@pulumi/gcp 6.37.0-alpha.1663276359 → 6.37.0-alpha.1663278410

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (96) hide show
  1. package/apigee/environment.d.ts +16 -0
  2. package/apigee/environment.js +2 -0
  3. package/apigee/environment.js.map +1 -1
  4. package/apigee/organization.d.ts +18 -2
  5. package/apigee/organization.js +2 -0
  6. package/apigee/organization.js.map +1 -1
  7. package/appengine/flexibleAppVersion.d.ts +32 -1
  8. package/appengine/flexibleAppVersion.js +19 -1
  9. package/appengine/flexibleAppVersion.js.map +1 -1
  10. package/bigqueryanalyticshub/dataExchanceIamMember.d.ts +136 -0
  11. package/bigqueryanalyticshub/dataExchanceIamMember.js +95 -0
  12. package/bigqueryanalyticshub/dataExchanceIamMember.js.map +1 -0
  13. package/bigqueryanalyticshub/dataExchange.d.ts +189 -0
  14. package/bigqueryanalyticshub/dataExchange.js +114 -0
  15. package/bigqueryanalyticshub/dataExchange.js.map +1 -0
  16. package/bigqueryanalyticshub/dataExchangeIamBinding.d.ts +136 -0
  17. package/bigqueryanalyticshub/dataExchangeIamBinding.js +95 -0
  18. package/bigqueryanalyticshub/dataExchangeIamBinding.js.map +1 -0
  19. package/bigqueryanalyticshub/dataExchangeIamPolicy.d.ts +126 -0
  20. package/bigqueryanalyticshub/dataExchangeIamPolicy.js +88 -0
  21. package/bigqueryanalyticshub/dataExchangeIamPolicy.js.map +1 -0
  22. package/bigqueryanalyticshub/index.d.ts +4 -0
  23. package/bigqueryanalyticshub/index.js +52 -0
  24. package/bigqueryanalyticshub/index.js.map +1 -0
  25. package/certificatemanager/certificateMap.d.ts +0 -2
  26. package/certificatemanager/certificateMap.js +0 -2
  27. package/certificatemanager/certificateMap.js.map +1 -1
  28. package/certificatemanager/certificateMapEntry.d.ts +0 -2
  29. package/certificatemanager/certificateMapEntry.js +0 -2
  30. package/certificatemanager/certificateMapEntry.js.map +1 -1
  31. package/certificatemanager/dnsAuthorization.d.ts +0 -2
  32. package/certificatemanager/dnsAuthorization.js +0 -2
  33. package/certificatemanager/dnsAuthorization.js.map +1 -1
  34. package/cloudbuild/trigger.d.ts +26 -0
  35. package/cloudbuild/trigger.js +10 -0
  36. package/cloudbuild/trigger.js.map +1 -1
  37. package/compute/resourcePolicy.d.ts +31 -0
  38. package/compute/resourcePolicy.js +31 -0
  39. package/compute/resourcePolicy.js.map +1 -1
  40. package/compute/snapshot.d.ts +53 -0
  41. package/compute/snapshot.js +28 -0
  42. package/compute/snapshot.js.map +1 -1
  43. package/compute/targetSSLProxy.d.ts +20 -2
  44. package/compute/targetSSLProxy.js +2 -3
  45. package/compute/targetSSLProxy.js.map +1 -1
  46. package/config/vars.d.ts +2 -0
  47. package/config/vars.js +12 -0
  48. package/config/vars.js.map +1 -1
  49. package/container/cluster.d.ts +36 -0
  50. package/container/cluster.js +6 -0
  51. package/container/cluster.js.map +1 -1
  52. package/container/getCluster.d.ts +3 -0
  53. package/container/getCluster.js.map +1 -1
  54. package/datastream/connectionProfile.d.ts +301 -0
  55. package/datastream/connectionProfile.js +190 -0
  56. package/datastream/connectionProfile.js.map +1 -0
  57. package/datastream/index.d.ts +1 -0
  58. package/datastream/index.js +37 -0
  59. package/datastream/index.js.map +1 -0
  60. package/dns/responsePolicyRule.d.ts +12 -0
  61. package/dns/responsePolicyRule.js +2 -0
  62. package/dns/responsePolicyRule.js.map +1 -1
  63. package/index.d.ts +3 -1
  64. package/index.js +6 -2
  65. package/index.js.map +1 -1
  66. package/logging/billingAccountSink.d.ts +3 -15
  67. package/logging/billingAccountSink.js.map +1 -1
  68. package/logging/folderSink.d.ts +6 -18
  69. package/logging/folderSink.js.map +1 -1
  70. package/logging/organizationSink.d.ts +3 -15
  71. package/logging/organizationSink.js.map +1 -1
  72. package/logging/projectSink.d.ts +3 -95
  73. package/logging/projectSink.js +0 -80
  74. package/logging/projectSink.js.map +1 -1
  75. package/monitoring/getNotificationChannel.d.ts +1 -0
  76. package/monitoring/getNotificationChannel.js.map +1 -1
  77. package/monitoring/notificationChannel.d.ts +25 -0
  78. package/monitoring/notificationChannel.js +3 -0
  79. package/monitoring/notificationChannel.js.map +1 -1
  80. package/package.json +2 -2
  81. package/package.json.dev +2 -2
  82. package/provider.d.ts +4 -0
  83. package/provider.js +2 -0
  84. package/provider.js.map +1 -1
  85. package/storage/bucketObject.d.ts +6 -15
  86. package/storage/bucketObject.js.map +1 -1
  87. package/storage/getBucketObject.d.ts +6 -0
  88. package/storage/getBucketObject.js.map +1 -1
  89. package/types/input.d.ts +364 -25
  90. package/types/output.d.ts +385 -25
  91. package/vertex/aiFeatureStore.d.ts +18 -0
  92. package/vertex/aiFeatureStore.js +5 -0
  93. package/vertex/aiFeatureStore.js.map +1 -1
  94. package/vertex/aiFeatureStoreEntityType.d.ts +3 -0
  95. package/vertex/aiFeatureStoreEntityType.js +3 -0
  96. package/vertex/aiFeatureStoreEntityType.js.map +1 -1
package/types/output.d.ts CHANGED
@@ -1539,6 +1539,43 @@ export declare namespace apigee {
1539
1539
  expression: string;
1540
1540
  title: string;
1541
1541
  }
1542
+ interface EnvironmentNodeConfig {
1543
+ /**
1544
+ * -
1545
+ * The current total number of gateway nodes that each environment currently has across
1546
+ * all instances.
1547
+ */
1548
+ currentAggregateNodeCount: string;
1549
+ /**
1550
+ * The maximum total number of gateway nodes that the is reserved for all instances that
1551
+ * has the specified environment. If not specified, the default is determined by the
1552
+ * recommended maximum number of nodes for that gateway.
1553
+ */
1554
+ maxNodeCount?: string;
1555
+ /**
1556
+ * The minimum total number of gateway nodes that the is reserved for all instances that
1557
+ * has the specified environment. If not specified, the default is determined by the
1558
+ * recommended minimum number of nodes for that gateway.
1559
+ */
1560
+ minNodeCount?: string;
1561
+ }
1562
+ interface OrganizationProperties {
1563
+ /**
1564
+ * List of all properties in the object.
1565
+ * Structure is documented below.
1566
+ */
1567
+ properties?: outputs.apigee.OrganizationPropertiesProperty[];
1568
+ }
1569
+ interface OrganizationPropertiesProperty {
1570
+ /**
1571
+ * Name of the property.
1572
+ */
1573
+ name?: string;
1574
+ /**
1575
+ * Value of the property.
1576
+ */
1577
+ value?: string;
1578
+ }
1542
1579
  }
1543
1580
  export declare namespace appengine {
1544
1581
  interface ApplicationFeatureSettings {
@@ -3453,6 +3490,18 @@ export declare namespace bigquery {
3453
3490
  useLegacySql?: boolean;
3454
3491
  }
3455
3492
  }
3493
+ export declare namespace bigqueryanalyticshub {
3494
+ interface DataExchanceIamMemberCondition {
3495
+ description?: string;
3496
+ expression: string;
3497
+ title: string;
3498
+ }
3499
+ interface DataExchangeIamBindingCondition {
3500
+ description?: string;
3501
+ expression: string;
3502
+ title: string;
3503
+ }
3504
+ }
3456
3505
  export declare namespace bigtable {
3457
3506
  interface GCPolicyMaxAge {
3458
3507
  /**
@@ -6535,8 +6584,7 @@ export declare namespace cloudfunctionsv2 {
6535
6584
  */
6536
6585
  invertRegex?: boolean;
6537
6586
  /**
6538
- * ID of the project that owns the Cloud Source Repository. If omitted, the
6539
- * project ID requesting the build is assumed.
6587
+ * Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.
6540
6588
  */
6541
6589
  projectId?: string;
6542
6590
  /**
@@ -6670,6 +6718,16 @@ export declare namespace cloudfunctionsv2 {
6670
6718
  * given time.
6671
6719
  */
6672
6720
  minInstanceCount?: number;
6721
+ /**
6722
+ * Secret environment variables configuration.
6723
+ * Structure is documented below.
6724
+ */
6725
+ secretEnvironmentVariables?: outputs.cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariable[];
6726
+ /**
6727
+ * Secret volumes configuration.
6728
+ * Structure is documented below.
6729
+ */
6730
+ secretVolumes?: outputs.cloudfunctionsv2.FunctionServiceConfigSecretVolume[];
6673
6731
  /**
6674
6732
  * Name of the service associated with a Function.
6675
6733
  */
@@ -6699,6 +6757,53 @@ export declare namespace cloudfunctionsv2 {
6699
6757
  */
6700
6758
  vpcConnectorEgressSettings?: string;
6701
6759
  }
6760
+ interface FunctionServiceConfigSecretEnvironmentVariable {
6761
+ /**
6762
+ * Name of the environment variable.
6763
+ */
6764
+ key: string;
6765
+ /**
6766
+ * Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.
6767
+ */
6768
+ projectId: string;
6769
+ /**
6770
+ * Name of the secret in secret manager (not the full resource name).
6771
+ */
6772
+ secret: string;
6773
+ /**
6774
+ * Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately.
6775
+ */
6776
+ version: string;
6777
+ }
6778
+ interface FunctionServiceConfigSecretVolume {
6779
+ /**
6780
+ * The path within the container to mount the secret volume. For example, setting the mountPath as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets
6781
+ */
6782
+ mountPath: string;
6783
+ /**
6784
+ * Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.
6785
+ */
6786
+ projectId: string;
6787
+ /**
6788
+ * Name of the secret in secret manager (not the full resource name).
6789
+ */
6790
+ secret: string;
6791
+ /**
6792
+ * List of secret versions to mount for this secret. If empty, the latest version of the secret will be made available in a file named after the secret under the mount point.'
6793
+ * Structure is documented below.
6794
+ */
6795
+ versions: outputs.cloudfunctionsv2.FunctionServiceConfigSecretVolumeVersion[];
6796
+ }
6797
+ interface FunctionServiceConfigSecretVolumeVersion {
6798
+ /**
6799
+ * Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as '/etc/secrets' and path as secretFoo would mount the secret value file at /etc/secrets/secret_foo.
6800
+ */
6801
+ path: string;
6802
+ /**
6803
+ * Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately.
6804
+ */
6805
+ version: string;
6806
+ }
6702
6807
  }
6703
6808
  export declare namespace cloudidentity {
6704
6809
  interface GetGroupMembershipsMembership {
@@ -9552,6 +9657,7 @@ export declare namespace compute {
9552
9657
  interface GetInstanceAdvancedMachineFeature {
9553
9658
  enableNestedVirtualization: boolean;
9554
9659
  threadsPerCore: number;
9660
+ visibleCoreCount: number;
9555
9661
  }
9556
9662
  interface GetInstanceAttachedDisk {
9557
9663
  /**
@@ -9786,6 +9892,7 @@ export declare namespace compute {
9786
9892
  interface GetInstanceTemplateAdvancedMachineFeature {
9787
9893
  enableNestedVirtualization: boolean;
9788
9894
  threadsPerCore: number;
9895
+ visibleCoreCount: number;
9789
9896
  }
9790
9897
  interface GetInstanceTemplateConfidentialInstanceConfig {
9791
9898
  enableConfidentialCompute: boolean;
@@ -10131,6 +10238,7 @@ export declare namespace compute {
10131
10238
  startTime: string;
10132
10239
  }
10133
10240
  interface GetResourcePolicySnapshotSchedulePolicySnapshotProperty {
10241
+ chainName: string;
10134
10242
  guestFlush: boolean;
10135
10243
  labels: {
10136
10244
  [key: string]: string;
@@ -10622,6 +10730,10 @@ export declare namespace compute {
10622
10730
  * he number of threads per physical core. To disable [simultaneous multithreading (SMT)](https://cloud.google.com/compute/docs/instances/disabling-smt) set this to 1.
10623
10731
  */
10624
10732
  threadsPerCore?: number;
10733
+ /**
10734
+ * ) The number of physical cores to expose to an instance. [visible cores info (VC)](https://cloud.google.com/compute/docs/instances/customize-visible-cores).
10735
+ */
10736
+ visibleCoreCount?: number;
10625
10737
  }
10626
10738
  interface InstanceAttachedDisk {
10627
10739
  /**
@@ -10736,6 +10848,7 @@ export declare namespace compute {
10736
10848
  interface InstanceFromMachineImageAdvancedMachineFeatures {
10737
10849
  enableNestedVirtualization: boolean;
10738
10850
  threadsPerCore: number;
10851
+ visibleCoreCount: number;
10739
10852
  }
10740
10853
  interface InstanceFromMachineImageAttachedDisk {
10741
10854
  deviceName: string;
@@ -10843,6 +10956,7 @@ export declare namespace compute {
10843
10956
  interface InstanceFromTemplateAdvancedMachineFeatures {
10844
10957
  enableNestedVirtualization: boolean;
10845
10958
  threadsPerCore: number;
10959
+ visibleCoreCount: number;
10846
10960
  }
10847
10961
  interface InstanceFromTemplateAttachedDisk {
10848
10962
  deviceName: string;
@@ -11398,9 +11512,13 @@ export declare namespace compute {
11398
11512
  */
11399
11513
  enableNestedVirtualization?: boolean;
11400
11514
  /**
11401
- * he number of threads per physical core. To disable [simultaneous multithreading (SMT)](https://cloud.google.com/compute/docs/instances/disabling-smt) set this to 1.
11515
+ * The number of threads per physical core. To disable [simultaneous multithreading (SMT)](https://cloud.google.com/compute/docs/instances/disabling-smt) set this to 1.
11402
11516
  */
11403
11517
  threadsPerCore?: number;
11518
+ /**
11519
+ * ) The number of physical cores to expose to an instance. [visible cores info (VC)](https://cloud.google.com/compute/docs/instances/customize-visible-cores).
11520
+ */
11521
+ visibleCoreCount?: number;
11404
11522
  }
11405
11523
  interface InstanceTemplateConfidentialInstanceConfig {
11406
11524
  /**
@@ -14823,6 +14941,12 @@ export declare namespace compute {
14823
14941
  startTime: string;
14824
14942
  }
14825
14943
  interface ResourcePolicySnapshotSchedulePolicySnapshotProperties {
14944
+ /**
14945
+ * Creates the new snapshot in the snapshot chain labeled with the
14946
+ * specified name. The chain name must be 1-63 characters long and comply
14947
+ * with RFC1035.
14948
+ */
14949
+ chainName?: string;
14826
14950
  /**
14827
14951
  * Whether to perform a 'guest aware' snapshot.
14828
14952
  */
@@ -18048,6 +18172,13 @@ export declare namespace container {
18048
18172
  */
18049
18173
  enabled: boolean;
18050
18174
  }
18175
+ interface ClusterCostManagementConfig {
18176
+ /**
18177
+ * Enable the PodSecurityPolicy controller for this cluster.
18178
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
18179
+ */
18180
+ enabled: boolean;
18181
+ }
18051
18182
  interface ClusterDatabaseEncryption {
18052
18183
  /**
18053
18184
  * the key to use to encrypt/decrypt secrets. See the [DatabaseEncryption definition](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#Cluster.DatabaseEncryption) for more information.
@@ -18247,12 +18378,7 @@ export declare namespace container {
18247
18378
  */
18248
18379
  ephemeralStorageConfig?: outputs.container.ClusterNodeConfigEphemeralStorageConfig;
18249
18380
  /**
18250
- * Parameters for the Google Container Filesystem (GCFS).
18251
- * If unspecified, GCFS will not be enabled on the node pool. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion` from GKE versions 1.19 or later to use it.
18252
- * For GKE versions 1.19, 1.20, and 1.21, the recommended minimum `nodeVersion` would be 1.19.15-gke.1300, 1.20.11-gke.1300, and 1.21.5-gke.1300 respectively.
18253
- * A `machineType` that has more than 16 GiB of memory is also recommended.
18254
- * GCFS must be enabled in order to use [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming).
18255
- * Structure is documented below.
18381
+ * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.
18256
18382
  */
18257
18383
  gcfsConfig?: outputs.container.ClusterNodeConfigGcfsConfig;
18258
18384
  /**
@@ -18555,8 +18681,30 @@ export declare namespace container {
18555
18681
  tags?: string[];
18556
18682
  }
18557
18683
  interface ClusterNodePoolAutoscaling {
18558
- maxNodeCount: number;
18559
- minNodeCount: number;
18684
+ locationPolicy?: string;
18685
+ maxNodeCount?: number;
18686
+ minNodeCount?: number;
18687
+ totalMaxNodeCount?: number;
18688
+ totalMinNodeCount?: number;
18689
+ }
18690
+ interface ClusterNodePoolDefaults {
18691
+ /**
18692
+ * ) - Subset of NodeConfig message that has defaults.
18693
+ */
18694
+ nodeConfigDefaults?: outputs.container.ClusterNodePoolDefaultsNodeConfigDefaults;
18695
+ }
18696
+ interface ClusterNodePoolDefaultsNodeConfigDefaults {
18697
+ /**
18698
+ * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.
18699
+ */
18700
+ gcfsConfig?: outputs.container.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig;
18701
+ }
18702
+ interface ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig {
18703
+ /**
18704
+ * Enable the PodSecurityPolicy controller for this cluster.
18705
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
18706
+ */
18707
+ enabled: boolean;
18560
18708
  }
18561
18709
  interface ClusterNodePoolManagement {
18562
18710
  autoRepair?: boolean;
@@ -18596,12 +18744,7 @@ export declare namespace container {
18596
18744
  */
18597
18745
  ephemeralStorageConfig?: outputs.container.ClusterNodePoolNodeConfigEphemeralStorageConfig;
18598
18746
  /**
18599
- * Parameters for the Google Container Filesystem (GCFS).
18600
- * If unspecified, GCFS will not be enabled on the node pool. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion` from GKE versions 1.19 or later to use it.
18601
- * For GKE versions 1.19, 1.20, and 1.21, the recommended minimum `nodeVersion` would be 1.19.15-gke.1300, 1.20.11-gke.1300, and 1.21.5-gke.1300 respectively.
18602
- * A `machineType` that has more than 16 GiB of memory is also recommended.
18603
- * GCFS must be enabled in order to use [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming).
18604
- * Structure is documented below.
18747
+ * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.
18605
18748
  */
18606
18749
  gcfsConfig?: outputs.container.ClusterNodePoolNodeConfigGcfsConfig;
18607
18750
  /**
@@ -18963,6 +19106,13 @@ export declare namespace container {
18963
19106
  interface ClusterResourceUsageExportConfigBigqueryDestination {
18964
19107
  datasetId: string;
18965
19108
  }
19109
+ interface ClusterServiceExternalIpsConfig {
19110
+ /**
19111
+ * Enable the PodSecurityPolicy controller for this cluster.
19112
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
19113
+ */
19114
+ enabled: boolean;
19115
+ }
18966
19116
  interface ClusterTpuConfig {
18967
19117
  /**
18968
19118
  * Enable the PodSecurityPolicy controller for this cluster.
@@ -19064,6 +19214,9 @@ export declare namespace container {
19064
19214
  interface GetClusterConfidentialNode {
19065
19215
  enabled: boolean;
19066
19216
  }
19217
+ interface GetClusterCostManagementConfig {
19218
+ enabled: boolean;
19219
+ }
19067
19220
  interface GetClusterDatabaseEncryption {
19068
19221
  keyName: string;
19069
19222
  state: string;
@@ -19244,8 +19397,20 @@ export declare namespace container {
19244
19397
  tags: string[];
19245
19398
  }
19246
19399
  interface GetClusterNodePoolAutoscaling {
19400
+ locationPolicy: string;
19247
19401
  maxNodeCount: number;
19248
19402
  minNodeCount: number;
19403
+ totalMaxNodeCount: number;
19404
+ totalMinNodeCount: number;
19405
+ }
19406
+ interface GetClusterNodePoolDefault {
19407
+ nodeConfigDefaults: outputs.container.GetClusterNodePoolDefaultNodeConfigDefault[];
19408
+ }
19409
+ interface GetClusterNodePoolDefaultNodeConfigDefault {
19410
+ gcfsConfigs: outputs.container.GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig[];
19411
+ }
19412
+ interface GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig {
19413
+ enabled: boolean;
19249
19414
  }
19250
19415
  interface GetClusterNodePoolManagement {
19251
19416
  autoRepair: boolean;
@@ -19372,6 +19537,9 @@ export declare namespace container {
19372
19537
  interface GetClusterResourceUsageExportConfigBigqueryDestination {
19373
19538
  datasetId: string;
19374
19539
  }
19540
+ interface GetClusterServiceExternalIpsConfig {
19541
+ enabled: boolean;
19542
+ }
19375
19543
  interface GetClusterTpuConfig {
19376
19544
  enabled: boolean;
19377
19545
  ipv4CidrBlock: string;
@@ -19385,14 +19553,32 @@ export declare namespace container {
19385
19553
  }
19386
19554
  interface NodePoolAutoscaling {
19387
19555
  /**
19388
- * Maximum number of nodes in the NodePool. Must be >= min_node_count.
19556
+ * Location policy specifies the algorithm used when scaling-up the node pool. \
19557
+ * "BALANCED" - Is a best effort policy that aims to balance the sizes of available zones. \
19558
+ * "ANY" - Instructs the cluster autoscaler to prioritize utilization of unused reservations,
19559
+ * and reduce preemption risk for Spot VMs.
19389
19560
  */
19390
- maxNodeCount: number;
19561
+ locationPolicy?: string;
19391
19562
  /**
19392
- * Minimum number of nodes in the NodePool. Must be >=0 and
19393
- * <= `maxNodeCount`.
19563
+ * Maximum number of nodes per zone in the NodePool.
19564
+ * Must be >= min_node_count. Cannot be used with total limits.
19394
19565
  */
19395
- minNodeCount: number;
19566
+ maxNodeCount?: number;
19567
+ /**
19568
+ * Minimum number of nodes per zone in the NodePool.
19569
+ * Must be >=0 and <= `maxNodeCount`. Cannot be used with total limits.
19570
+ */
19571
+ minNodeCount?: number;
19572
+ /**
19573
+ * Total maximum number of nodes in the NodePool.
19574
+ * Must be >= total_min_node_count. Cannot be used with per zone limits.
19575
+ */
19576
+ totalMaxNodeCount?: number;
19577
+ /**
19578
+ * Total minimum number of nodes in the NodePool.
19579
+ * Must be >=0 and <= `totalMaxNodeCount`. Cannot be used with per zone limits.
19580
+ */
19581
+ totalMinNodeCount?: number;
19396
19582
  }
19397
19583
  interface NodePoolManagement {
19398
19584
  /**
@@ -22645,6 +22831,10 @@ export declare namespace dataproc {
22645
22831
  * Optional. The URIs of service account scopes to be included in Compute Engine instances. The following base set of scopes is always included: * https://www.googleapis.com/auth/cloud.useraccounts.readonly * https://www.googleapis.com/auth/devstorage.read_write * https://www.googleapis.com/auth/logging.write If no scopes are specified, the following defaults are also provided: * https://www.googleapis.com/auth/bigquery * https://www.googleapis.com/auth/bigtable.admin.table * https://www.googleapis.com/auth/bigtable.data * https://www.googleapis.com/auth/devstorage.full_control
22646
22832
  */
22647
22833
  serviceAccountScopes?: string[];
22834
+ /**
22835
+ * Optional. Shielded Instance Config for clusters using [Compute Engine Shielded VMs](https://cloud.google.com/security/shielded-cloud/shielded-vm). Structure defined below.
22836
+ */
22837
+ shieldedInstanceConfig?: outputs.dataproc.WorkflowTemplatePlacementManagedClusterConfigGceClusterConfigShieldedInstanceConfig;
22648
22838
  /**
22649
22839
  * Optional. The Compute Engine subnetwork to be used for machine communications. Cannot be specified with network_uri. A full URL, partial URI, or short name are valid. Examples: * `https://www.googleapis.com/compute/v1/projects//regions/us-east1/subnetworks/sub0` * `sub0`
22650
22840
  */
@@ -22678,6 +22868,20 @@ export declare namespace dataproc {
22678
22868
  */
22679
22869
  values?: string[];
22680
22870
  }
22871
+ interface WorkflowTemplatePlacementManagedClusterConfigGceClusterConfigShieldedInstanceConfig {
22872
+ /**
22873
+ * Optional. Defines whether instances have [Integrity Monitoring](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#integrity-monitoring) enabled.
22874
+ */
22875
+ enableIntegrityMonitoring?: boolean;
22876
+ /**
22877
+ * Optional. Defines whether instances have [Secure Boot](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#secure-boot) enabled.
22878
+ */
22879
+ enableSecureBoot?: boolean;
22880
+ /**
22881
+ * Optional. Defines whether instances have the [vTPM](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#vtpm) enabled.
22882
+ */
22883
+ enableVtpm?: boolean;
22884
+ }
22681
22885
  interface WorkflowTemplatePlacementManagedClusterConfigGkeClusterConfig {
22682
22886
  /**
22683
22887
  * Optional. A target for the deployment.
@@ -23043,6 +23247,156 @@ export declare namespace datastore {
23043
23247
  name: string;
23044
23248
  }
23045
23249
  }
23250
+ export declare namespace datastream {
23251
+ interface ConnectionProfileForwardSshConnectivity {
23252
+ /**
23253
+ * Hostname for the SSH tunnel.
23254
+ */
23255
+ hostname: string;
23256
+ /**
23257
+ * SSH password.
23258
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23259
+ */
23260
+ password?: string;
23261
+ /**
23262
+ * Port for the SSH tunnel.
23263
+ */
23264
+ port?: number;
23265
+ /**
23266
+ * SSH private key.
23267
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23268
+ */
23269
+ privateKey?: string;
23270
+ /**
23271
+ * Username for the SSH tunnel.
23272
+ */
23273
+ username: string;
23274
+ }
23275
+ interface ConnectionProfileGcsProfile {
23276
+ /**
23277
+ * The Cloud Storage bucket name.
23278
+ */
23279
+ bucket: string;
23280
+ /**
23281
+ * The root path inside the Cloud Storage bucket.
23282
+ */
23283
+ rootPath?: string;
23284
+ }
23285
+ interface ConnectionProfileMysqlProfile {
23286
+ /**
23287
+ * Hostname for the SSH tunnel.
23288
+ */
23289
+ hostname: string;
23290
+ /**
23291
+ * SSH password.
23292
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23293
+ */
23294
+ password: string;
23295
+ /**
23296
+ * Port for the SSH tunnel.
23297
+ */
23298
+ port?: number;
23299
+ /**
23300
+ * SSL configuration for the MySQL connection.
23301
+ * Structure is documented below.
23302
+ */
23303
+ sslConfig?: outputs.datastream.ConnectionProfileMysqlProfileSslConfig;
23304
+ /**
23305
+ * Username for the SSH tunnel.
23306
+ */
23307
+ username: string;
23308
+ }
23309
+ interface ConnectionProfileMysqlProfileSslConfig {
23310
+ /**
23311
+ * PEM-encoded certificate of the CA that signed the source database
23312
+ * server's certificate.
23313
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23314
+ */
23315
+ caCertificate?: string;
23316
+ /**
23317
+ * -
23318
+ * Indicates whether the clientKey field is set.
23319
+ */
23320
+ caCertificateSet: boolean;
23321
+ /**
23322
+ * PEM-encoded certificate that will be used by the replica to
23323
+ * authenticate against the source database server. If this field
23324
+ * is used then the 'clientKey' and the 'caCertificate' fields are
23325
+ * mandatory.
23326
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23327
+ */
23328
+ clientCertificate?: string;
23329
+ /**
23330
+ * -
23331
+ * Indicates whether the clientCertificate field is set.
23332
+ */
23333
+ clientCertificateSet: boolean;
23334
+ /**
23335
+ * PEM-encoded private key associated with the Client Certificate.
23336
+ * If this field is used then the 'client_certificate' and the
23337
+ * 'ca_certificate' fields are mandatory.
23338
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23339
+ */
23340
+ clientKey?: string;
23341
+ /**
23342
+ * -
23343
+ * Indicates whether the clientKey field is set.
23344
+ */
23345
+ clientKeySet: boolean;
23346
+ }
23347
+ interface ConnectionProfileOracleProfile {
23348
+ /**
23349
+ * Connection string attributes
23350
+ */
23351
+ connectionAttributes?: {
23352
+ [key: string]: string;
23353
+ };
23354
+ /**
23355
+ * Database for the Oracle connection.
23356
+ */
23357
+ databaseService: string;
23358
+ /**
23359
+ * Hostname for the SSH tunnel.
23360
+ */
23361
+ hostname: string;
23362
+ /**
23363
+ * SSH password.
23364
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23365
+ */
23366
+ password: string;
23367
+ /**
23368
+ * Port for the SSH tunnel.
23369
+ */
23370
+ port?: number;
23371
+ /**
23372
+ * Username for the SSH tunnel.
23373
+ */
23374
+ username: string;
23375
+ }
23376
+ interface ConnectionProfilePostgresqlProfile {
23377
+ /**
23378
+ * Database for the PostgreSQL connection.
23379
+ */
23380
+ database: string;
23381
+ /**
23382
+ * Hostname for the SSH tunnel.
23383
+ */
23384
+ hostname: string;
23385
+ /**
23386
+ * SSH password.
23387
+ * **Note**: This property is sensitive and will not be displayed in the plan.
23388
+ */
23389
+ password: string;
23390
+ /**
23391
+ * Port for the SSH tunnel.
23392
+ */
23393
+ port?: number;
23394
+ /**
23395
+ * Username for the SSH tunnel.
23396
+ */
23397
+ username: string;
23398
+ }
23399
+ }
23046
23400
  export declare namespace deploymentmanager {
23047
23401
  interface DeploymentLabel {
23048
23402
  /**
@@ -25475,7 +25829,7 @@ export declare namespace logging {
25475
25829
  /**
25476
25830
  * Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables).
25477
25831
  * By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned
25478
- * tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
25832
+ * tables, the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
25479
25833
  * has to be used instead. In both cases, tables are sharded based on UTC timezone.
25480
25834
  */
25481
25835
  usePartitionedTables: boolean;
@@ -25503,7 +25857,7 @@ export declare namespace logging {
25503
25857
  /**
25504
25858
  * Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables).
25505
25859
  * By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned
25506
- * tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
25860
+ * tables, the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
25507
25861
  * has to be used instead. In both cases, tables are sharded based on UTC timezone.
25508
25862
  */
25509
25863
  usePartitionedTables: boolean;
@@ -25663,7 +26017,7 @@ export declare namespace logging {
25663
26017
  interface ProjectSinkBigqueryOptions {
25664
26018
  /**
25665
26019
  * Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables).
25666
- * By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned
26020
+ * By default, Logging creates dated tables based on the log entries' timestamps, e.g. `syslog20170523`. With partitioned
25667
26021
  * tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
25668
26022
  * has to be used instead. In both cases, tables are sharded based on UTC timezone.
25669
26023
  */
@@ -32054,6 +32408,12 @@ export declare namespace vertex {
32054
32408
  */
32055
32409
  kmsKeyName?: string;
32056
32410
  }
32411
+ interface AiFeatureStoreEncryptionSpec {
32412
+ /**
32413
+ * The Cloud KMS resource identifier of the customer managed encryption key used to protect a resource. Has the form: projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key. The key needs to be in the same region as where the compute resource is created.
32414
+ */
32415
+ kmsKeyName: string;
32416
+ }
32057
32417
  interface AiFeatureStoreEntityTypeMonitoringConfig {
32058
32418
  /**
32059
32419
  * Configuration of how features in Featurestore are monitored.
@@ -16,6 +16,9 @@ import { input as inputs, output as outputs } from "../types";
16
16
  * onlineServingConfig: {
17
17
  * fixedNodeCount: 2,
18
18
  * },
19
+ * encryptionSpec: {
20
+ * kmsKeyName: "kms-name",
21
+ * },
19
22
  * forceDestroy: true,
20
23
  * }, {
21
24
  * provider: google_beta,
@@ -63,6 +66,11 @@ export declare class AiFeatureStore extends pulumi.CustomResource {
63
66
  * nine fractional digits.
64
67
  */
65
68
  readonly createTime: pulumi.Output<string>;
69
+ /**
70
+ * If set, both of the online and offline data storage will be secured by this key.
71
+ * Structure is documented below.
72
+ */
73
+ readonly encryptionSpec: pulumi.Output<outputs.vertex.AiFeatureStoreEncryptionSpec | undefined>;
66
74
  /**
67
75
  * Used to perform consistent read-modify-write updates.
68
76
  */
@@ -118,6 +126,11 @@ export interface AiFeatureStoreState {
118
126
  * nine fractional digits.
119
127
  */
120
128
  createTime?: pulumi.Input<string>;
129
+ /**
130
+ * If set, both of the online and offline data storage will be secured by this key.
131
+ * Structure is documented below.
132
+ */
133
+ encryptionSpec?: pulumi.Input<inputs.vertex.AiFeatureStoreEncryptionSpec>;
121
134
  /**
122
135
  * Used to perform consistent read-modify-write updates.
123
136
  */
@@ -160,6 +173,11 @@ export interface AiFeatureStoreState {
160
173
  * The set of arguments for constructing a AiFeatureStore resource.
161
174
  */
162
175
  export interface AiFeatureStoreArgs {
176
+ /**
177
+ * If set, both of the online and offline data storage will be secured by this key.
178
+ * Structure is documented below.
179
+ */
180
+ encryptionSpec?: pulumi.Input<inputs.vertex.AiFeatureStoreEncryptionSpec>;
163
181
  /**
164
182
  * If set to true, any EntityTypes and Features for this Featurestore will also be deleted
165
183
  */
@@ -21,6 +21,9 @@ const utilities = require("../utilities");
21
21
  * onlineServingConfig: {
22
22
  * fixedNodeCount: 2,
23
23
  * },
24
+ * encryptionSpec: {
25
+ * kmsKeyName: "kms-name",
26
+ * },
24
27
  * forceDestroy: true,
25
28
  * }, {
26
29
  * provider: google_beta,
@@ -54,6 +57,7 @@ class AiFeatureStore extends pulumi.CustomResource {
54
57
  if (opts.id) {
55
58
  const state = argsOrState;
56
59
  resourceInputs["createTime"] = state ? state.createTime : undefined;
60
+ resourceInputs["encryptionSpec"] = state ? state.encryptionSpec : undefined;
57
61
  resourceInputs["etag"] = state ? state.etag : undefined;
58
62
  resourceInputs["forceDestroy"] = state ? state.forceDestroy : undefined;
59
63
  resourceInputs["labels"] = state ? state.labels : undefined;
@@ -65,6 +69,7 @@ class AiFeatureStore extends pulumi.CustomResource {
65
69
  }
66
70
  else {
67
71
  const args = argsOrState;
72
+ resourceInputs["encryptionSpec"] = args ? args.encryptionSpec : undefined;
68
73
  resourceInputs["forceDestroy"] = args ? args.forceDestroy : undefined;
69
74
  resourceInputs["labels"] = args ? args.labels : undefined;
70
75
  resourceInputs["name"] = args ? args.name : undefined;