@pulumi/gcp 6.37.0-alpha.1663276359 → 6.37.0-alpha.1663305868

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (96) hide show
  1. package/apigee/environment.d.ts +16 -0
  2. package/apigee/environment.js +2 -0
  3. package/apigee/environment.js.map +1 -1
  4. package/apigee/organization.d.ts +18 -2
  5. package/apigee/organization.js +2 -0
  6. package/apigee/organization.js.map +1 -1
  7. package/appengine/flexibleAppVersion.d.ts +32 -1
  8. package/appengine/flexibleAppVersion.js +19 -1
  9. package/appengine/flexibleAppVersion.js.map +1 -1
  10. package/bigqueryanalyticshub/dataExchanceIamMember.d.ts +136 -0
  11. package/bigqueryanalyticshub/dataExchanceIamMember.js +95 -0
  12. package/bigqueryanalyticshub/dataExchanceIamMember.js.map +1 -0
  13. package/bigqueryanalyticshub/dataExchange.d.ts +189 -0
  14. package/bigqueryanalyticshub/dataExchange.js +114 -0
  15. package/bigqueryanalyticshub/dataExchange.js.map +1 -0
  16. package/bigqueryanalyticshub/dataExchangeIamBinding.d.ts +136 -0
  17. package/bigqueryanalyticshub/dataExchangeIamBinding.js +95 -0
  18. package/bigqueryanalyticshub/dataExchangeIamBinding.js.map +1 -0
  19. package/bigqueryanalyticshub/dataExchangeIamPolicy.d.ts +126 -0
  20. package/bigqueryanalyticshub/dataExchangeIamPolicy.js +88 -0
  21. package/bigqueryanalyticshub/dataExchangeIamPolicy.js.map +1 -0
  22. package/bigqueryanalyticshub/index.d.ts +4 -0
  23. package/bigqueryanalyticshub/index.js +52 -0
  24. package/bigqueryanalyticshub/index.js.map +1 -0
  25. package/certificatemanager/certificateMap.d.ts +0 -2
  26. package/certificatemanager/certificateMap.js +0 -2
  27. package/certificatemanager/certificateMap.js.map +1 -1
  28. package/certificatemanager/certificateMapEntry.d.ts +0 -2
  29. package/certificatemanager/certificateMapEntry.js +0 -2
  30. package/certificatemanager/certificateMapEntry.js.map +1 -1
  31. package/certificatemanager/dnsAuthorization.d.ts +0 -2
  32. package/certificatemanager/dnsAuthorization.js +0 -2
  33. package/certificatemanager/dnsAuthorization.js.map +1 -1
  34. package/cloudbuild/trigger.d.ts +26 -0
  35. package/cloudbuild/trigger.js +10 -0
  36. package/cloudbuild/trigger.js.map +1 -1
  37. package/compute/resourcePolicy.d.ts +31 -0
  38. package/compute/resourcePolicy.js +31 -0
  39. package/compute/resourcePolicy.js.map +1 -1
  40. package/compute/snapshot.d.ts +53 -0
  41. package/compute/snapshot.js +28 -0
  42. package/compute/snapshot.js.map +1 -1
  43. package/compute/targetSSLProxy.d.ts +20 -2
  44. package/compute/targetSSLProxy.js +2 -3
  45. package/compute/targetSSLProxy.js.map +1 -1
  46. package/config/vars.d.ts +2 -0
  47. package/config/vars.js +12 -0
  48. package/config/vars.js.map +1 -1
  49. package/container/cluster.d.ts +36 -0
  50. package/container/cluster.js +6 -0
  51. package/container/cluster.js.map +1 -1
  52. package/container/getCluster.d.ts +3 -0
  53. package/container/getCluster.js.map +1 -1
  54. package/datastream/connectionProfile.d.ts +301 -0
  55. package/datastream/connectionProfile.js +190 -0
  56. package/datastream/connectionProfile.js.map +1 -0
  57. package/datastream/index.d.ts +1 -0
  58. package/datastream/index.js +37 -0
  59. package/datastream/index.js.map +1 -0
  60. package/dns/responsePolicyRule.d.ts +12 -0
  61. package/dns/responsePolicyRule.js +2 -0
  62. package/dns/responsePolicyRule.js.map +1 -1
  63. package/index.d.ts +3 -1
  64. package/index.js +6 -2
  65. package/index.js.map +1 -1
  66. package/logging/billingAccountSink.d.ts +3 -15
  67. package/logging/billingAccountSink.js.map +1 -1
  68. package/logging/folderSink.d.ts +6 -18
  69. package/logging/folderSink.js.map +1 -1
  70. package/logging/organizationSink.d.ts +3 -15
  71. package/logging/organizationSink.js.map +1 -1
  72. package/logging/projectSink.d.ts +3 -95
  73. package/logging/projectSink.js +0 -80
  74. package/logging/projectSink.js.map +1 -1
  75. package/monitoring/getNotificationChannel.d.ts +1 -0
  76. package/monitoring/getNotificationChannel.js.map +1 -1
  77. package/monitoring/notificationChannel.d.ts +25 -0
  78. package/monitoring/notificationChannel.js +3 -0
  79. package/monitoring/notificationChannel.js.map +1 -1
  80. package/package.json +2 -2
  81. package/package.json.dev +2 -2
  82. package/provider.d.ts +4 -0
  83. package/provider.js +2 -0
  84. package/provider.js.map +1 -1
  85. package/storage/bucketObject.d.ts +6 -15
  86. package/storage/bucketObject.js.map +1 -1
  87. package/storage/getBucketObject.d.ts +6 -0
  88. package/storage/getBucketObject.js.map +1 -1
  89. package/types/input.d.ts +364 -25
  90. package/types/output.d.ts +385 -25
  91. package/vertex/aiFeatureStore.d.ts +18 -0
  92. package/vertex/aiFeatureStore.js +5 -0
  93. package/vertex/aiFeatureStore.js.map +1 -1
  94. package/vertex/aiFeatureStoreEntityType.d.ts +3 -0
  95. package/vertex/aiFeatureStoreEntityType.js +3 -0
  96. package/vertex/aiFeatureStoreEntityType.js.map +1 -1
package/types/input.d.ts CHANGED
@@ -1544,6 +1544,43 @@ export declare namespace apigee {
1544
1544
  expression: pulumi.Input<string>;
1545
1545
  title: pulumi.Input<string>;
1546
1546
  }
1547
+ interface EnvironmentNodeConfig {
1548
+ /**
1549
+ * -
1550
+ * The current total number of gateway nodes that each environment currently has across
1551
+ * all instances.
1552
+ */
1553
+ currentAggregateNodeCount?: pulumi.Input<string>;
1554
+ /**
1555
+ * The maximum total number of gateway nodes that the is reserved for all instances that
1556
+ * has the specified environment. If not specified, the default is determined by the
1557
+ * recommended maximum number of nodes for that gateway.
1558
+ */
1559
+ maxNodeCount?: pulumi.Input<string>;
1560
+ /**
1561
+ * The minimum total number of gateway nodes that the is reserved for all instances that
1562
+ * has the specified environment. If not specified, the default is determined by the
1563
+ * recommended minimum number of nodes for that gateway.
1564
+ */
1565
+ minNodeCount?: pulumi.Input<string>;
1566
+ }
1567
+ interface OrganizationProperties {
1568
+ /**
1569
+ * List of all properties in the object.
1570
+ * Structure is documented below.
1571
+ */
1572
+ properties?: pulumi.Input<pulumi.Input<inputs.apigee.OrganizationPropertiesProperty>[]>;
1573
+ }
1574
+ interface OrganizationPropertiesProperty {
1575
+ /**
1576
+ * Name of the property.
1577
+ */
1578
+ name?: pulumi.Input<string>;
1579
+ /**
1580
+ * Value of the property.
1581
+ */
1582
+ value?: pulumi.Input<string>;
1583
+ }
1547
1584
  }
1548
1585
  export declare namespace appengine {
1549
1586
  interface ApplicationFeatureSettings {
@@ -3458,6 +3495,18 @@ export declare namespace bigquery {
3458
3495
  useLegacySql?: pulumi.Input<boolean>;
3459
3496
  }
3460
3497
  }
3498
+ export declare namespace bigqueryanalyticshub {
3499
+ interface DataExchanceIamMemberCondition {
3500
+ description?: pulumi.Input<string>;
3501
+ expression: pulumi.Input<string>;
3502
+ title: pulumi.Input<string>;
3503
+ }
3504
+ interface DataExchangeIamBindingCondition {
3505
+ description?: pulumi.Input<string>;
3506
+ expression: pulumi.Input<string>;
3507
+ title: pulumi.Input<string>;
3508
+ }
3509
+ }
3461
3510
  export declare namespace bigtable {
3462
3511
  interface GCPolicyMaxAge {
3463
3512
  /**
@@ -6405,8 +6454,7 @@ export declare namespace cloudfunctionsv2 {
6405
6454
  */
6406
6455
  invertRegex?: pulumi.Input<boolean>;
6407
6456
  /**
6408
- * ID of the project that owns the Cloud Source Repository. If omitted, the
6409
- * project ID requesting the build is assumed.
6457
+ * Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.
6410
6458
  */
6411
6459
  projectId?: pulumi.Input<string>;
6412
6460
  /**
@@ -6540,6 +6588,16 @@ export declare namespace cloudfunctionsv2 {
6540
6588
  * given time.
6541
6589
  */
6542
6590
  minInstanceCount?: pulumi.Input<number>;
6591
+ /**
6592
+ * Secret environment variables configuration.
6593
+ * Structure is documented below.
6594
+ */
6595
+ secretEnvironmentVariables?: pulumi.Input<pulumi.Input<inputs.cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariable>[]>;
6596
+ /**
6597
+ * Secret volumes configuration.
6598
+ * Structure is documented below.
6599
+ */
6600
+ secretVolumes?: pulumi.Input<pulumi.Input<inputs.cloudfunctionsv2.FunctionServiceConfigSecretVolume>[]>;
6543
6601
  /**
6544
6602
  * Name of the service associated with a Function.
6545
6603
  */
@@ -6569,6 +6627,53 @@ export declare namespace cloudfunctionsv2 {
6569
6627
  */
6570
6628
  vpcConnectorEgressSettings?: pulumi.Input<string>;
6571
6629
  }
6630
+ interface FunctionServiceConfigSecretEnvironmentVariable {
6631
+ /**
6632
+ * Name of the environment variable.
6633
+ */
6634
+ key: pulumi.Input<string>;
6635
+ /**
6636
+ * Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.
6637
+ */
6638
+ projectId: pulumi.Input<string>;
6639
+ /**
6640
+ * Name of the secret in secret manager (not the full resource name).
6641
+ */
6642
+ secret: pulumi.Input<string>;
6643
+ /**
6644
+ * Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately.
6645
+ */
6646
+ version: pulumi.Input<string>;
6647
+ }
6648
+ interface FunctionServiceConfigSecretVolume {
6649
+ /**
6650
+ * The path within the container to mount the secret volume. For example, setting the mountPath as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets
6651
+ */
6652
+ mountPath: pulumi.Input<string>;
6653
+ /**
6654
+ * Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.
6655
+ */
6656
+ projectId: pulumi.Input<string>;
6657
+ /**
6658
+ * Name of the secret in secret manager (not the full resource name).
6659
+ */
6660
+ secret: pulumi.Input<string>;
6661
+ /**
6662
+ * List of secret versions to mount for this secret. If empty, the latest version of the secret will be made available in a file named after the secret under the mount point.'
6663
+ * Structure is documented below.
6664
+ */
6665
+ versions?: pulumi.Input<pulumi.Input<inputs.cloudfunctionsv2.FunctionServiceConfigSecretVolumeVersion>[]>;
6666
+ }
6667
+ interface FunctionServiceConfigSecretVolumeVersion {
6668
+ /**
6669
+ * Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mountPath as '/etc/secrets' and path as secretFoo would mount the secret value file at /etc/secrets/secret_foo.
6670
+ */
6671
+ path: pulumi.Input<string>;
6672
+ /**
6673
+ * Version of the secret (version number or the string 'latest'). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately.
6674
+ */
6675
+ version: pulumi.Input<string>;
6676
+ }
6572
6677
  }
6573
6678
  export declare namespace cloudidentity {
6574
6679
  interface GroupGroupKey {
@@ -9256,6 +9361,10 @@ export declare namespace compute {
9256
9361
  * he number of threads per physical core. To disable [simultaneous multithreading (SMT)](https://cloud.google.com/compute/docs/instances/disabling-smt) set this to 1.
9257
9362
  */
9258
9363
  threadsPerCore?: pulumi.Input<number>;
9364
+ /**
9365
+ * ) The number of physical cores to expose to an instance. [visible cores info (VC)](https://cloud.google.com/compute/docs/instances/customize-visible-cores).
9366
+ */
9367
+ visibleCoreCount?: pulumi.Input<number>;
9259
9368
  }
9260
9369
  interface InstanceAttachedDisk {
9261
9370
  /**
@@ -9370,6 +9479,7 @@ export declare namespace compute {
9370
9479
  interface InstanceFromMachineImageAdvancedMachineFeatures {
9371
9480
  enableNestedVirtualization?: pulumi.Input<boolean>;
9372
9481
  threadsPerCore?: pulumi.Input<number>;
9482
+ visibleCoreCount?: pulumi.Input<number>;
9373
9483
  }
9374
9484
  interface InstanceFromMachineImageAttachedDisk {
9375
9485
  deviceName?: pulumi.Input<string>;
@@ -9477,6 +9587,7 @@ export declare namespace compute {
9477
9587
  interface InstanceFromTemplateAdvancedMachineFeatures {
9478
9588
  enableNestedVirtualization?: pulumi.Input<boolean>;
9479
9589
  threadsPerCore?: pulumi.Input<number>;
9590
+ visibleCoreCount?: pulumi.Input<number>;
9480
9591
  }
9481
9592
  interface InstanceFromTemplateAttachedDisk {
9482
9593
  deviceName?: pulumi.Input<string>;
@@ -10032,9 +10143,13 @@ export declare namespace compute {
10032
10143
  */
10033
10144
  enableNestedVirtualization?: pulumi.Input<boolean>;
10034
10145
  /**
10035
- * he number of threads per physical core. To disable [simultaneous multithreading (SMT)](https://cloud.google.com/compute/docs/instances/disabling-smt) set this to 1.
10146
+ * The number of threads per physical core. To disable [simultaneous multithreading (SMT)](https://cloud.google.com/compute/docs/instances/disabling-smt) set this to 1.
10036
10147
  */
10037
10148
  threadsPerCore?: pulumi.Input<number>;
10149
+ /**
10150
+ * ) The number of physical cores to expose to an instance. [visible cores info (VC)](https://cloud.google.com/compute/docs/instances/customize-visible-cores).
10151
+ */
10152
+ visibleCoreCount?: pulumi.Input<number>;
10038
10153
  }
10039
10154
  interface InstanceTemplateConfidentialInstanceConfig {
10040
10155
  /**
@@ -13457,6 +13572,12 @@ export declare namespace compute {
13457
13572
  startTime: pulumi.Input<string>;
13458
13573
  }
13459
13574
  interface ResourcePolicySnapshotSchedulePolicySnapshotProperties {
13575
+ /**
13576
+ * Creates the new snapshot in the snapshot chain labeled with the
13577
+ * specified name. The chain name must be 1-63 characters long and comply
13578
+ * with RFC1035.
13579
+ */
13580
+ chainName?: pulumi.Input<string>;
13460
13581
  /**
13461
13582
  * Whether to perform a 'guest aware' snapshot.
13462
13583
  */
@@ -16622,6 +16743,13 @@ export declare namespace container {
16622
16743
  */
16623
16744
  enabled: pulumi.Input<boolean>;
16624
16745
  }
16746
+ interface ClusterCostManagementConfig {
16747
+ /**
16748
+ * Enable the PodSecurityPolicy controller for this cluster.
16749
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
16750
+ */
16751
+ enabled: pulumi.Input<boolean>;
16752
+ }
16625
16753
  interface ClusterDatabaseEncryption {
16626
16754
  /**
16627
16755
  * the key to use to encrypt/decrypt secrets. See the [DatabaseEncryption definition](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#Cluster.DatabaseEncryption) for more information.
@@ -16821,12 +16949,7 @@ export declare namespace container {
16821
16949
  */
16822
16950
  ephemeralStorageConfig?: pulumi.Input<inputs.container.ClusterNodeConfigEphemeralStorageConfig>;
16823
16951
  /**
16824
- * Parameters for the Google Container Filesystem (GCFS).
16825
- * If unspecified, GCFS will not be enabled on the node pool. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion` from GKE versions 1.19 or later to use it.
16826
- * For GKE versions 1.19, 1.20, and 1.21, the recommended minimum `nodeVersion` would be 1.19.15-gke.1300, 1.20.11-gke.1300, and 1.21.5-gke.1300 respectively.
16827
- * A `machineType` that has more than 16 GiB of memory is also recommended.
16828
- * GCFS must be enabled in order to use [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming).
16829
- * Structure is documented below.
16952
+ * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.
16830
16953
  */
16831
16954
  gcfsConfig?: pulumi.Input<inputs.container.ClusterNodeConfigGcfsConfig>;
16832
16955
  /**
@@ -17129,8 +17252,30 @@ export declare namespace container {
17129
17252
  tags?: pulumi.Input<pulumi.Input<string>[]>;
17130
17253
  }
17131
17254
  interface ClusterNodePoolAutoscaling {
17132
- maxNodeCount: pulumi.Input<number>;
17133
- minNodeCount: pulumi.Input<number>;
17255
+ locationPolicy?: pulumi.Input<string>;
17256
+ maxNodeCount?: pulumi.Input<number>;
17257
+ minNodeCount?: pulumi.Input<number>;
17258
+ totalMaxNodeCount?: pulumi.Input<number>;
17259
+ totalMinNodeCount?: pulumi.Input<number>;
17260
+ }
17261
+ interface ClusterNodePoolDefaults {
17262
+ /**
17263
+ * ) - Subset of NodeConfig message that has defaults.
17264
+ */
17265
+ nodeConfigDefaults?: pulumi.Input<inputs.container.ClusterNodePoolDefaultsNodeConfigDefaults>;
17266
+ }
17267
+ interface ClusterNodePoolDefaultsNodeConfigDefaults {
17268
+ /**
17269
+ * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.
17270
+ */
17271
+ gcfsConfig?: pulumi.Input<inputs.container.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig>;
17272
+ }
17273
+ interface ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig {
17274
+ /**
17275
+ * Enable the PodSecurityPolicy controller for this cluster.
17276
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
17277
+ */
17278
+ enabled: pulumi.Input<boolean>;
17134
17279
  }
17135
17280
  interface ClusterNodePoolManagement {
17136
17281
  autoRepair?: pulumi.Input<boolean>;
@@ -17170,12 +17315,7 @@ export declare namespace container {
17170
17315
  */
17171
17316
  ephemeralStorageConfig?: pulumi.Input<inputs.container.ClusterNodePoolNodeConfigEphemeralStorageConfig>;
17172
17317
  /**
17173
- * Parameters for the Google Container Filesystem (GCFS).
17174
- * If unspecified, GCFS will not be enabled on the node pool. When enabling this feature you must specify `imageType = "COS_CONTAINERD"` and `nodeVersion` from GKE versions 1.19 or later to use it.
17175
- * For GKE versions 1.19, 1.20, and 1.21, the recommended minimum `nodeVersion` would be 1.19.15-gke.1300, 1.20.11-gke.1300, and 1.21.5-gke.1300 respectively.
17176
- * A `machineType` that has more than 16 GiB of memory is also recommended.
17177
- * GCFS must be enabled in order to use [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming).
17178
- * Structure is documented below.
17318
+ * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.
17179
17319
  */
17180
17320
  gcfsConfig?: pulumi.Input<inputs.container.ClusterNodePoolNodeConfigGcfsConfig>;
17181
17321
  /**
@@ -17537,6 +17677,13 @@ export declare namespace container {
17537
17677
  interface ClusterResourceUsageExportConfigBigqueryDestination {
17538
17678
  datasetId: pulumi.Input<string>;
17539
17679
  }
17680
+ interface ClusterServiceExternalIpsConfig {
17681
+ /**
17682
+ * Enable the PodSecurityPolicy controller for this cluster.
17683
+ * If enabled, pods must be valid under a PodSecurityPolicy to be created.
17684
+ */
17685
+ enabled: pulumi.Input<boolean>;
17686
+ }
17540
17687
  interface ClusterTpuConfig {
17541
17688
  /**
17542
17689
  * Enable the PodSecurityPolicy controller for this cluster.
@@ -17561,14 +17708,32 @@ export declare namespace container {
17561
17708
  }
17562
17709
  interface NodePoolAutoscaling {
17563
17710
  /**
17564
- * Maximum number of nodes in the NodePool. Must be >= min_node_count.
17711
+ * Location policy specifies the algorithm used when scaling-up the node pool. \
17712
+ * "BALANCED" - Is a best effort policy that aims to balance the sizes of available zones. \
17713
+ * "ANY" - Instructs the cluster autoscaler to prioritize utilization of unused reservations,
17714
+ * and reduce preemption risk for Spot VMs.
17565
17715
  */
17566
- maxNodeCount: pulumi.Input<number>;
17716
+ locationPolicy?: pulumi.Input<string>;
17567
17717
  /**
17568
- * Minimum number of nodes in the NodePool. Must be >=0 and
17569
- * <= `maxNodeCount`.
17718
+ * Maximum number of nodes per zone in the NodePool.
17719
+ * Must be >= min_node_count. Cannot be used with total limits.
17570
17720
  */
17571
- minNodeCount: pulumi.Input<number>;
17721
+ maxNodeCount?: pulumi.Input<number>;
17722
+ /**
17723
+ * Minimum number of nodes per zone in the NodePool.
17724
+ * Must be >=0 and <= `maxNodeCount`. Cannot be used with total limits.
17725
+ */
17726
+ minNodeCount?: pulumi.Input<number>;
17727
+ /**
17728
+ * Total maximum number of nodes in the NodePool.
17729
+ * Must be >= total_min_node_count. Cannot be used with per zone limits.
17730
+ */
17731
+ totalMaxNodeCount?: pulumi.Input<number>;
17732
+ /**
17733
+ * Total minimum number of nodes in the NodePool.
17734
+ * Must be >=0 and <= `totalMaxNodeCount`. Cannot be used with per zone limits.
17735
+ */
17736
+ totalMinNodeCount?: pulumi.Input<number>;
17572
17737
  }
17573
17738
  interface NodePoolManagement {
17574
17739
  /**
@@ -20821,6 +20986,10 @@ export declare namespace dataproc {
20821
20986
  * Optional. The URIs of service account scopes to be included in Compute Engine instances. The following base set of scopes is always included: * https://www.googleapis.com/auth/cloud.useraccounts.readonly * https://www.googleapis.com/auth/devstorage.read_write * https://www.googleapis.com/auth/logging.write If no scopes are specified, the following defaults are also provided: * https://www.googleapis.com/auth/bigquery * https://www.googleapis.com/auth/bigtable.admin.table * https://www.googleapis.com/auth/bigtable.data * https://www.googleapis.com/auth/devstorage.full_control
20822
20987
  */
20823
20988
  serviceAccountScopes?: pulumi.Input<pulumi.Input<string>[]>;
20989
+ /**
20990
+ * Optional. Shielded Instance Config for clusters using [Compute Engine Shielded VMs](https://cloud.google.com/security/shielded-cloud/shielded-vm). Structure defined below.
20991
+ */
20992
+ shieldedInstanceConfig?: pulumi.Input<inputs.dataproc.WorkflowTemplatePlacementManagedClusterConfigGceClusterConfigShieldedInstanceConfig>;
20824
20993
  /**
20825
20994
  * Optional. The Compute Engine subnetwork to be used for machine communications. Cannot be specified with network_uri. A full URL, partial URI, or short name are valid. Examples: * `https://www.googleapis.com/compute/v1/projects//regions/us-east1/subnetworks/sub0` * `sub0`
20826
20995
  */
@@ -20854,6 +21023,20 @@ export declare namespace dataproc {
20854
21023
  */
20855
21024
  values?: pulumi.Input<pulumi.Input<string>[]>;
20856
21025
  }
21026
+ interface WorkflowTemplatePlacementManagedClusterConfigGceClusterConfigShieldedInstanceConfig {
21027
+ /**
21028
+ * Optional. Defines whether instances have [Integrity Monitoring](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#integrity-monitoring) enabled.
21029
+ */
21030
+ enableIntegrityMonitoring?: pulumi.Input<boolean>;
21031
+ /**
21032
+ * Optional. Defines whether instances have [Secure Boot](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#secure-boot) enabled.
21033
+ */
21034
+ enableSecureBoot?: pulumi.Input<boolean>;
21035
+ /**
21036
+ * Optional. Defines whether instances have the [vTPM](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm#vtpm) enabled.
21037
+ */
21038
+ enableVtpm?: pulumi.Input<boolean>;
21039
+ }
20857
21040
  interface WorkflowTemplatePlacementManagedClusterConfigGkeClusterConfig {
20858
21041
  /**
20859
21042
  * Optional. A target for the deployment.
@@ -21219,6 +21402,156 @@ export declare namespace datastore {
21219
21402
  name: pulumi.Input<string>;
21220
21403
  }
21221
21404
  }
21405
+ export declare namespace datastream {
21406
+ interface ConnectionProfileForwardSshConnectivity {
21407
+ /**
21408
+ * Hostname for the SSH tunnel.
21409
+ */
21410
+ hostname: pulumi.Input<string>;
21411
+ /**
21412
+ * SSH password.
21413
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21414
+ */
21415
+ password?: pulumi.Input<string>;
21416
+ /**
21417
+ * Port for the SSH tunnel.
21418
+ */
21419
+ port?: pulumi.Input<number>;
21420
+ /**
21421
+ * SSH private key.
21422
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21423
+ */
21424
+ privateKey?: pulumi.Input<string>;
21425
+ /**
21426
+ * Username for the SSH tunnel.
21427
+ */
21428
+ username: pulumi.Input<string>;
21429
+ }
21430
+ interface ConnectionProfileGcsProfile {
21431
+ /**
21432
+ * The Cloud Storage bucket name.
21433
+ */
21434
+ bucket: pulumi.Input<string>;
21435
+ /**
21436
+ * The root path inside the Cloud Storage bucket.
21437
+ */
21438
+ rootPath?: pulumi.Input<string>;
21439
+ }
21440
+ interface ConnectionProfileMysqlProfile {
21441
+ /**
21442
+ * Hostname for the SSH tunnel.
21443
+ */
21444
+ hostname: pulumi.Input<string>;
21445
+ /**
21446
+ * SSH password.
21447
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21448
+ */
21449
+ password: pulumi.Input<string>;
21450
+ /**
21451
+ * Port for the SSH tunnel.
21452
+ */
21453
+ port?: pulumi.Input<number>;
21454
+ /**
21455
+ * SSL configuration for the MySQL connection.
21456
+ * Structure is documented below.
21457
+ */
21458
+ sslConfig?: pulumi.Input<inputs.datastream.ConnectionProfileMysqlProfileSslConfig>;
21459
+ /**
21460
+ * Username for the SSH tunnel.
21461
+ */
21462
+ username: pulumi.Input<string>;
21463
+ }
21464
+ interface ConnectionProfileMysqlProfileSslConfig {
21465
+ /**
21466
+ * PEM-encoded certificate of the CA that signed the source database
21467
+ * server's certificate.
21468
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21469
+ */
21470
+ caCertificate?: pulumi.Input<string>;
21471
+ /**
21472
+ * -
21473
+ * Indicates whether the clientKey field is set.
21474
+ */
21475
+ caCertificateSet?: pulumi.Input<boolean>;
21476
+ /**
21477
+ * PEM-encoded certificate that will be used by the replica to
21478
+ * authenticate against the source database server. If this field
21479
+ * is used then the 'clientKey' and the 'caCertificate' fields are
21480
+ * mandatory.
21481
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21482
+ */
21483
+ clientCertificate?: pulumi.Input<string>;
21484
+ /**
21485
+ * -
21486
+ * Indicates whether the clientCertificate field is set.
21487
+ */
21488
+ clientCertificateSet?: pulumi.Input<boolean>;
21489
+ /**
21490
+ * PEM-encoded private key associated with the Client Certificate.
21491
+ * If this field is used then the 'client_certificate' and the
21492
+ * 'ca_certificate' fields are mandatory.
21493
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21494
+ */
21495
+ clientKey?: pulumi.Input<string>;
21496
+ /**
21497
+ * -
21498
+ * Indicates whether the clientKey field is set.
21499
+ */
21500
+ clientKeySet?: pulumi.Input<boolean>;
21501
+ }
21502
+ interface ConnectionProfileOracleProfile {
21503
+ /**
21504
+ * Connection string attributes
21505
+ */
21506
+ connectionAttributes?: pulumi.Input<{
21507
+ [key: string]: pulumi.Input<string>;
21508
+ }>;
21509
+ /**
21510
+ * Database for the Oracle connection.
21511
+ */
21512
+ databaseService: pulumi.Input<string>;
21513
+ /**
21514
+ * Hostname for the SSH tunnel.
21515
+ */
21516
+ hostname: pulumi.Input<string>;
21517
+ /**
21518
+ * SSH password.
21519
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21520
+ */
21521
+ password: pulumi.Input<string>;
21522
+ /**
21523
+ * Port for the SSH tunnel.
21524
+ */
21525
+ port?: pulumi.Input<number>;
21526
+ /**
21527
+ * Username for the SSH tunnel.
21528
+ */
21529
+ username: pulumi.Input<string>;
21530
+ }
21531
+ interface ConnectionProfilePostgresqlProfile {
21532
+ /**
21533
+ * Database for the PostgreSQL connection.
21534
+ */
21535
+ database: pulumi.Input<string>;
21536
+ /**
21537
+ * Hostname for the SSH tunnel.
21538
+ */
21539
+ hostname: pulumi.Input<string>;
21540
+ /**
21541
+ * SSH password.
21542
+ * **Note**: This property is sensitive and will not be displayed in the plan.
21543
+ */
21544
+ password: pulumi.Input<string>;
21545
+ /**
21546
+ * Port for the SSH tunnel.
21547
+ */
21548
+ port?: pulumi.Input<number>;
21549
+ /**
21550
+ * Username for the SSH tunnel.
21551
+ */
21552
+ username: pulumi.Input<string>;
21553
+ }
21554
+ }
21222
21555
  export declare namespace deploymentmanager {
21223
21556
  interface DeploymentLabel {
21224
21557
  /**
@@ -23481,7 +23814,7 @@ export declare namespace logging {
23481
23814
  /**
23482
23815
  * Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables).
23483
23816
  * By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned
23484
- * tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
23817
+ * tables, the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
23485
23818
  * has to be used instead. In both cases, tables are sharded based on UTC timezone.
23486
23819
  */
23487
23820
  usePartitionedTables: pulumi.Input<boolean>;
@@ -23509,7 +23842,7 @@ export declare namespace logging {
23509
23842
  /**
23510
23843
  * Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables).
23511
23844
  * By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned
23512
- * tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
23845
+ * tables, the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
23513
23846
  * has to be used instead. In both cases, tables are sharded based on UTC timezone.
23514
23847
  */
23515
23848
  usePartitionedTables: pulumi.Input<boolean>;
@@ -23669,7 +24002,7 @@ export declare namespace logging {
23669
24002
  interface ProjectSinkBigqueryOptions {
23670
24003
  /**
23671
24004
  * Whether to use [BigQuery's partition tables](https://cloud.google.com/bigquery/docs/partitioned-tables).
23672
- * By default, Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned
24005
+ * By default, Logging creates dated tables based on the log entries' timestamps, e.g. `syslog20170523`. With partitioned
23673
24006
  * tables the date suffix is no longer present and [special query syntax](https://cloud.google.com/bigquery/docs/querying-partitioned-tables)
23674
24007
  * has to be used instead. In both cases, tables are sharded based on UTC timezone.
23675
24008
  */
@@ -29724,6 +30057,12 @@ export declare namespace vertex {
29724
30057
  */
29725
30058
  kmsKeyName?: pulumi.Input<string>;
29726
30059
  }
30060
+ interface AiFeatureStoreEncryptionSpec {
30061
+ /**
30062
+ * The Cloud KMS resource identifier of the customer managed encryption key used to protect a resource. Has the form: projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key. The key needs to be in the same region as where the compute resource is created.
30063
+ */
30064
+ kmsKeyName: pulumi.Input<string>;
30065
+ }
29727
30066
  interface AiFeatureStoreEntityTypeMonitoringConfig {
29728
30067
  /**
29729
30068
  * Configuration of how features in Featurestore are monitored.