@pulumi/gcp 6.10.0 → 6.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/cloudbuild/workerPool.d.ts +0 -2
  2. package/cloudbuild/workerPool.js +0 -2
  3. package/cloudbuild/workerPool.js.map +1 -1
  4. package/cloudfunctions/function.d.ts +24 -0
  5. package/cloudfunctions/function.js +4 -0
  6. package/cloudfunctions/function.js.map +1 -1
  7. package/cloudfunctions/getFunction.d.ts +2 -0
  8. package/cloudfunctions/getFunction.js.map +1 -1
  9. package/compute/backendService.d.ts +1 -5
  10. package/compute/backendService.js +1 -5
  11. package/compute/backendService.js.map +1 -1
  12. package/compute/backendServiceIamBinding.d.ts +54 -0
  13. package/compute/backendServiceIamBinding.js +65 -0
  14. package/compute/backendServiceIamBinding.js.map +1 -0
  15. package/compute/backendServiceIamMember.d.ts +54 -0
  16. package/compute/backendServiceIamMember.js +65 -0
  17. package/compute/backendServiceIamMember.js.map +1 -0
  18. package/compute/backendServiceIamPolicy.d.ts +47 -0
  19. package/compute/backendServiceIamPolicy.js +58 -0
  20. package/compute/backendServiceIamPolicy.js.map +1 -0
  21. package/compute/getInstanceTemplate.d.ts +5 -5
  22. package/compute/getInstanceTemplate.js +1 -0
  23. package/compute/getInstanceTemplate.js.map +1 -1
  24. package/compute/globalForwardingRule.d.ts +51 -4
  25. package/compute/globalForwardingRule.js +39 -1
  26. package/compute/globalForwardingRule.js.map +1 -1
  27. package/compute/index.d.ts +3 -0
  28. package/compute/index.js +15 -0
  29. package/compute/index.js.map +1 -1
  30. package/compute/regionNetworkEndpointGroup.d.ts +24 -9
  31. package/compute/regionNetworkEndpointGroup.js +2 -0
  32. package/compute/regionNetworkEndpointGroup.js.map +1 -1
  33. package/container/cluster.d.ts +1 -1
  34. package/container/cluster.js +1 -1
  35. package/package.json +2 -2
  36. package/package.json.dev +2 -2
  37. package/servicenetworking/connection.d.ts +6 -0
  38. package/servicenetworking/connection.js.map +1 -1
  39. package/storage/bucket.d.ts +9 -0
  40. package/storage/bucket.js.map +1 -1
  41. package/types/input.d.ts +223 -33
  42. package/types/output.d.ts +245 -33
  43. package/vpcaccess/connector.d.ts +3 -3
package/types/input.d.ts CHANGED
@@ -5553,6 +5553,52 @@ export declare namespace cloudfunctions {
5553
5553
  expression: pulumi.Input<string>;
5554
5554
  title: pulumi.Input<string>;
5555
5555
  }
5556
+ interface FunctionSecretEnvironmentVariable {
5557
+ /**
5558
+ * Name of the environment variable.
5559
+ */
5560
+ key: pulumi.Input<string>;
5561
+ /**
5562
+ * Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
5563
+ */
5564
+ projectId?: pulumi.Input<string>;
5565
+ /**
5566
+ * ID of the secret in secret manager (not the full resource name).
5567
+ */
5568
+ secret: pulumi.Input<string>;
5569
+ /**
5570
+ * Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
5571
+ */
5572
+ version: pulumi.Input<string>;
5573
+ }
5574
+ interface FunctionSecretVolume {
5575
+ /**
5576
+ * The path within the container to mount the secret volume. For example, setting the mountPath as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
5577
+ */
5578
+ mountPath: pulumi.Input<string>;
5579
+ /**
5580
+ * Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
5581
+ */
5582
+ projectId?: pulumi.Input<string>;
5583
+ /**
5584
+ * ID of the secret in secret manager (not the full resource name).
5585
+ */
5586
+ secret: pulumi.Input<string>;
5587
+ /**
5588
+ * List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
5589
+ */
5590
+ versions?: pulumi.Input<pulumi.Input<inputs.cloudfunctions.FunctionSecretVolumeVersion>[]>;
5591
+ }
5592
+ interface FunctionSecretVolumeVersion {
5593
+ /**
5594
+ * Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
5595
+ */
5596
+ path: pulumi.Input<string>;
5597
+ /**
5598
+ * Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
5599
+ */
5600
+ version: pulumi.Input<string>;
5601
+ }
5556
5602
  interface FunctionSourceRepository {
5557
5603
  deployedUrl?: pulumi.Input<string>;
5558
5604
  /**
@@ -6096,15 +6142,15 @@ export declare namespace cloudrun {
6096
6142
  }
6097
6143
  interface ServiceTemplateSpecContainerPort {
6098
6144
  /**
6099
- * Port number.
6145
+ * Port number the container listens on. This must be a valid port number, 0 < x < 65536.
6100
6146
  */
6101
- containerPort: pulumi.Input<number>;
6147
+ containerPort?: pulumi.Input<number>;
6102
6148
  /**
6103
6149
  * Volume's name.
6104
6150
  */
6105
6151
  name?: pulumi.Input<string>;
6106
6152
  /**
6107
- * Protocol used on port. Defaults to TCP.
6153
+ * Protocol for port. Must be "TCP". Defaults to "TCP".
6108
6154
  */
6109
6155
  protocol?: pulumi.Input<string>;
6110
6156
  }
@@ -7410,6 +7456,16 @@ export declare namespace compute {
7410
7456
  */
7411
7457
  seconds: pulumi.Input<number>;
7412
7458
  }
7459
+ interface BackendServiceIamBindingCondition {
7460
+ description?: pulumi.Input<string>;
7461
+ expression: pulumi.Input<string>;
7462
+ title: pulumi.Input<string>;
7463
+ }
7464
+ interface BackendServiceIamMemberCondition {
7465
+ description?: pulumi.Input<string>;
7466
+ expression: pulumi.Input<string>;
7467
+ title: pulumi.Input<string>;
7468
+ }
7413
7469
  interface BackendServiceIap {
7414
7470
  /**
7415
7471
  * OAuth2 Client ID for IAP
@@ -7541,7 +7597,17 @@ export declare namespace compute {
7541
7597
  seconds: pulumi.Input<number>;
7542
7598
  }
7543
7599
  interface BackendServiceSecuritySettings {
7600
+ /**
7601
+ * ClientTlsPolicy is a resource that specifies how a client should authenticate
7602
+ * connections to backends of a service. This resource itself does not affect
7603
+ * configuration unless it is attached to a backend service resource.
7604
+ */
7544
7605
  clientTlsPolicy: pulumi.Input<string>;
7606
+ /**
7607
+ * A list of alternate names to verify the subject identity in the certificate.
7608
+ * If specified, the client will verify that the server certificate's subject
7609
+ * alt name matches one of the specified values.
7610
+ */
7545
7611
  subjectAltNames: pulumi.Input<pulumi.Input<string>[]>;
7546
7612
  }
7547
7613
  interface DiskDiskEncryptionKey {
@@ -10640,18 +10706,15 @@ export declare namespace compute {
10640
10706
  */
10641
10707
  service?: pulumi.Input<string>;
10642
10708
  /**
10643
- * A template to parse function field from a request URL. URL mask allows
10644
- * for routing to multiple Cloud Functions without having to create
10645
- * multiple Network Endpoint Groups and backend services.
10646
- * For example, request URLs "mydomain.com/function1" and "mydomain.com/function2"
10647
- * can be backed by the same Serverless NEG with URL mask "/". The URL mask
10648
- * will parse them to { function = "function1" } and { function = "function2" } respectively.
10709
+ * A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources
10710
+ * on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources.
10711
+ * The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID,
10712
+ * App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag
10649
10713
  */
10650
10714
  urlMask?: pulumi.Input<string>;
10651
10715
  /**
10652
- * Optional serving version.
10653
- * The version must be 1-63 characters long, and comply with RFC1035.
10654
- * Example value: "v1", "v2".
10716
+ * The optional resource version. The version identified by this value is platform-specific and is follows:
10717
+ * API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag
10655
10718
  */
10656
10719
  version?: pulumi.Input<string>;
10657
10720
  }
@@ -10663,12 +10726,10 @@ export declare namespace compute {
10663
10726
  */
10664
10727
  function?: pulumi.Input<string>;
10665
10728
  /**
10666
- * A template to parse function field from a request URL. URL mask allows
10667
- * for routing to multiple Cloud Functions without having to create
10668
- * multiple Network Endpoint Groups and backend services.
10669
- * For example, request URLs "mydomain.com/function1" and "mydomain.com/function2"
10670
- * can be backed by the same Serverless NEG with URL mask "/". The URL mask
10671
- * will parse them to { function = "function1" } and { function = "function2" } respectively.
10729
+ * A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources
10730
+ * on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources.
10731
+ * The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID,
10732
+ * App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag
10672
10733
  */
10673
10734
  urlMask?: pulumi.Input<string>;
10674
10735
  }
@@ -10687,15 +10748,38 @@ export declare namespace compute {
10687
10748
  */
10688
10749
  tag?: pulumi.Input<string>;
10689
10750
  /**
10690
- * A template to parse function field from a request URL. URL mask allows
10691
- * for routing to multiple Cloud Functions without having to create
10692
- * multiple Network Endpoint Groups and backend services.
10693
- * For example, request URLs "mydomain.com/function1" and "mydomain.com/function2"
10694
- * can be backed by the same Serverless NEG with URL mask "/". The URL mask
10695
- * will parse them to { function = "function1" } and { function = "function2" } respectively.
10751
+ * A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources
10752
+ * on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources.
10753
+ * The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID,
10754
+ * App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag
10696
10755
  */
10697
10756
  urlMask?: pulumi.Input<string>;
10698
10757
  }
10758
+ interface RegionNetworkEndpointGroupServerlessDeployment {
10759
+ /**
10760
+ * The platform of the NEG backend target(s). Possible values:
10761
+ * API Gateway: apigateway.googleapis.com
10762
+ */
10763
+ platform: pulumi.Input<string>;
10764
+ /**
10765
+ * The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask.
10766
+ * The resource identified by this value is platform-specific and is as follows: API Gateway: The gateway ID, App Engine: The service name,
10767
+ * Cloud Functions: The function name, Cloud Run: The service name
10768
+ */
10769
+ resource?: pulumi.Input<string>;
10770
+ /**
10771
+ * A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources
10772
+ * on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources.
10773
+ * The fields parsed by this template are platform-specific and are as follows: API Gateway: The gateway ID,
10774
+ * App Engine: The service and version, Cloud Functions: The function name, Cloud Run: The service and tag
10775
+ */
10776
+ urlMask: pulumi.Input<string>;
10777
+ /**
10778
+ * The optional resource version. The version identified by this value is platform-specific and is follows:
10779
+ * API Gateway: Unused, App Engine: The service version, Cloud Functions: Unused, Cloud Run: The service tag
10780
+ */
10781
+ version?: pulumi.Input<string>;
10782
+ }
10699
10783
  interface RegionPerInstanceConfigPreservedState {
10700
10784
  /**
10701
10785
  * Stateful disks for the instance.
@@ -12333,6 +12417,8 @@ export declare namespace compute {
12333
12417
  * Action to take when `match` matches the request. Valid values:
12334
12418
  * * "allow" : allow access to target
12335
12419
  * * "deny(status)" : deny access to target, returns the HTTP response code specified (valid values are 403, 404 and 502)
12420
+ * * "rateBasedBan" : limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rateLimitOptions to be set.
12421
+ * * "threshold" : limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rateLimitOptions to be set for this.
12336
12422
  */
12337
12423
  action: pulumi.Input<string>;
12338
12424
  /**
@@ -12354,6 +12440,11 @@ export declare namespace compute {
12354
12440
  * Rules are evaluated from highest priority (lowest numerically) to lowest priority (highest numerically) in order.
12355
12441
  */
12356
12442
  priority: pulumi.Input<number>;
12443
+ /**
12444
+ * )
12445
+ * Must be specified if the `action` is "rateBasedBad" or "throttle". Cannot be specified for other actions. Structure is documented below.
12446
+ */
12447
+ rateLimitOptions?: pulumi.Input<inputs.compute.SecurityPolicyRuleRateLimitOptions>;
12357
12448
  }
12358
12449
  interface SecurityPolicyRuleMatch {
12359
12450
  /**
@@ -12390,6 +12481,66 @@ export declare namespace compute {
12390
12481
  */
12391
12482
  expression: pulumi.Input<string>;
12392
12483
  }
12484
+ interface SecurityPolicyRuleRateLimitOptions {
12485
+ /**
12486
+ * Can only be specified if the `action` for the rule is "rateBasedBan".
12487
+ * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold.
12488
+ */
12489
+ banDurationSec?: pulumi.Input<number>;
12490
+ /**
12491
+ * Can only be specified if the `action` for the rule is "rateBasedBan".
12492
+ * If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also
12493
+ * exceed this 'ban_threshold'. Structure is documented below.
12494
+ */
12495
+ banThreshold?: pulumi.Input<inputs.compute.SecurityPolicyRuleRateLimitOptionsBanThreshold>;
12496
+ /**
12497
+ * Action to take for requests that are under the configured rate limit threshold. Valid option is "allow" only.
12498
+ */
12499
+ conformAction: pulumi.Input<string>;
12500
+ /**
12501
+ * Determines the key to enforce the rateLimitThreshold on.
12502
+ * Possible values incude "ALL", "ALL_IPS", "HTTP_HEADER", "IP", "XFF_IP". If not specified, defaults to "ALL".
12503
+ */
12504
+ enforceOnKey?: pulumi.Input<string>;
12505
+ /**
12506
+ * Rate limit key name applicable only for HTTP_HEADER key types. Name of the HTTP header whose value is taken as the key value.
12507
+ */
12508
+ enforceOnKeyName?: pulumi.Input<string>;
12509
+ /**
12510
+ * When a request is denied, returns the HTTP response code specified.
12511
+ * Valid options are "deny()" where valid values for status are 403, 404, 429, and 502.
12512
+ */
12513
+ exceedAction: pulumi.Input<string>;
12514
+ exceedRedirectOptions?: pulumi.Input<inputs.compute.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions>;
12515
+ /**
12516
+ * Threshold at which to begin ratelimiting. Structure is documented below.
12517
+ */
12518
+ rateLimitThreshold: pulumi.Input<inputs.compute.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold>;
12519
+ }
12520
+ interface SecurityPolicyRuleRateLimitOptionsBanThreshold {
12521
+ /**
12522
+ * Number of HTTP(S) requests for calculating the threshold.
12523
+ */
12524
+ count: pulumi.Input<number>;
12525
+ /**
12526
+ * Interval over which the threshold is computed.
12527
+ */
12528
+ intervalSec: pulumi.Input<number>;
12529
+ }
12530
+ interface SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions {
12531
+ target?: pulumi.Input<string>;
12532
+ type: pulumi.Input<string>;
12533
+ }
12534
+ interface SecurityPolicyRuleRateLimitOptionsRateLimitThreshold {
12535
+ /**
12536
+ * Number of HTTP(S) requests for calculating the threshold.
12537
+ */
12538
+ count: pulumi.Input<number>;
12539
+ /**
12540
+ * Interval over which the threshold is computed.
12541
+ */
12542
+ intervalSec: pulumi.Input<number>;
12543
+ }
12393
12544
  interface SecurityScanConfigAuthentication {
12394
12545
  /**
12395
12546
  * Describes authentication configuration that uses a custom account.
@@ -14907,6 +15058,12 @@ export declare namespace container {
14907
15058
  * Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. Defaults to disabled; set `enabled = true` to enable.
14908
15059
  */
14909
15060
  gcePersistentDiskCsiDriverConfig?: pulumi.Input<inputs.container.ClusterAddonsConfigGcePersistentDiskCsiDriverConfig>;
15061
+ /**
15062
+ * The status of the Filestore CSI driver addon,
15063
+ * which allows the usage of filestore instance as volumes.
15064
+ * It is disbaled by default; set `enabled = true` to enable.
15065
+ */
15066
+ gcpFilestoreCsiDriverConfig?: pulumi.Input<inputs.container.ClusterAddonsConfigGcpFilestoreCsiDriverConfig>;
14910
15067
  /**
14911
15068
  * The status of the Horizontal Pod Autoscaling
14912
15069
  * addon, which increases or decreases the number of replica pods a replication controller
@@ -14974,6 +15131,13 @@ export declare namespace container {
14974
15131
  */
14975
15132
  enabled: pulumi.Input<boolean>;
14976
15133
  }
15134
+ interface ClusterAddonsConfigGcpFilestoreCsiDriverConfig {
15135
+ /**
15136
+ * Enable the PodSecurityPolicy controller for this cluster.
15137
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
15138
+ */
15139
+ enabled: pulumi.Input<boolean>;
15140
+ }
14977
15141
  interface ClusterAddonsConfigHorizontalPodAutoscaling {
14978
15142
  /**
14979
15143
  * The status of the Istio addon, which makes it easy to set up Istio for services in a
@@ -15046,6 +15210,11 @@ export declare namespace container {
15046
15210
  resourceLimits?: pulumi.Input<pulumi.Input<inputs.container.ClusterClusterAutoscalingResourceLimit>[]>;
15047
15211
  }
15048
15212
  interface ClusterClusterAutoscalingAutoProvisioningDefaults {
15213
+ /**
15214
+ * The image type to use for this node. Note that changing the image type
15215
+ * will delete and recreate all nodes in the node pool.
15216
+ */
15217
+ imageType?: pulumi.Input<string>;
15049
15218
  /**
15050
15219
  * Minimum CPU platform to be used by this instance.
15051
15220
  * The instance may be scheduled on the specified or newer CPU platform. Applicable
@@ -15249,7 +15418,7 @@ export declare namespace container {
15249
15418
  }
15250
15419
  interface ClusterNodeConfig {
15251
15420
  /**
15252
- * The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption
15421
+ * The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: <https://cloud.google.com/compute/docs/disks/customer-managed-encryption>
15253
15422
  */
15254
15423
  bootDiskKmsKey?: pulumi.Input<string>;
15255
15424
  /**
@@ -15348,8 +15517,7 @@ export declare namespace container {
15348
15517
  */
15349
15518
  preemptible?: pulumi.Input<boolean>;
15350
15519
  /**
15351
- * ) [GKE Sandbox](https://cloud.google.com/kubernetes-engine/docs/how-to/sandbox-pods) configuration. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion = "1.12.7-gke.17"` or later to use it.
15352
- * >>>>>>> v4.3.0
15520
+ * [GKE Sandbox](https://cloud.google.com/kubernetes-engine/docs/how-to/sandbox-pods) configuration. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion = "1.12.7-gke.17"` or later to use it.
15353
15521
  * Structure is documented below.
15354
15522
  */
15355
15523
  sandboxConfig?: pulumi.Input<inputs.container.ClusterNodeConfigSandboxConfig>;
@@ -15557,7 +15725,7 @@ export declare namespace container {
15557
15725
  }
15558
15726
  interface ClusterNodePoolNodeConfig {
15559
15727
  /**
15560
- * The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption
15728
+ * The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: <https://cloud.google.com/compute/docs/disks/customer-managed-encryption>
15561
15729
  */
15562
15730
  bootDiskKmsKey?: pulumi.Input<string>;
15563
15731
  /**
@@ -15656,8 +15824,7 @@ export declare namespace container {
15656
15824
  */
15657
15825
  preemptible?: pulumi.Input<boolean>;
15658
15826
  /**
15659
- * ) [GKE Sandbox](https://cloud.google.com/kubernetes-engine/docs/how-to/sandbox-pods) configuration. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion = "1.12.7-gke.17"` or later to use it.
15660
- * >>>>>>> v4.3.0
15827
+ * [GKE Sandbox](https://cloud.google.com/kubernetes-engine/docs/how-to/sandbox-pods) configuration. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion = "1.12.7-gke.17"` or later to use it.
15661
15828
  * Structure is documented below.
15662
15829
  */
15663
15830
  sandboxConfig?: pulumi.Input<inputs.container.ClusterNodePoolNodeConfigSandboxConfig>;
@@ -26407,6 +26574,10 @@ export declare namespace spanner {
26407
26574
  }
26408
26575
  export declare namespace sql {
26409
26576
  interface DatabaseInstanceClone {
26577
+ /**
26578
+ * The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the cloned instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression a-z?.
26579
+ */
26580
+ allocatedIpRange?: pulumi.Input<string>;
26410
26581
  /**
26411
26582
  * The timestamp of the point in time that should be restored.
26412
26583
  */
@@ -26560,8 +26731,7 @@ export declare namespace sql {
26560
26731
  */
26561
26732
  backupRetentionSettings?: pulumi.Input<inputs.sql.DatabaseInstanceSettingsBackupConfigurationBackupRetentionSettings>;
26562
26733
  /**
26563
- * True if binary logging is enabled. If
26564
- * `settings.backup_configuration.enabled` is false, this must be as well.
26734
+ * True if binary logging is enabled.
26565
26735
  * Cannot be used with Postgres.
26566
26736
  */
26567
26737
  binaryLogEnabled?: pulumi.Input<boolean>;
@@ -26630,7 +26800,7 @@ export declare namespace sql {
26630
26800
  }
26631
26801
  interface DatabaseInstanceSettingsIpConfiguration {
26632
26802
  /**
26633
- * The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://datatracker.ietf.org/doc/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression a-z?.
26803
+ * The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the cloned instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression a-z?.
26634
26804
  */
26635
26805
  allocatedIpRange?: pulumi.Input<string>;
26636
26806
  authorizedNetworks?: pulumi.Input<pulumi.Input<inputs.sql.DatabaseInstanceSettingsIpConfigurationAuthorizedNetwork>[]>;
@@ -26948,6 +27118,14 @@ export declare namespace storage {
26948
27118
  * Only objects that satisfy these object conditions are included in the set of data source and data sink objects. Object conditions based on objects' `lastModificationTime` do not exclude objects in a data sink. Structure documented below.
26949
27119
  */
26950
27120
  objectConditions?: pulumi.Input<inputs.storage.TransferJobTransferSpecObjectConditions>;
27121
+ /**
27122
+ * A POSIX data sink. Structure documented below.
27123
+ */
27124
+ posixDataSink?: pulumi.Input<inputs.storage.TransferJobTransferSpecPosixDataSink>;
27125
+ /**
27126
+ * A POSIX filesystem data source. Structure documented below.
27127
+ */
27128
+ posixDataSource?: pulumi.Input<inputs.storage.TransferJobTransferSpecPosixDataSource>;
26951
27129
  /**
26952
27130
  * Characteristics of how to treat files from datasource and sink during job. If the option `deleteObjectsUniqueInSink` is true, object conditions based on objects' `lastModificationTime` are ignored and do not exclude objects in a data source or a data sink. Structure documented below.
26953
27131
  */
@@ -27045,6 +27223,18 @@ export declare namespace storage {
27045
27223
  */
27046
27224
  minTimeElapsedSinceLastModification?: pulumi.Input<string>;
27047
27225
  }
27226
+ interface TransferJobTransferSpecPosixDataSink {
27227
+ /**
27228
+ * Root directory path to the filesystem.
27229
+ */
27230
+ rootDirectory: pulumi.Input<string>;
27231
+ }
27232
+ interface TransferJobTransferSpecPosixDataSource {
27233
+ /**
27234
+ * Root directory path to the filesystem.
27235
+ */
27236
+ rootDirectory: pulumi.Input<string>;
27237
+ }
27048
27238
  interface TransferJobTransferSpecTransferOptions {
27049
27239
  /**
27050
27240
  * Whether objects should be deleted from the source after they are transferred to the sink. Note that this option and `deleteObjectsUniqueInSink` are mutually exclusive.