT6H30M`, `PT7H`, `PT7H30M`, `PT8H`, `PT8H30M`, `PT9H`, `PT9H30M`, `PT10H`, `PT10H30M`, `PT11H`, `PT11H30M`, `PT12H`, `PT12H30M`, `PT13H`, `PT13H30M`, `PT14H`, `PT14H30M`, `PT15H`, `PT15H30M`, `PT16H`, `PT16H30M`, `PT17H`, `PT17H30M`, `PT18H`, `PT18H30M`, `PT19H`, `PT19H30M`, `PT20H`, `PT20H30M`, `PT21H`, `PT21H30M`, `PT22H`, `PT22H30M`, `PT23H`, `PT23H30M` and `P1D`.
          */
         maximumDuration: string;
         /**
@@ -60401,7 +60323,7 @@ export declare namespace pim {
     }
     interface RoleManagementPolicyActivationRulesApprovalStage {
         /**
-         * The IDs of the users or groups who can approve the activation
+         * One or more `primaryApprover` blocks as defined below.
          */
         primaryApprovers: outputs.pim.RoleManagementPolicyActivationRulesApprovalStagePrimaryApprover[];
     }
@@ -60462,8 +60384,6 @@ export declare namespace pim {
         eligibleActivations: outputs.pim.RoleManagementPolicyNotificationRulesEligibleActivations;
         /**
          * A `notificationTarget` block as defined below to configure notification on eligible role assignments.
-         *
-         * At least one `notificationTarget` block must be provided.
          */
         eligibleAssignments: outputs.pim.RoleManagementPolicyNotificationRulesEligibleAssignments;
     }
@@ -61486,7 +61406,7 @@ export declare namespace redhatopenshift {
          */
         fipsEnabled?: boolean;
         /**
-         * The name of a Resource Group which will be created to host VMs of Azure Red Hat OpenShift Cluster. The value cannot contain uppercase characters. Defaults to `aro-{domain}`. Changing this forces a new resource to be created.
+         * The name of a Resource Group which will be created to host VMs of Azure Red Hat OpenShift Cluster. The value cannot contain uppercase characters. Changing this forces a new resource to be created.
          */
         managedResourceGroupName?: string;
         /**
@@ -61546,7 +61466,7 @@ export declare namespace redhatopenshift {
          */
         podCidr: string;
         /**
-         * Whether a preconfigured network security group is being used on the subnets.  Defaults to `false`.  Changing this forces a new resource to be created.
+         * Whether a preconfigured network security group is being used on the subnets. Defaults to `false`. Changing this forces a new resource to be created.
          */
         preconfiguredNetworkSecurityGroupEnabled?: boolean;
         /**
@@ -62204,7 +62124,7 @@ export declare namespace sentinel {
     }
     interface AlertRuleNrtAlertDetailsOverrideDynamicProperty {
         /**
-         * The name of the dynamic property. Possible Values are `AlertLink`, `ConfidenceLevel`, `ConfidenceScore`, `ExtendedLinks`, `ProductComponentName`, `ProductName`, `ProviderName`, `RemediationSteps` and `Techniques`.
+         * The name of the dynamic property. Possible values are `AlertLink`, `ConfidenceLevel`, `ConfidenceScore`, `ExtendedLinks`, `ProductComponentName`, `ProductName`, `ProviderName`, `RemediationSteps`, `SubTechniques` and `Techniques`.
          */
         name: string;
         /**
@@ -62308,7 +62228,7 @@ export declare namespace sentinel {
     }
     interface AlertRuleScheduledAlertDetailsOverrideDynamicProperty {
         /**
-         * The name of the dynamic property. Possible Values are `AlertLink`, `ConfidenceLevel`, `ConfidenceScore`, `ExtendedLinks`, `ProductComponentName`, `ProductName`, `ProviderName`, `RemediationSteps` and `Techniques`.
+         * The name of the dynamic property. Possible values are `AlertLink`, `ConfidenceLevel`, `ConfidenceScore`, `ExtendedLinks`, `ProductComponentName`, `ProductName`, `ProviderName`, `RemediationSteps`, `SubTechniques` and `Techniques`.
          */
         name: string;
         /**
@@ -64028,7 +63948,7 @@ export declare namespace siterecovery {
          */
         targetDiskEncryptionSetId?: string;
         /**
-         * The disk type of the disk to be created when a failover is done. Possible values are `Premium_LRS`, `Standard_LRS` and `StandardSSD_LRS`.
+         * The disk type of the disk to be created when a failover is done. Possible values are `Premium_LRS`, `PremiumV2_LRS`, `Premium_ZRS`, `Standard_LRS`, `StandardSSD_LRS`, `StandardSSD_ZRS` and `UltraSSD_LRS`.
          */
         targetDiskType: string;
     }
@@ -64454,7 +64374,7 @@ export declare namespace storage {
          */
         activeDirectory: outputs.storage.AccountAzureFilesAuthenticationActiveDirectory;
         /**
-         * Specifies the default share level permissions applied to all users. Possible values are `StorageFileDataSmbShareReader`, `StorageFileDataSmbShareContributor`, `StorageFileDataSmbShareElevatedContributor`, or `None`.
+         * Specifies the default share level permissions applied to all users. Possible values are `StorageFileDataSmbShareReader`, `StorageFileDataSmbShareContributor`, `StorageFileDataSmbShareElevatedContributor`, or `None`. Defaults to `None`.
          */
         defaultShareLevelPermission?: string;
         /**
@@ -64645,7 +64565,7 @@ export declare namespace storage {
          */
         periodSinceCreationInDays: number;
         /**
-         * Defines the mode of the policy. `Disabled` state disables the policy, `Unlocked` state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, `Locked` state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted. Changing from `Locked` forces a new resource to be created.
+         * Defines the mode of the policy. `Disabled` state disables the policy, `Unlocked` state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, `Locked` state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.
          */
         state: string;
     }
@@ -64721,8 +64641,7 @@ export declare namespace storage {
          */
         allowedHeaders: string[];
         /**
-         * A list of HTTP methods that are allowed to be executed by the origin. Valid options are
-         * `DELETE`, `GET`, `HEAD`, `MERGE`, `POST`, `OPTIONS`, `PUT` or `PATCH`.
+         * A list of HTTP methods that are allowed to be executed by the origin. Valid options are `DELETE`, `GET`, `HEAD`, `MERGE`, `POST`, `OPTIONS`, `PUT` or `PATCH`.
          */
         allowedMethods: string[];
         /**
@@ -66394,7 +66313,7 @@ export declare namespace waf {
          */
         enabled?: boolean;
         /**
-         * Specifies what grouping the rate limit will count requests by. Possible values are `GeoLocation`, `ClientAddr` and `None`.
+         * Specifies what grouping the rate limit will count requests by. Possible values are `ClientAddr`, `ClientAddrXFFHeader`, `GeoLocation`, `GeoLocationXFFHeader` and `None`.
          */
         groupRateLimitBy?: string;
         /**
@@ -66753,7 +66672,7 @@ export declare namespace webpubsub {
          */
         capacity?: number;
         /**
-         * The name which should be used for this Web PubSub Service. Changing this forces a new Web PubSub Service to be created.
+         * The SKU to use for this Web PubSub Service. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1`, and `Premium_P2`.
          */
         name: string;
     }
@@ -67209,7 +67128,7 @@ export declare namespace workloadssap {
          */
         names: string[];
         /**
-         * The name of the Volume. Changing this forces a new resource to be created.
+         * The name of the Volume. Possible values are `default`, `hanaData`, `hanaLog`, `hanaShared` and `usrSap`. Changing this forces a new resource to be created.
          *
          * > **Note:** Possible value for Application Server and Central Server is `default`.
          *
@@ -67277,7 +67196,7 @@ export declare namespace workloadssap {
          */
         names: string[];
         /**
-         * The name of the Volume. Changing this forces a new resource to be created.
+         * The name of the Volume. Possible values are `default`, `hanaData`, `hanaLog`, `hanaShared` and `usrSap`. Changing this forces a new resource to be created.
          *
          * > **Note:** Possible value for Application Server and Central Server is `default`.
          *
@@ -67345,7 +67264,7 @@ export declare namespace workloadssap {
          */
         names: string[];
         /**
-         * The name of the Volume. Changing this forces a new resource to be created.
+         * The name of the Volume. Possible values are `default`, `hanaData`, `hanaLog`, `hanaShared` and `usrSap`. Changing this forces a new resource to be created.
          *
          * > **Note:** Possible value for Application Server and Central Server is `default`.
          *