@pulumi/azure 6.8.0-alpha.1730527455 → 6.8.0

package/trustedsigning/account.d.ts

@@ -0,0 +1,121 @@
+import * as pulumi from "@pulumi/pulumi";
+/**
+ * Manages a Trusted Signing Account.
+ *
+ * ## Import
+ *
+ * Trusted Signing Accounts can be imported using the `resource id`, e.g.
+ *
+ * ```sh
+ * $ pulumi import azure:trustedsigning/account:Account example /subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.CodeSigning/codeSigningAccounts/example-account
+ * ```
+ */
+export declare class Account extends pulumi.CustomResource {
+    /**
+     * Get an existing Account resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccountState, opts?: pulumi.CustomResourceOptions): Account;
+    /**
+     * Returns true if the given object is an instance of Account.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is Account;
+    /**
+     * The URI of the Trusted Signing Account which is used during signing files.
+     */
+    readonly accountUri: pulumi.Output<string>;
+    /**
+     * The Azure Region where the Trusted Signing Account should exist. Changing this forces a new Trusted Signing Account to be created.
+     */
+    readonly location: pulumi.Output<string>;
+    /**
+     * The name which should be used for this Trusted Signing Account. Changing this forces a new Trusted Signing Account to be created.
+     */
+    readonly name: pulumi.Output<string>;
+    /**
+     * The name of the Resource Group where the Trusted Signing Account should exist. Changing this forces a new Trusted Signing Account to be created.
+     */
+    readonly resourceGroupName: pulumi.Output<string>;
+    /**
+     * The sku name of this Trusted Signing Account. Possible values are `Basic` and `Premium`.
+     */
+    readonly skuName: pulumi.Output<string>;
+    /**
+     * A mapping of tags which should be assigned to the Trusted Signing Account.
+     */
+    readonly tags: pulumi.Output<{
+        [key: string]: string;
+    } | undefined>;
+    /**
+     * Create a Account resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: AccountArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering Account resources.
+ */
+export interface AccountState {
+    /**
+     * The URI of the Trusted Signing Account which is used during signing files.
+     */
+    accountUri?: pulumi.Input<string>;
+    /**
+     * The Azure Region where the Trusted Signing Account should exist. Changing this forces a new Trusted Signing Account to be created.
+     */
+    location?: pulumi.Input<string>;
+    /**
+     * The name which should be used for this Trusted Signing Account. Changing this forces a new Trusted Signing Account to be created.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * The name of the Resource Group where the Trusted Signing Account should exist. Changing this forces a new Trusted Signing Account to be created.
+     */
+    resourceGroupName?: pulumi.Input<string>;
+    /**
+     * The sku name of this Trusted Signing Account. Possible values are `Basic` and `Premium`.
+     */
+    skuName?: pulumi.Input<string>;
+    /**
+     * A mapping of tags which should be assigned to the Trusted Signing Account.
+     */
+    tags?: pulumi.Input<{
+        [key: string]: pulumi.Input<string>;
+    }>;
+}
+/**
+ * The set of arguments for constructing a Account resource.
+ */
+export interface AccountArgs {
+    /**
+     * The Azure Region where the Trusted Signing Account should exist. Changing this forces a new Trusted Signing Account to be created.
+     */
+    location?: pulumi.Input<string>;
+    /**
+     * The name which should be used for this Trusted Signing Account. Changing this forces a new Trusted Signing Account to be created.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * The name of the Resource Group where the Trusted Signing Account should exist. Changing this forces a new Trusted Signing Account to be created.
+     */
+    resourceGroupName: pulumi.Input<string>;
+    /**
+     * The sku name of this Trusted Signing Account. Possible values are `Basic` and `Premium`.
+     */
+    skuName: pulumi.Input<string>;
+    /**
+     * A mapping of tags which should be assigned to the Trusted Signing Account.
+     */
+    tags?: pulumi.Input<{
+        [key: string]: pulumi.Input<string>;
+    }>;
+}

package/trustedsigning/account.js

@@ -0,0 +1,76 @@
+"use strict";
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Account = void 0;
+const pulumi = require("@pulumi/pulumi");
+const utilities = require("../utilities");
+/**
+ * Manages a Trusted Signing Account.
+ *
+ * ## Import
+ *
+ * Trusted Signing Accounts can be imported using the `resource id`, e.g.
+ *
+ * ```sh
+ * $ pulumi import azure:trustedsigning/account:Account example /subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.CodeSigning/codeSigningAccounts/example-account
+ * ```
+ */
+class Account extends pulumi.CustomResource {
+    constructor(name, argsOrState, opts) {
+        let resourceInputs = {};
+        opts = opts || {};
+        if (opts.id) {
+            const state = argsOrState;
+            resourceInputs["accountUri"] = state ? state.accountUri : undefined;
+            resourceInputs["location"] = state ? state.location : undefined;
+            resourceInputs["name"] = state ? state.name : undefined;
+            resourceInputs["resourceGroupName"] = state ? state.resourceGroupName : undefined;
+            resourceInputs["skuName"] = state ? state.skuName : undefined;
+            resourceInputs["tags"] = state ? state.tags : undefined;
+        }
+        else {
+            const args = argsOrState;
+            if ((!args || args.resourceGroupName === undefined) && !opts.urn) {
+                throw new Error("Missing required property 'resourceGroupName'");
+            }
+            if ((!args || args.skuName === undefined) && !opts.urn) {
+                throw new Error("Missing required property 'skuName'");
+            }
+            resourceInputs["location"] = args ? args.location : undefined;
+            resourceInputs["name"] = args ? args.name : undefined;
+            resourceInputs["resourceGroupName"] = args ? args.resourceGroupName : undefined;
+            resourceInputs["skuName"] = args ? args.skuName : undefined;
+            resourceInputs["tags"] = args ? args.tags : undefined;
+            resourceInputs["accountUri"] = undefined /*out*/;
+        }
+        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+        super(Account.__pulumiType, name, resourceInputs, opts);
+    }
+    /**
+     * Get an existing Account resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name, id, state, opts) {
+        return new Account(name, state, Object.assign(Object.assign({}, opts), { id: id }));
+    }
+    /**
+     * Returns true if the given object is an instance of Account.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj) {
+        if (obj === undefined || obj === null) {
+            return false;
+        }
+        return obj['__pulumiType'] === Account.__pulumiType;
+    }
+}
+exports.Account = Account;
+/** @internal */
+Account.__pulumiType = 'azure:trustedsigning/account:Account';
+//# sourceMappingURL=account.js.map

package/trustedsigning/account.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account.js","sourceRoot":"","sources":["../../trustedsigning/account.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;GAUG;AACH,MAAa,OAAQ,SAAQ,MAAM,CAAC,cAAc;IA6D9C,YAAY,IAAY,EAAE,WAAwC,EAAE,IAAmC;QACnG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAuC,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAsC,CAAC;YACpD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC9D,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;aACpE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACpD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;IAxFD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAoB,EAAE,IAAmC;QAClH,OAAO,IAAI,OAAO,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC9D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC;IACxD,CAAC;;AA1BL,0BA0FC;AA5EG,gBAAgB;AACO,oBAAY,GAAG,sCAAsC,CAAC"}

package/trustedsigning/index.d.ts

@@ -0,0 +1,3 @@
+export { AccountArgs, AccountState } from "./account";
+export declare type Account = import("./account").Account;
+export declare const Account: typeof import("./account").Account;

package/trustedsigning/index.js

@@ -0,0 +1,22 @@
+"use strict";
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Account = void 0;
+const pulumi = require("@pulumi/pulumi");
+const utilities = require("../utilities");
+exports.Account = null;
+utilities.lazyLoad(exports, ["Account"], () => require("./account"));
+const _module = {
+    version: utilities.getVersion(),
+    construct: (name, type, urn) => {
+        switch (type) {
+            case "azure:trustedsigning/account:Account":
+                return new exports.Account(name, undefined, { urn });
+            default:
+                throw new Error(`unknown resource type ${type}`);
+        }
+    },
+};
+pulumi.runtime.registerResourceModule("azure", "trustedsigning/account", _module);
+//# sourceMappingURL=index.js.map

package/trustedsigning/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../trustedsigning/index.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAK7B,QAAA,OAAO,GAAuC,IAAW,CAAC;AACvE,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;AAGrE,MAAM,OAAO,GAAG;IACZ,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE;IAC/B,SAAS,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,GAAW,EAAmB,EAAE;QACpE,QAAQ,IAAI,EAAE;YACV,KAAK,sCAAsC;gBACvC,OAAO,IAAI,eAAO,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YACrD;gBACI,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;SACxD;IACL,CAAC;CACJ,CAAC;AACF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,OAAO,EAAE,wBAAwB,EAAE,OAAO,CAAC,CAAA"}

package/types/input.d.ts

@@ -5110,7 +5110,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: pulumi.Input<string>;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: pulumi.Input<string>;
         /**
@@ -7173,7 +7173,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: pulumi.Input<string>;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: pulumi.Input<string>;
         /**
@@ -10064,7 +10064,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: pulumi.Input<string>;
         /**
-         * Configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * Configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: pulumi.Input<string>;
         /**
@@ -12061,7 +12061,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: pulumi.Input<string>;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: pulumi.Input<string>;
         /**
@@ -18882,6 +18882,16 @@ export declare namespace compute {
          */
         regularPercentageAboveBase?: pulumi.Input<number>;
     }
+    interface OrchestratedVirtualMachineScaleSetSkuProfile {
+        /**
+         * Specifies the allocation strategy for the virtual machine scale set based on which the VMs will be allocated. Possible values are `LowestPrice` and `CapacityOptimized`.
+         */
+        allocationStrategy: pulumi.Input<string>;
+        /**
+         * Specifies the VM sizes for the virtual machine scale set.
+         */
+        vmSizes: pulumi.Input<pulumi.Input<string>[]>;
+    }
     interface OrchestratedVirtualMachineScaleSetSourceImageReference {
         /**
          * Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
@@ -22812,6 +22822,14 @@ export declare namespace containerservice {
          * Detect similar node groups and balance the number of nodes between them. Defaults to `false`.
          */
         balanceSimilarNodeGroups?: pulumi.Input<boolean>;
+        /**
+         * Whether DaemonSet pods will be gracefully terminated from empty nodes. Defaults to `false`.
+         */
+        daemonsetEvictionForEmptyNodesEnabled?: pulumi.Input<boolean>;
+        /**
+         * Whether DaemonSet pods will be gracefully terminated from non-empty nodes. Defaults to `true`.
+         */
+        daemonsetEvictionForOccupiedNodesEnabled?: pulumi.Input<boolean>;
         /**
          * Maximum number of empty nodes that can be deleted at the same time. Defaults to `10`.
          */
@@ -22820,6 +22838,10 @@ export declare namespace containerservice {
          * Expander to use. Possible values are `least-waste`, `priority`, `most-pods` and `random`. Defaults to `random`.
          */
         expander?: pulumi.Input<string>;
+        /**
+         * Whether DaemonSet pods will be ignored when calculating resource utilization for scale down. Defaults to `false`.
+         */
+        ignoreDaemonsetsUtilizationEnabled?: pulumi.Input<boolean>;
         /**
          * Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to `600`.
          */
@@ -23755,6 +23777,10 @@ export declare namespace containerservice {
         serviceCidrs?: pulumi.Input<pulumi.Input<string>[]>;
     }
     interface KubernetesClusterNetworkProfileLoadBalancerProfile {
+        /**
+         * The type of the managed inbound Load Balancer Backend Pool. Possible values are `NodeIP` and `NodeIPConfiguration`. Defaults to `NodeIPConfiguration`. See [the documentation](https://learn.microsoft.com/en-us/azure/aks/load-balancer-standard#change-the-inbound-pool-type) for more information.
+         */
+        backendPoolType?: pulumi.Input<string>;
         /**
          * The outcome (resource IDs) of the specified arguments.
          */
@@ -40008,11 +40034,13 @@ export declare namespace network {
          */
         id?: pulumi.Input<string>;
         /**
-         * The Secret ID of (base-64 encoded unencrypted pfx) the `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required if `data` is not set.
+         * The Secret ID of the (base-64 encoded unencrypted pfx) `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required if `data` is not set.
+         *
+         * > **NOTE:** To implement certificate rotation, `versionlessSecretId` should be used, although `secretId` is also supported.
          *
          * > **NOTE:** TLS termination with Key Vault certificates is limited to the [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/key-vault-certs).
          *
-         * > **NOTE:** For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
+         * > **NOTE:** For TLS termination with Key Vault certificates to work properly, an existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
          */
         keyVaultSecretId?: pulumi.Input<string>;
         /**
@@ -40112,11 +40140,13 @@ export declare namespace network {
          */
         id?: pulumi.Input<string>;
         /**
-         * The Secret ID of (base-64 encoded unencrypted pfx) `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required if `data` is not set.
+         * The Secret ID of the (base-64 encoded unencrypted pfx) `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required if `data` is not set.
+         *
+         * > **NOTE:** To implement certificate rotation, `versionlessSecretId` should be used, although `secretId` is also supported.
          *
          * > **NOTE:** TLS termination with Key Vault certificates is limited to the [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/key-vault-certs).
          *
-         * > **NOTE:** For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
+         * > **NOTE:** For TLS termination with Key Vault certificates to work properly, an existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
          */
         keyVaultSecretId?: pulumi.Input<string>;
         /**
@@ -46791,6 +46821,20 @@ export declare namespace stack {
          */
         nextHopIpAddress: pulumi.Input<string>;
     }
+    interface HciMarketplaceGalleryImageIdentifier {
+        /**
+         * The offer of the Azure Stack HCI Marketplace Gallery Image. Changing this forces a new Azure Stack HCI Marketplace Gallery Image to be created.
+         */
+        offer: pulumi.Input<string>;
+        /**
+         * The publisher of the Azure Stack HCI Marketplace Gallery Image. Changing this forces a new Azure Stack HCI Marketplace Gallery Image to be created.
+         */
+        publisher: pulumi.Input<string>;
+        /**
+         * The sku of the Azure Stack HCI Marketplace Gallery Image. Changing this forces a new Azure Stack HCI Marketplace Gallery Image to be created.
+         */
+        sku: pulumi.Input<string>;
+    }
 }
 export declare namespace storage {
     interface AccountAzureFilesAuthentication {
@@ -48496,7 +48540,7 @@ export declare namespace waf {
          */
         operator: pulumi.Input<string>;
         /**
-         * A list of transformations to do before the match is attempted. Possible values are `HtmlEntityDecode`, `Lowercase`, `RemoveNulls`, `Trim`, `UrlDecode` and `UrlEncode`.
+         * A list of transformations to do before the match is attempted. Possible values are `HtmlEntityDecode`, `Lowercase`, `RemoveNulls`, `Trim`, `Uppercase`, `UrlDecode` and `UrlEncode`.
          */
         transforms?: pulumi.Input<pulumi.Input<string>[]>;
     }
@@ -48606,6 +48650,10 @@ export declare namespace waf {
          * Describes if the policy is in enabled state or disabled state. Defaults to `true`.
          */
         enabled?: pulumi.Input<boolean>;
+        /**
+         * Whether the firewall should block a request with upload size greater then `fileUploadLimitInMb`.
+         */
+        fileUploadEnforcement?: pulumi.Input<boolean>;
         /**
          * The File Upload Limit in MB. Accepted values are in the range `1` to `4000`. Defaults to `100`.
          */

package/types/output.d.ts

@@ -10080,7 +10080,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: string;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: string;
         /**
@@ -12143,7 +12143,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: string;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: string;
         /**
@@ -15034,7 +15034,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: string;
         /**
-         * Configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * Configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: string;
         /**
@@ -17031,7 +17031,7 @@ export declare namespace appservice {
          */
         managedPipelineMode?: string;
         /**
-         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
+         * The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.
          */
         minimumTlsVersion?: string;
         /**
@@ -25469,6 +25469,16 @@ export declare namespace compute {
          */
         regularPercentageAboveBase?: number;
     }
+    interface OrchestratedVirtualMachineScaleSetSkuProfile {
+        /**
+         * Specifies the allocation strategy for the virtual machine scale set based on which the VMs will be allocated. Possible values are `LowestPrice` and `CapacityOptimized`.
+         */
+        allocationStrategy: string;
+        /**
+         * Specifies the VM sizes for the virtual machine scale set.
+         */
+        vmSizes: string[];
+    }
     interface OrchestratedVirtualMachineScaleSetSourceImageReference {
         /**
          * Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
@@ -30753,6 +30763,14 @@ export declare namespace containerservice {
          * Detect similar node groups and balance the number of nodes between them. Defaults to `false`.
          */
         balanceSimilarNodeGroups?: boolean;
+        /**
+         * Whether DaemonSet pods will be gracefully terminated from empty nodes. Defaults to `false`.
+         */
+        daemonsetEvictionForEmptyNodesEnabled?: boolean;
+        /**
+         * Whether DaemonSet pods will be gracefully terminated from non-empty nodes. Defaults to `true`.
+         */
+        daemonsetEvictionForOccupiedNodesEnabled?: boolean;
         /**
          * Maximum number of empty nodes that can be deleted at the same time. Defaults to `10`.
          */
@@ -30761,6 +30779,10 @@ export declare namespace containerservice {
          * Expander to use. Possible values are `least-waste`, `priority`, `most-pods` and `random`. Defaults to `random`.
          */
         expander?: string;
+        /**
+         * Whether DaemonSet pods will be ignored when calculating resource utilization for scale down. Defaults to `false`.
+         */
+        ignoreDaemonsetsUtilizationEnabled?: boolean;
         /**
          * Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to `600`.
          */
@@ -31696,6 +31718,10 @@ export declare namespace containerservice {
         serviceCidrs: string[];
     }
     interface KubernetesClusterNetworkProfileLoadBalancerProfile {
+        /**
+         * The type of the managed inbound Load Balancer Backend Pool. Possible values are `NodeIP` and `NodeIPConfiguration`. Defaults to `NodeIPConfiguration`. See [the documentation](https://learn.microsoft.com/en-us/azure/aks/load-balancer-standard#change-the-inbound-pool-type) for more information.
+         */
+        backendPoolType?: string;
         /**
          * The outcome (resource IDs) of the specified arguments.
          */
@@ -50584,11 +50610,13 @@ export declare namespace network {
          */
         id: string;
         /**
-         * The Secret ID of (base-64 encoded unencrypted pfx) the `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required if `data` is not set.
+         * The Secret ID of the (base-64 encoded unencrypted pfx) `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required if `data` is not set.
+         *
+         * > **NOTE:** To implement certificate rotation, `versionlessSecretId` should be used, although `secretId` is also supported.
          *
          * > **NOTE:** TLS termination with Key Vault certificates is limited to the [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/key-vault-certs).
          *
-         * > **NOTE:** For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
+         * > **NOTE:** For TLS termination with Key Vault certificates to work properly, an existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
          */
         keyVaultSecretId?: string;
         /**
@@ -50688,11 +50716,13 @@ export declare namespace network {
          */
         id: string;
         /**
-         * The Secret ID of (base-64 encoded unencrypted pfx) `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required if `data` is not set.
+         * The Secret ID of the (base-64 encoded unencrypted pfx) `Secret` or `Certificate` object stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required if `data` is not set.
+         *
+         * > **NOTE:** To implement certificate rotation, `versionlessSecretId` should be used, although `secretId` is also supported.
          *
          * > **NOTE:** TLS termination with Key Vault certificates is limited to the [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/key-vault-certs).
          *
-         * > **NOTE:** For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
+         * > **NOTE:** For TLS termination with Key Vault certificates to work properly, an existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via `identity` block. Additionally, access policies in the Key Vault to allow the identity to be granted *get* access to the secret should be defined.
          */
         keyVaultSecretId?: string;
         /**
@@ -60420,6 +60450,20 @@ export declare namespace stack {
          */
         nextHopIpAddress: string;
     }
+    interface HciMarketplaceGalleryImageIdentifier {
+        /**
+         * The offer of the Azure Stack HCI Marketplace Gallery Image. Changing this forces a new Azure Stack HCI Marketplace Gallery Image to be created.
+         */
+        offer: string;
+        /**
+         * The publisher of the Azure Stack HCI Marketplace Gallery Image. Changing this forces a new Azure Stack HCI Marketplace Gallery Image to be created.
+         */
+        publisher: string;
+        /**
+         * The sku of the Azure Stack HCI Marketplace Gallery Image. Changing this forces a new Azure Stack HCI Marketplace Gallery Image to be created.
+         */
+        sku: string;
+    }
 }
 export declare namespace storage {
     interface AccountAzureFilesAuthentication {
@@ -62310,7 +62354,7 @@ export declare namespace waf {
          */
         operator: string;
         /**
-         * A list of transformations to do before the match is attempted. Possible values are `HtmlEntityDecode`, `Lowercase`, `RemoveNulls`, `Trim`, `UrlDecode` and `UrlEncode`.
+         * A list of transformations to do before the match is attempted. Possible values are `HtmlEntityDecode`, `Lowercase`, `RemoveNulls`, `Trim`, `Uppercase`, `UrlDecode` and `UrlEncode`.
          */
         transforms?: string[];
     }
@@ -62420,6 +62464,10 @@ export declare namespace waf {
          * Describes if the policy is in enabled state or disabled state. Defaults to `true`.
          */
         enabled?: boolean;
+        /**
+         * Whether the firewall should block a request with upload size greater then `fileUploadLimitInMb`.
+         */
+        fileUploadEnforcement: boolean;
         /**
          * The File Upload Limit in MB. Accepted values are in the range `1` to `4000`. Defaults to `100`.
          */