@pulumi/gitlab 4.8.0 → 4.9.0

package/applicationSettings.d.ts

@@ -0,0 +1,2936 @@
+import * as pulumi from "@pulumi/pulumi";
+/**
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as gitlab from "@pulumi/gitlab";
+ *
+ * // Set the 2FA settings
+ * const thisApplicationSettings = new gitlab.ApplicationSettings("this", {
+ *     requireTwoFactorAuthentication: true,
+ *     twoFactorGracePeriod: 24,
+ * });
+ * ```
+ */
+export declare class ApplicationSettings extends pulumi.CustomResource {
+    /**
+     * Get an existing ApplicationSettings resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ApplicationSettingsState, opts?: pulumi.CustomResourceOptions): ApplicationSettings;
+    /**
+     * Returns true if the given object is an instance of ApplicationSettings.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is ApplicationSettings;
+    /**
+     * If set, abuse reports are sent to this address. Abuse reports are always available in the Admin Area.
+     */
+    readonly abuseNotificationEmail: pulumi.Output<string>;
+    /**
+     * Require administrators to enable Admin Mode by re-authenticating for administrative tasks.
+     */
+    readonly adminMode: pulumi.Output<boolean>;
+    /**
+     * Where to redirect users after logout.
+     */
+    readonly afterSignOutPath: pulumi.Output<string>;
+    /**
+     * Text shown to the user after signing up.
+     */
+    readonly afterSignUpText: pulumi.Output<string>;
+    /**
+     * API key for Akismet spam protection.
+     */
+    readonly akismetApiKey: pulumi.Output<string>;
+    /**
+     * (If enabled, requires: akismet*api*key) Enable or disable Akismet spam protection.
+     */
+    readonly akismetEnabled: pulumi.Output<boolean>;
+    /**
+     * Set to true to allow group owners to manage LDAP.
+     */
+    readonly allowGroupOwnersToManageLdap: pulumi.Output<boolean>;
+    /**
+     * Allow requests to the local network from system hooks.
+     */
+    readonly allowLocalRequestsFromSystemHooks: pulumi.Output<boolean>;
+    /**
+     * Allow requests to the local network from web hooks and services.
+     */
+    readonly allowLocalRequestsFromWebHooksAndServices: pulumi.Output<boolean>;
+    /**
+     * Set the duration for which the jobs are considered as old and expired. After that time passes, the jobs are archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: 15 days, 1 month, 2 years.
+     */
+    readonly archiveBuildsInHumanReadable: pulumi.Output<string>;
+    /**
+     * Assets that match these domains are not proxied. Wildcards allowed. Your GitLab installation URL is automatically allowlisted. GitLab restart is required to apply changes.
+     */
+    readonly assetProxyAllowlists: pulumi.Output<string[]>;
+    /**
+     * (If enabled, requires: asset*proxy*url) Enable proxying of assets. GitLab restart is required to apply changes.
+     */
+    readonly assetProxyEnabled: pulumi.Output<boolean>;
+    /**
+     * Shared secret with the asset proxy server. GitLab restart is required to apply changes.
+     */
+    readonly assetProxySecretKey: pulumi.Output<string>;
+    /**
+     * URL of the asset proxy server. GitLab restart is required to apply changes.
+     */
+    readonly assetProxyUrl: pulumi.Output<string>;
+    /**
+     * By default, we write to the authorizedKeys file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand.
+     */
+    readonly authorizedKeysEnabled: pulumi.Output<boolean>;
+    /**
+     * Specify a domain to use by default for every project’s Auto Review Apps and Auto Deploy stages.
+     */
+    readonly autoDevopsDomain: pulumi.Output<string>;
+    /**
+     * Enable Auto DevOps for projects by default. It automatically builds, tests, and deploys applications based on a predefined CI/CD configuration.
+     */
+    readonly autoDevopsEnabled: pulumi.Output<boolean>;
+    /**
+     * Enabling this permits automatic allocation of purchased storage in a namespace.
+     */
+    readonly automaticPurchasedStorageAllocation: pulumi.Output<boolean>;
+    /**
+     * Enabling this makes only licensed EE features available to projects if the project namespace’s plan includes the feature or if the project is public.
+     */
+    readonly checkNamespacePlan: pulumi.Output<boolean>;
+    /**
+     * Custom hostname (for private commit emails).
+     */
+    readonly commitEmailHostname: pulumi.Output<string>;
+    /**
+     * Enable cleanup policies for all projects.
+     */
+    readonly containerExpirationPoliciesEnableHistoricEntries: pulumi.Output<boolean>;
+    /**
+     * The maximum number of tags that can be deleted in a single execution of cleanup policies.
+     */
+    readonly containerRegistryCleanupTagsServiceMaxListSize: pulumi.Output<number>;
+    /**
+     * The maximum time, in seconds, that the cleanup process can take to delete a batch of tags for cleanup policies.
+     */
+    readonly containerRegistryDeleteTagsServiceTimeout: pulumi.Output<number>;
+    /**
+     * Caching during the execution of cleanup policies.
+     */
+    readonly containerRegistryExpirationPoliciesCaching: pulumi.Output<boolean>;
+    /**
+     * Number of workers for cleanup policies.
+     */
+    readonly containerRegistryExpirationPoliciesWorkerCapacity: pulumi.Output<number>;
+    /**
+     * Container Registry token duration in minutes.
+     */
+    readonly containerRegistryTokenExpireDelay: pulumi.Output<number>;
+    /**
+     * Enable automatic deactivation of dormant users.
+     */
+    readonly deactivateDormantUsers: pulumi.Output<boolean>;
+    /**
+     * Set the default expiration time for each job’s artifacts.
+     */
+    readonly defaultArtifactsExpireIn: pulumi.Output<string>;
+    /**
+     * Instance-level custom initial branch name (introduced in GitLab 13.2).
+     */
+    readonly defaultBranchName: pulumi.Output<string>;
+    /**
+     * Determine if developers can push to the default branch. Can take: 0 (not protected, both users with the Developer role or Maintainer role can push new commits and force push), 1 (partially protected, users with the Developer role or Maintainer role can push new commits, but cannot force push) or 2 (fully protected, users with the Developer or Maintainer role cannot push new commits, but users with the Developer or Maintainer role can; no one can force push) as a parameter. Default is 2.
+     */
+    readonly defaultBranchProtection: pulumi.Output<number>;
+    /**
+     * Default CI/CD configuration file and path for new projects (.gitlab-ci.yml if not set).
+     */
+    readonly defaultCiConfigPath: pulumi.Output<string>;
+    /**
+     * What visibility level new groups receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    readonly defaultGroupVisibility: pulumi.Output<string>;
+    /**
+     * Default project creation protection. Can take: 0 (No one), 1 (Maintainers) or 2 (Developers + Maintainers).
+     */
+    readonly defaultProjectCreation: pulumi.Output<number>;
+    /**
+     * What visibility level new projects receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    readonly defaultProjectVisibility: pulumi.Output<string>;
+    /**
+     * Project limit per user. Default is 100000.
+     */
+    readonly defaultProjectsLimit: pulumi.Output<number>;
+    /**
+     * What visibility level new snippets receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    readonly defaultSnippetVisibility: pulumi.Output<string>;
+    /**
+     * Enable delayed group deletion. Default is true. Introduced in GitLab 15.0. From GitLab 15.1, disables and locks the group-level setting for delayed protect deletion when set to false.
+     */
+    readonly delayedGroupDeletion: pulumi.Output<boolean>;
+    /**
+     * Enable delayed project deletion by default in new groups. Default is false. From GitLab 15.1, can only be enabled when delayed*group*deletion is true.
+     */
+    readonly delayedProjectDeletion: pulumi.Output<boolean>;
+    /**
+     * Enable inactive project deletion feature. Default is false. Introduced in GitLab 14.10. Became operational in GitLab 15.0 (with feature flag inactive*projects*deletion, disabled by default).
+     */
+    readonly deleteInactiveProjects: pulumi.Output<boolean>;
+    /**
+     * The number of days to wait before deleting a project or group that is marked for deletion. Value must be between 1 and 90. Defaults to 7. From GitLab 15.1, a hook on deletion*adjourned*period sets the period to 1 on every update, and sets both delayed*project*deletion and delayed*group*deletion to false if the period is 0.
+     */
+    readonly deletionAdjournedPeriod: pulumi.Output<number>;
+    /**
+     * Maximum files in a diff.
+     */
+    readonly diffMaxFiles: pulumi.Output<number>;
+    /**
+     * Maximum lines in a diff.
+     */
+    readonly diffMaxLines: pulumi.Output<number>;
+    /**
+     * Maximum diff patch size, in bytes.
+     */
+    readonly diffMaxPatchBytes: pulumi.Output<number>;
+    /**
+     * Disable display of RSS/Atom and calendar feed tokens (introduced in GitLab 13.7).
+     */
+    readonly disableFeedToken: pulumi.Output<boolean>;
+    /**
+     * Disabled OAuth sign-in sources.
+     */
+    readonly disabledOauthSignInSources: pulumi.Output<string[]>;
+    /**
+     * Enforce DNS rebinding attack protection.
+     */
+    readonly dnsRebindingProtectionEnabled: pulumi.Output<boolean>;
+    /**
+     * Force people to use only corporate emails for sign-up. Default is null, meaning there is no restriction.
+     */
+    readonly domainAllowlists: pulumi.Output<string[]>;
+    /**
+     * (If enabled, requires: domain_denylist) Allows blocking sign-ups from emails from specific domains.
+     */
+    readonly domainDenylistEnabled: pulumi.Output<boolean>;
+    /**
+     * Users with email addresses that match these domains cannot sign up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com.
+     */
+    readonly domainDenylists: pulumi.Output<string[]>;
+    /**
+     * The minimum allowed bit length of an uploaded DSA key. Default is 0 (no restriction). -1 disables DSA keys.
+     */
+    readonly dsaKeyRestriction: pulumi.Output<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is 0 (no restriction). -1 disables ECDSA keys.
+     */
+    readonly ecdsaKeyRestriction: pulumi.Output<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ECDSA*SK key. Default is 0 (no restriction). -1 disables ECDSA*SK keys.
+     */
+    readonly ecdsaSkKeyRestriction: pulumi.Output<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is 0 (no restriction). -1 disables ED25519 keys.
+     */
+    readonly ed25519KeyRestriction: pulumi.Output<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ED25519*SK key. Default is 0 (no restriction). -1 disables ED25519*SK keys.
+     */
+    readonly ed25519SkKeyRestriction: pulumi.Output<number>;
+    /**
+     * AWS IAM access key ID.
+     */
+    readonly eksAccessKeyId: pulumi.Output<string>;
+    /**
+     * Amazon account ID.
+     */
+    readonly eksAccountId: pulumi.Output<string>;
+    /**
+     * Enable integration with Amazon EKS.
+     */
+    readonly eksIntegrationEnabled: pulumi.Output<boolean>;
+    /**
+     * AWS IAM secret access key.
+     */
+    readonly eksSecretAccessKey: pulumi.Output<string>;
+    /**
+     * Enable the use of AWS hosted Elasticsearch.
+     */
+    readonly elasticsearchAws: pulumi.Output<boolean>;
+    /**
+     * AWS IAM access key.
+     */
+    readonly elasticsearchAwsAccessKey: pulumi.Output<string>;
+    /**
+     * The AWS region the Elasticsearch domain is configured.
+     */
+    readonly elasticsearchAwsRegion: pulumi.Output<string>;
+    /**
+     * AWS IAM secret access key.
+     */
+    readonly elasticsearchAwsSecretAccessKey: pulumi.Output<string>;
+    /**
+     * Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing.
+     */
+    readonly elasticsearchIndexedFieldLengthLimit: pulumi.Output<number>;
+    /**
+     * Maximum size of repository and wiki files that are indexed by Elasticsearch.
+     */
+    readonly elasticsearchIndexedFileSizeLimitKb: pulumi.Output<number>;
+    /**
+     * Enable Elasticsearch indexing.
+     */
+    readonly elasticsearchIndexing: pulumi.Output<boolean>;
+    /**
+     * Limit Elasticsearch to index certain namespaces and projects.
+     */
+    readonly elasticsearchLimitIndexing: pulumi.Output<boolean>;
+    /**
+     * Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations.
+     */
+    readonly elasticsearchMaxBulkConcurrency: pulumi.Output<number>;
+    /**
+     * Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations.
+     */
+    readonly elasticsearchMaxBulkSizeMb: pulumi.Output<number>;
+    /**
+     * The namespaces to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
+     */
+    readonly elasticsearchNamespaceIds: pulumi.Output<string[]>;
+    /**
+     * The password of your Elasticsearch instance.
+     */
+    readonly elasticsearchPassword: pulumi.Output<string>;
+    /**
+     * The projects to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
+     */
+    readonly elasticsearchProjectIds: pulumi.Output<string[]>;
+    /**
+     * Enable Elasticsearch search.
+     */
+    readonly elasticsearchSearch: pulumi.Output<boolean>;
+    /**
+     * The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, http://localhost:9200, http://localhost:9201).
+     */
+    readonly elasticsearchUrls: pulumi.Output<string[]>;
+    /**
+     * The username of your Elasticsearch instance.
+     */
+    readonly elasticsearchUsername: pulumi.Output<string>;
+    /**
+     * Additional text added to the bottom of every email for legal/auditing/compliance reasons.
+     */
+    readonly emailAdditionalText: pulumi.Output<string>;
+    /**
+     * Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.
+     */
+    readonly emailAuthorInBody: pulumi.Output<boolean>;
+    /**
+     * Enabled protocols for Git access. Allowed values are: ssh, http, and nil to allow both protocols.
+     */
+    readonly enabledGitAccessProtocol: pulumi.Output<string>;
+    /**
+     * Enabling this permits enforcement of namespace storage limits.
+     */
+    readonly enforceNamespaceStorageLimit: pulumi.Output<boolean>;
+    /**
+     * (If enabled, requires: terms) Enforce application ToS to all users.
+     */
+    readonly enforceTerms: pulumi.Output<boolean>;
+    /**
+     * (If enabled, requires: external*auth*client_key) The certificate to use to authenticate with the external authorization service.
+     */
+    readonly externalAuthClientCert: pulumi.Output<string>;
+    /**
+     * Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored.
+     */
+    readonly externalAuthClientKey: pulumi.Output<string>;
+    /**
+     * Passphrase to use for the private key when authenticating with the external service this is encrypted when stored.
+     */
+    readonly externalAuthClientKeyPass: pulumi.Output<string>;
+    /**
+     * The default classification label to use when requesting authorization and no classification label has been specified on the project.
+     */
+    readonly externalAuthorizationServiceDefaultLabel: pulumi.Output<string>;
+    /**
+     * (If enabled, requires: external*authorization*service*default*label, external*authorization*service*timeout and external*authorization*service*url) Enable using an external authorization service for accessing projects.
+     */
+    readonly externalAuthorizationServiceEnabled: pulumi.Output<boolean>;
+    /**
+     * The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001).
+     */
+    readonly externalAuthorizationServiceTimeout: pulumi.Output<number>;
+    /**
+     * URL to which authorization requests are directed.
+     */
+    readonly externalAuthorizationServiceUrl: pulumi.Output<string>;
+    /**
+     * How long to wait for a response from the pipeline validation service. Assumes OK if it times out.
+     */
+    readonly externalPipelineValidationServiceTimeout: pulumi.Output<number>;
+    /**
+     * Optional. Token to include as the X-Gitlab-Token header in requests to the URL in external*pipeline*validation*service*url.
+     */
+    readonly externalPipelineValidationServiceToken: pulumi.Output<string>;
+    /**
+     * URL to use for pipeline validation requests.
+     */
+    readonly externalPipelineValidationServiceUrl: pulumi.Output<string>;
+    /**
+     * The ID of a project to load custom file templates from.
+     */
+    readonly fileTemplateProjectId: pulumi.Output<number>;
+    /**
+     * Start day of the week for calendar views and date pickers. Valid values are 0 (default) for Sunday, 1 for Monday, and 6 for Saturday.
+     */
+    readonly firstDayOfWeek: pulumi.Output<number>;
+    /**
+     * Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, 1.1.1.1, 2.2.2.0/24.
+     */
+    readonly geoNodeAllowedIps: pulumi.Output<string>;
+    /**
+     * The amount of seconds after which a request to get a secondary node status times out.
+     */
+    readonly geoStatusTimeout: pulumi.Output<number>;
+    /**
+     * List of usernames excluded from Git anti-abuse rate limits. Default: [], Maximum: 100 usernames. Introduced in GitLab 15.2.
+     */
+    readonly gitRateLimitUsersAllowlists: pulumi.Output<string[]>;
+    /**
+     * Maximum duration (in minutes) of a session for Git operations when 2FA is enabled.
+     */
+    readonly gitTwoFactorSessionExpiry: pulumi.Output<number>;
+    /**
+     * Default Gitaly timeout, in seconds. This timeout is not enforced for Git fetch/push operations or Sidekiq jobs. Set to 0 to disable timeouts.
+     */
+    readonly gitalyTimeoutDefault: pulumi.Output<number>;
+    /**
+     * Gitaly fast operation timeout, in seconds. Some Gitaly operations are expected to be fast. If they exceed this threshold, there may be a problem with a storage shard and ‘failing fast’ can help maintain the stability of the GitLab instance. Set to 0 to disable timeouts.
+     */
+    readonly gitalyTimeoutFast: pulumi.Output<number>;
+    /**
+     * Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to 0 to disable timeouts.
+     */
+    readonly gitalyTimeoutMedium: pulumi.Output<number>;
+    /**
+     * Enable Grafana.
+     */
+    readonly grafanaEnabled: pulumi.Output<boolean>;
+    /**
+     * Grafana URL.
+     */
+    readonly grafanaUrl: pulumi.Output<string>;
+    /**
+     * Enable Gravatar.
+     */
+    readonly gravatarEnabled: pulumi.Output<boolean>;
+    /**
+     * Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (Always enabled in GitLab versions 13.0 and later, configuration is scheduled for removal in 14.0).
+     */
+    readonly hashedStorageEnabled: pulumi.Output<boolean>;
+    /**
+     * Hide marketing-related entries from help.
+     */
+    readonly helpPageHideCommercialContent: pulumi.Output<boolean>;
+    /**
+     * Alternate support URL for help page and help dropdown.
+     */
+    readonly helpPageSupportUrl: pulumi.Output<string>;
+    /**
+     * Custom text displayed on the help page.
+     */
+    readonly helpPageText: pulumi.Output<string>;
+    /**
+     * GitLab server administrator information.
+     */
+    readonly helpText: pulumi.Output<string>;
+    /**
+     * Do not display offers from third parties in GitLab.
+     */
+    readonly hideThirdPartyOffers: pulumi.Output<boolean>;
+    /**
+     * Redirect to this URL when not logged in.
+     */
+    readonly homePageUrl: pulumi.Output<string>;
+    /**
+     * (If enabled, requires: housekeeping*bitmaps*enabled, housekeeping*full*repack*period, housekeeping*gc*period, and housekeeping*incremental*repack*period) Enable or disable Git housekeeping.
+     */
+    readonly housekeepingEnabled: pulumi.Output<boolean>;
+    /**
+     * Number of Git pushes after which an incremental git repack is run.
+     */
+    readonly housekeepingFullRepackPeriod: pulumi.Output<number>;
+    /**
+     * Number of Git pushes after which git gc is run.
+     */
+    readonly housekeepingGcPeriod: pulumi.Output<number>;
+    /**
+     * Number of Git pushes after which an incremental git repack is run.
+     */
+    readonly housekeepingIncrementalRepackPeriod: pulumi.Output<number>;
+    /**
+     * Enable HTML emails.
+     */
+    readonly htmlEmailsEnabled: pulumi.Output<boolean>;
+    /**
+     * Sources to allow project import from, possible values: github, bitbucket, bitbucket*server, gitlab, fogbugz, git, gitlab*project, gitea, manifest, and phabricator.
+     */
+    readonly importSources: pulumi.Output<string[]>;
+    /**
+     * Enable in-product marketing emails. Enabled by default.
+     */
+    readonly inProductMarketingEmailsEnabled: pulumi.Output<boolean>;
+    /**
+     * If delete*inactive*projects is true, the time (in months) to wait before deleting inactive projects. Default is 2. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    readonly inactiveProjectsDeleteAfterMonths: pulumi.Output<number>;
+    /**
+     * If delete*inactive*projects is true, the minimum repository size for projects to be checked for inactivity. Default is 0. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    readonly inactiveProjectsMinSizeMb: pulumi.Output<number>;
+    /**
+     * If delete*inactive*projects is true, sets the time (in months) to wait before emailing maintainers that the project is scheduled be deleted because it is inactive. Default is 1. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    readonly inactiveProjectsSendWarningEmailAfterMonths: pulumi.Output<number>;
+    /**
+     * Enable Invisible CAPTCHA spam detection during sign-up. Disabled by default.
+     */
+    readonly invisibleCaptchaEnabled: pulumi.Output<boolean>;
+    /**
+     * Max number of issue creation requests per minute per user. Disabled by default.
+     */
+    readonly issuesCreateLimit: pulumi.Output<number>;
+    /**
+     * Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time. Enabled by default.
+     */
+    readonly keepLatestArtifact: pulumi.Output<boolean>;
+    /**
+     * Increase this value when any cached Markdown should be invalidated.
+     */
+    readonly localMarkdownVersion: pulumi.Output<number>;
+    /**
+     * Enable Mailgun event receiver.
+     */
+    readonly mailgunEventsEnabled: pulumi.Output<boolean>;
+    /**
+     * The Mailgun HTTP webhook signing key for receiving events from webhook.
+     */
+    readonly mailgunSigningKey: pulumi.Output<string>;
+    /**
+     * When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests.
+     */
+    readonly maintenanceMode: pulumi.Output<boolean>;
+    /**
+     * Message displayed when instance is in maintenance mode.
+     */
+    readonly maintenanceModeMessage: pulumi.Output<string>;
+    /**
+     * Maximum artifacts size in MB.
+     */
+    readonly maxArtifactsSize: pulumi.Output<number>;
+    /**
+     * Limit attachment size in MB.
+     */
+    readonly maxAttachmentSize: pulumi.Output<number>;
+    /**
+     * Maximum export size in MB. 0 for unlimited. Default = 0 (unlimited).
+     */
+    readonly maxExportSize: pulumi.Output<number>;
+    /**
+     * Maximum import size in MB. 0 for unlimited. Default = 0 (unlimited) Modified from 50MB to 0 in GitLab 13.8.
+     */
+    readonly maxImportSize: pulumi.Output<number>;
+    /**
+     * Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. Introduced in GitLab 15.1.
+     */
+    readonly maxNumberOfRepositoryDownloads: pulumi.Output<number>;
+    /**
+     * Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). Introduced in GitLab 15.1.
+     */
+    readonly maxNumberOfRepositoryDownloadsWithinTimePeriod: pulumi.Output<number>;
+    /**
+     * Maximum size of pages repositories in MB.
+     */
+    readonly maxPagesSize: pulumi.Output<number>;
+    /**
+     * Maximum allowable lifetime for access tokens in days.
+     */
+    readonly maxPersonalAccessTokenLifetime: pulumi.Output<number>;
+    /**
+     * Maximum allowable lifetime for SSH keys in days. Introduced in GitLab 14.6.
+     */
+    readonly maxSshKeyLifetime: pulumi.Output<number>;
+    /**
+     * A method call is only tracked when it takes longer than the given amount of milliseconds.
+     */
+    readonly metricsMethodCallThreshold: pulumi.Output<number>;
+    /**
+     * Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring.
+     */
+    readonly mirrorAvailable: pulumi.Output<boolean>;
+    /**
+     * Minimum capacity to be available before scheduling more mirrors preemptively.
+     */
+    readonly mirrorCapacityThreshold: pulumi.Output<number>;
+    /**
+     * Maximum number of mirrors that can be synchronizing at the same time.
+     */
+    readonly mirrorMaxCapacity: pulumi.Output<number>;
+    /**
+     * Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize.
+     */
+    readonly mirrorMaxDelay: pulumi.Output<number>;
+    /**
+     * Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm.
+     */
+    readonly npmPackageRequestsForwarding: pulumi.Output<boolean>;
+    /**
+     * Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled.
+     */
+    readonly outboundLocalRequestsWhitelists: pulumi.Output<string[]>;
+    /**
+     * Number of workers assigned to the packages cleanup policies.
+     */
+    readonly packageRegistryCleanupPoliciesWorkerCapacity: pulumi.Output<number>;
+    /**
+     * Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled.
+     */
+    readonly pagesDomainVerificationEnabled: pulumi.Output<boolean>;
+    /**
+     * Enable authentication for Git over HTTP(S) via a GitLab account password. Default is true.
+     */
+    readonly passwordAuthenticationEnabledForGit: pulumi.Output<boolean>;
+    /**
+     * Enable authentication for the web interface via a GitLab account password. Default is true.
+     */
+    readonly passwordAuthenticationEnabledForWeb: pulumi.Output<boolean>;
+    /**
+     * Indicates whether passwords require at least one lowercase letter. Introduced in GitLab 15.1.
+     */
+    readonly passwordLowercaseRequired: pulumi.Output<boolean>;
+    /**
+     * Indicates whether passwords require at least one number. Introduced in GitLab 15.1.
+     */
+    readonly passwordNumberRequired: pulumi.Output<boolean>;
+    /**
+     * Indicates whether passwords require at least one symbol character. Introduced in GitLab 15.1.
+     */
+    readonly passwordSymbolRequired: pulumi.Output<boolean>;
+    /**
+     * Indicates whether passwords require at least one uppercase letter. Introduced in GitLab 15.1.
+     */
+    readonly passwordUppercaseRequired: pulumi.Output<boolean>;
+    /**
+     * Path of the group that is allowed to toggle the performance bar.
+     */
+    readonly performanceBarAllowedGroupPath: pulumi.Output<string>;
+    /**
+     * Prefix for all generated personal access tokens.
+     */
+    readonly personalAccessTokenPrefix: pulumi.Output<string>;
+    /**
+     * Maximum number of pipeline creation requests per minute per user and commit. Disabled by default.
+     */
+    readonly pipelineLimitPerProjectUserSha: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: plantuml_url) Enable PlantUML integration. Default is false.
+     */
+    readonly plantumlEnabled: pulumi.Output<boolean>;
+    /**
+     * The PlantUML instance URL for integration.
+     */
+    readonly plantumlUrl: pulumi.Output<string>;
+    /**
+     * Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling.
+     */
+    readonly pollingIntervalMultiplier: pulumi.Output<number>;
+    /**
+     * Enable project export.
+     */
+    readonly projectExportEnabled: pulumi.Output<boolean>;
+    /**
+     * Enable Prometheus metrics.
+     */
+    readonly prometheusMetricsEnabled: pulumi.Output<boolean>;
+    /**
+     * CI/CD variables are protected by default.
+     */
+    readonly protectedCiVariables: pulumi.Output<boolean>;
+    /**
+     * Number of changes (branches or tags) in a single push to determine whether individual push events or bulk push events are created. Bulk push events are created if it surpasses that value.
+     */
+    readonly pushEventActivitiesLimit: pulumi.Output<number>;
+    /**
+     * Number of changes (branches or tags) in a single push to determine whether webhooks and services fire or not. Webhooks and services aren’t submitted if it surpasses that value.
+     */
+    readonly pushEventHooksLimit: pulumi.Output<number>;
+    /**
+     * Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI.
+     */
+    readonly pypiPackageRequestsForwarding: pulumi.Output<boolean>;
+    /**
+     * When rate limiting is enabled via the throttle_* settings, send this plain text response when a rate limit is exceeded. ‘Retry later’ is sent if this is blank.
+     */
+    readonly rateLimitingResponseText: pulumi.Output<string>;
+    /**
+     * Max number of requests per minute for each raw path. Default: 300. To disable throttling set to 0.
+     */
+    readonly rawBlobRequestLimit: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: recaptcha*private*key and recaptcha*site*key) Enable reCAPTCHA.
+     */
+    readonly recaptchaEnabled: pulumi.Output<boolean>;
+    /**
+     * Private key for reCAPTCHA.
+     */
+    readonly recaptchaPrivateKey: pulumi.Output<string>;
+    /**
+     * Site key for reCAPTCHA.
+     */
+    readonly recaptchaSiteKey: pulumi.Output<string>;
+    /**
+     * Maximum push size (MB).
+     */
+    readonly receiveMaxInputSize: pulumi.Output<number>;
+    /**
+     * GitLab periodically runs git fsck in all project and wiki repositories to look for silent disk corruption issues.
+     */
+    readonly repositoryChecksEnabled: pulumi.Output<boolean>;
+    /**
+     * Size limit per repository (MB).
+     */
+    readonly repositorySizeLimit: pulumi.Output<number>;
+    /**
+     * (GitLab 13.0 and earlier) List of names of enabled storage paths, taken from gitlab.yml. New projects are created in one of these stores, chosen at random.
+     */
+    readonly repositoryStorages: pulumi.Output<string[]>;
+    /**
+     * (GitLab 13.1 and later) Hash of names of taken from gitlab.yml to weights. New projects are created in one of these stores, chosen by a weighted random selection.
+     */
+    readonly repositoryStoragesWeighted: pulumi.Output<{
+        [key: string]: number;
+    }>;
+    /**
+     * When enabled, any user that signs up for an account using the registration form is placed under a Pending approval state and has to be explicitly approved by an administrator.
+     */
+    readonly requireAdminApprovalAfterUserSignup: pulumi.Output<boolean>;
+    /**
+     * (If enabled, requires: two*factor*grace_period) Require all users to set up Two-factor authentication.
+     */
+    readonly requireTwoFactorAuthentication: pulumi.Output<boolean>;
+    /**
+     * Selected levels cannot be used by non-Administrator users for groups, projects or snippets. Can take private, internal and public as a parameter. Default is null which means there is no restriction.
+     */
+    readonly restrictedVisibilityLevels: pulumi.Output<string[]>;
+    /**
+     * The minimum allowed bit length of an uploaded RSA key. Default is 0 (no restriction). -1 disables RSA keys.
+     */
+    readonly rsaKeyRestriction: pulumi.Output<number>;
+    /**
+     * Max number of requests per minute for performing a search while authenticated. Default: 30. To disable throttling set to 0.
+     */
+    readonly searchRateLimit: pulumi.Output<number>;
+    /**
+     * Max number of requests per minute for performing a search while unauthenticated. Default: 10. To disable throttling set to 0.
+     */
+    readonly searchRateLimitUnauthenticated: pulumi.Output<number>;
+    /**
+     * Send confirmation email on sign-up.
+     */
+    readonly sendUserConfirmationEmail: pulumi.Output<boolean>;
+    /**
+     * Session duration in minutes. GitLab restart is required to apply changes.
+     */
+    readonly sessionExpireDelay: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: shared*runners*text and shared*runners*minutes) Enable shared runners for new projects.
+     */
+    readonly sharedRunnersEnabled: pulumi.Output<boolean>;
+    /**
+     * Set the maximum number of CI/CD minutes that a group can use on shared runners per month.
+     */
+    readonly sharedRunnersMinutes: pulumi.Output<number>;
+    /**
+     * Shared runners text.
+     */
+    readonly sharedRunnersText: pulumi.Output<string>;
+    /**
+     * The threshold in bytes at which Sidekiq jobs are compressed before being stored in Redis. Default: 100 000 bytes (100KB).
+     */
+    readonly sidekiqJobLimiterCompressionThresholdBytes: pulumi.Output<number>;
+    /**
+     * The threshold in bytes at which Sidekiq jobs are rejected. Default: 0 bytes (doesn’t reject any job).
+     */
+    readonly sidekiqJobLimiterLimitBytes: pulumi.Output<number>;
+    /**
+     * track or compress. Sets the behavior for Sidekiq job size limits. Default: ‘compress’.
+     */
+    readonly sidekiqJobLimiterMode: pulumi.Output<string>;
+    /**
+     * Text on the login page.
+     */
+    readonly signInText: pulumi.Output<string>;
+    /**
+     * Enable registration. Default is true.
+     */
+    readonly signupEnabled: pulumi.Output<boolean>;
+    /**
+     * (If enabled, requires: slack*app*id, slack*app*secret and slack*app*secret) Enable Slack app.
+     */
+    readonly slackAppEnabled: pulumi.Output<boolean>;
+    /**
+     * The app ID of the Slack-app.
+     */
+    readonly slackAppId: pulumi.Output<string>;
+    /**
+     * The app secret of the Slack-app.
+     */
+    readonly slackAppSecret: pulumi.Output<string>;
+    /**
+     * The signing secret of the Slack-app.
+     */
+    readonly slackAppSigningSecret: pulumi.Output<string>;
+    /**
+     * The verification token of the Slack-app.
+     */
+    readonly slackAppVerificationToken: pulumi.Output<string>;
+    /**
+     * Max snippet content size in bytes. Default: 52428800 Bytes (50MB).
+     */
+    readonly snippetSizeLimit: pulumi.Output<number>;
+    /**
+     * The Snowplow site name / application ID. (for example, gitlab)
+     */
+    readonly snowplowAppId: pulumi.Output<string>;
+    /**
+     * The Snowplow collector hostname. (for example, snowplow.trx.gitlab.net)
+     */
+    readonly snowplowCollectorHostname: pulumi.Output<string>;
+    /**
+     * The Snowplow cookie domain. (for example, .gitlab.com)
+     */
+    readonly snowplowCookieDomain: pulumi.Output<string>;
+    /**
+     * Enable snowplow tracking.
+     */
+    readonly snowplowEnabled: pulumi.Output<boolean>;
+    /**
+     * Enables Sourcegraph integration. Default is false. If enabled, requires sourcegraph_url.
+     */
+    readonly sourcegraphEnabled: pulumi.Output<boolean>;
+    /**
+     * Blocks Sourcegraph from being loaded on private and internal projects. Default is true.
+     */
+    readonly sourcegraphPublicOnly: pulumi.Output<boolean>;
+    /**
+     * The Sourcegraph instance URL for integration.
+     */
+    readonly sourcegraphUrl: pulumi.Output<string>;
+    /**
+     * API key used by GitLab for accessing the Spam Check service endpoint.
+     */
+    readonly spamCheckApiKey: pulumi.Output<string>;
+    /**
+     * Enables spam checking using external Spam Check API endpoint. Default is false.
+     */
+    readonly spamCheckEndpointEnabled: pulumi.Output<boolean>;
+    /**
+     * URL of the external Spamcheck service endpoint. Valid URI schemes are grpc or tls. Specifying tls forces communication to be encrypted.
+     */
+    readonly spamCheckEndpointUrl: pulumi.Output<string>;
+    /**
+     * Enable pipeline suggestion banner.
+     */
+    readonly suggestPipelineEnabled: pulumi.Output<boolean>;
+    /**
+     * Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.
+     */
+    readonly terminalMaxSessionTime: pulumi.Output<number>;
+    /**
+     * (Required by: enforce_terms) Markdown content for the ToS.
+     */
+    readonly terms: pulumi.Output<string>;
+    /**
+     * (If enabled, requires: throttle*authenticated*api*period*in*seconds and throttle*authenticated*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    readonly throttleAuthenticatedApiEnabled: pulumi.Output<boolean>;
+    /**
+     * Rate limit period (in seconds).
+     */
+    readonly throttleAuthenticatedApiPeriodInSeconds: pulumi.Output<number>;
+    /**
+     * Maximum requests per period per user.
+     */
+    readonly throttleAuthenticatedApiRequestsPerPeriod: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: throttle*authenticated*packages*api*period*in*seconds and throttle*authenticated*packages*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View Package Registry rate limits for more details.
+     */
+    readonly throttleAuthenticatedPackagesApiEnabled: pulumi.Output<boolean>;
+    /**
+     * Rate limit period (in seconds). View Package Registry rate limits for more details.
+     */
+    readonly throttleAuthenticatedPackagesApiPeriodInSeconds: pulumi.Output<number>;
+    /**
+     * Maximum requests per period per user. View Package Registry rate limits for more details.
+     */
+    readonly throttleAuthenticatedPackagesApiRequestsPerPeriod: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: throttle*authenticated*web*period*in*seconds and throttle*authenticated*web*requests*per*period) Enable authenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    readonly throttleAuthenticatedWebEnabled: pulumi.Output<boolean>;
+    /**
+     * Rate limit period (in seconds).
+     */
+    readonly throttleAuthenticatedWebPeriodInSeconds: pulumi.Output<number>;
+    /**
+     * Maximum requests per period per user.
+     */
+    readonly throttleAuthenticatedWebRequestsPerPeriod: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*api*period*in*seconds and throttle*unauthenticated*api*requests*per*period) Enable unauthenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    readonly throttleUnauthenticatedApiEnabled: pulumi.Output<boolean>;
+    /**
+     * Rate limit period in seconds.
+     */
+    readonly throttleUnauthenticatedApiPeriodInSeconds: pulumi.Output<number>;
+    /**
+     * Max requests per period per IP.
+     */
+    readonly throttleUnauthenticatedApiRequestsPerPeriod: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*packages*api*period*in*seconds and throttle*unauthenticated*packages*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View Package Registry rate limits for more details.
+     */
+    readonly throttleUnauthenticatedPackagesApiEnabled: pulumi.Output<boolean>;
+    /**
+     * Rate limit period (in seconds). View Package Registry rate limits for more details.
+     */
+    readonly throttleUnauthenticatedPackagesApiPeriodInSeconds: pulumi.Output<number>;
+    /**
+     * Maximum requests per period per user. View Package Registry rate limits for more details.
+     */
+    readonly throttleUnauthenticatedPackagesApiRequestsPerPeriod: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*web*period*in*seconds and throttle*unauthenticated*web*requests*per*period) Enable unauthenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    readonly throttleUnauthenticatedWebEnabled: pulumi.Output<boolean>;
+    /**
+     * Rate limit period in seconds.
+     */
+    readonly throttleUnauthenticatedWebPeriodInSeconds: pulumi.Output<number>;
+    /**
+     * Max requests per period per IP.
+     */
+    readonly throttleUnauthenticatedWebRequestsPerPeriod: pulumi.Output<number>;
+    /**
+     * Limit display of time tracking units to hours. Default is false.
+     */
+    readonly timeTrackingLimitToHours: pulumi.Output<boolean>;
+    /**
+     * Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication.
+     */
+    readonly twoFactorGracePeriod: pulumi.Output<number>;
+    /**
+     * (If enabled, requires: unique*ips*limit*per*user and unique*ips*limit*time*window) Limit sign in from multiple IPs.
+     */
+    readonly uniqueIpsLimitEnabled: pulumi.Output<boolean>;
+    /**
+     * Maximum number of IPs per user.
+     */
+    readonly uniqueIpsLimitPerUser: pulumi.Output<number>;
+    /**
+     * How many seconds an IP is counted towards the limit.
+     */
+    readonly uniqueIpsLimitTimeWindow: pulumi.Output<number>;
+    /**
+     * Every week GitLab reports license usage back to GitLab, Inc.
+     */
+    readonly usagePingEnabled: pulumi.Output<boolean>;
+    /**
+     * Send an email to users upon account deactivation.
+     */
+    readonly userDeactivationEmailsEnabled: pulumi.Output<boolean>;
+    /**
+     * Newly registered users are external by default.
+     */
+    readonly userDefaultExternal: pulumi.Output<boolean>;
+    /**
+     * Specify an email address regex pattern to identify default internal users.
+     */
+    readonly userDefaultInternalRegex: pulumi.Output<string>;
+    /**
+     * Allow users to register any application to use GitLab as an OAuth provider.
+     */
+    readonly userOauthApplications: pulumi.Output<boolean>;
+    /**
+     * When set to false disable the You won't be able to pull or push project code via SSH warning shown to users with no uploaded SSH key.
+     */
+    readonly userShowAddSshKeyMessage: pulumi.Output<boolean>;
+    /**
+     * Let GitLab inform you when an update is available.
+     */
+    readonly versionCheckEnabled: pulumi.Output<boolean>;
+    /**
+     * Live Preview (allow live previews of JavaScript projects in the Web IDE using CodeSandbox Live Preview).
+     */
+    readonly webIdeClientsidePreviewEnabled: pulumi.Output<boolean>;
+    /**
+     * What’s new variant, possible values: all*tiers, current*tier, and disabled.
+     */
+    readonly whatsNewVariant: pulumi.Output<string>;
+    /**
+     * Maximum wiki page content size in bytes. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes.
+     */
+    readonly wikiPageMaxContentBytes: pulumi.Output<number>;
+    /**
+     * Create a ApplicationSettings resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args?: ApplicationSettingsArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering ApplicationSettings resources.
+ */
+export interface ApplicationSettingsState {
+    /**
+     * If set, abuse reports are sent to this address. Abuse reports are always available in the Admin Area.
+     */
+    abuseNotificationEmail?: pulumi.Input<string>;
+    /**
+     * Require administrators to enable Admin Mode by re-authenticating for administrative tasks.
+     */
+    adminMode?: pulumi.Input<boolean>;
+    /**
+     * Where to redirect users after logout.
+     */
+    afterSignOutPath?: pulumi.Input<string>;
+    /**
+     * Text shown to the user after signing up.
+     */
+    afterSignUpText?: pulumi.Input<string>;
+    /**
+     * API key for Akismet spam protection.
+     */
+    akismetApiKey?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: akismet*api*key) Enable or disable Akismet spam protection.
+     */
+    akismetEnabled?: pulumi.Input<boolean>;
+    /**
+     * Set to true to allow group owners to manage LDAP.
+     */
+    allowGroupOwnersToManageLdap?: pulumi.Input<boolean>;
+    /**
+     * Allow requests to the local network from system hooks.
+     */
+    allowLocalRequestsFromSystemHooks?: pulumi.Input<boolean>;
+    /**
+     * Allow requests to the local network from web hooks and services.
+     */
+    allowLocalRequestsFromWebHooksAndServices?: pulumi.Input<boolean>;
+    /**
+     * Set the duration for which the jobs are considered as old and expired. After that time passes, the jobs are archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: 15 days, 1 month, 2 years.
+     */
+    archiveBuildsInHumanReadable?: pulumi.Input<string>;
+    /**
+     * Assets that match these domains are not proxied. Wildcards allowed. Your GitLab installation URL is automatically allowlisted. GitLab restart is required to apply changes.
+     */
+    assetProxyAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (If enabled, requires: asset*proxy*url) Enable proxying of assets. GitLab restart is required to apply changes.
+     */
+    assetProxyEnabled?: pulumi.Input<boolean>;
+    /**
+     * Shared secret with the asset proxy server. GitLab restart is required to apply changes.
+     */
+    assetProxySecretKey?: pulumi.Input<string>;
+    /**
+     * URL of the asset proxy server. GitLab restart is required to apply changes.
+     */
+    assetProxyUrl?: pulumi.Input<string>;
+    /**
+     * By default, we write to the authorizedKeys file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand.
+     */
+    authorizedKeysEnabled?: pulumi.Input<boolean>;
+    /**
+     * Specify a domain to use by default for every project’s Auto Review Apps and Auto Deploy stages.
+     */
+    autoDevopsDomain?: pulumi.Input<string>;
+    /**
+     * Enable Auto DevOps for projects by default. It automatically builds, tests, and deploys applications based on a predefined CI/CD configuration.
+     */
+    autoDevopsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enabling this permits automatic allocation of purchased storage in a namespace.
+     */
+    automaticPurchasedStorageAllocation?: pulumi.Input<boolean>;
+    /**
+     * Enabling this makes only licensed EE features available to projects if the project namespace’s plan includes the feature or if the project is public.
+     */
+    checkNamespacePlan?: pulumi.Input<boolean>;
+    /**
+     * Custom hostname (for private commit emails).
+     */
+    commitEmailHostname?: pulumi.Input<string>;
+    /**
+     * Enable cleanup policies for all projects.
+     */
+    containerExpirationPoliciesEnableHistoricEntries?: pulumi.Input<boolean>;
+    /**
+     * The maximum number of tags that can be deleted in a single execution of cleanup policies.
+     */
+    containerRegistryCleanupTagsServiceMaxListSize?: pulumi.Input<number>;
+    /**
+     * The maximum time, in seconds, that the cleanup process can take to delete a batch of tags for cleanup policies.
+     */
+    containerRegistryDeleteTagsServiceTimeout?: pulumi.Input<number>;
+    /**
+     * Caching during the execution of cleanup policies.
+     */
+    containerRegistryExpirationPoliciesCaching?: pulumi.Input<boolean>;
+    /**
+     * Number of workers for cleanup policies.
+     */
+    containerRegistryExpirationPoliciesWorkerCapacity?: pulumi.Input<number>;
+    /**
+     * Container Registry token duration in minutes.
+     */
+    containerRegistryTokenExpireDelay?: pulumi.Input<number>;
+    /**
+     * Enable automatic deactivation of dormant users.
+     */
+    deactivateDormantUsers?: pulumi.Input<boolean>;
+    /**
+     * Set the default expiration time for each job’s artifacts.
+     */
+    defaultArtifactsExpireIn?: pulumi.Input<string>;
+    /**
+     * Instance-level custom initial branch name (introduced in GitLab 13.2).
+     */
+    defaultBranchName?: pulumi.Input<string>;
+    /**
+     * Determine if developers can push to the default branch. Can take: 0 (not protected, both users with the Developer role or Maintainer role can push new commits and force push), 1 (partially protected, users with the Developer role or Maintainer role can push new commits, but cannot force push) or 2 (fully protected, users with the Developer or Maintainer role cannot push new commits, but users with the Developer or Maintainer role can; no one can force push) as a parameter. Default is 2.
+     */
+    defaultBranchProtection?: pulumi.Input<number>;
+    /**
+     * Default CI/CD configuration file and path for new projects (.gitlab-ci.yml if not set).
+     */
+    defaultCiConfigPath?: pulumi.Input<string>;
+    /**
+     * What visibility level new groups receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    defaultGroupVisibility?: pulumi.Input<string>;
+    /**
+     * Default project creation protection. Can take: 0 (No one), 1 (Maintainers) or 2 (Developers + Maintainers).
+     */
+    defaultProjectCreation?: pulumi.Input<number>;
+    /**
+     * What visibility level new projects receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    defaultProjectVisibility?: pulumi.Input<string>;
+    /**
+     * Project limit per user. Default is 100000.
+     */
+    defaultProjectsLimit?: pulumi.Input<number>;
+    /**
+     * What visibility level new snippets receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    defaultSnippetVisibility?: pulumi.Input<string>;
+    /**
+     * Enable delayed group deletion. Default is true. Introduced in GitLab 15.0. From GitLab 15.1, disables and locks the group-level setting for delayed protect deletion when set to false.
+     */
+    delayedGroupDeletion?: pulumi.Input<boolean>;
+    /**
+     * Enable delayed project deletion by default in new groups. Default is false. From GitLab 15.1, can only be enabled when delayed*group*deletion is true.
+     */
+    delayedProjectDeletion?: pulumi.Input<boolean>;
+    /**
+     * Enable inactive project deletion feature. Default is false. Introduced in GitLab 14.10. Became operational in GitLab 15.0 (with feature flag inactive*projects*deletion, disabled by default).
+     */
+    deleteInactiveProjects?: pulumi.Input<boolean>;
+    /**
+     * The number of days to wait before deleting a project or group that is marked for deletion. Value must be between 1 and 90. Defaults to 7. From GitLab 15.1, a hook on deletion*adjourned*period sets the period to 1 on every update, and sets both delayed*project*deletion and delayed*group*deletion to false if the period is 0.
+     */
+    deletionAdjournedPeriod?: pulumi.Input<number>;
+    /**
+     * Maximum files in a diff.
+     */
+    diffMaxFiles?: pulumi.Input<number>;
+    /**
+     * Maximum lines in a diff.
+     */
+    diffMaxLines?: pulumi.Input<number>;
+    /**
+     * Maximum diff patch size, in bytes.
+     */
+    diffMaxPatchBytes?: pulumi.Input<number>;
+    /**
+     * Disable display of RSS/Atom and calendar feed tokens (introduced in GitLab 13.7).
+     */
+    disableFeedToken?: pulumi.Input<boolean>;
+    /**
+     * Disabled OAuth sign-in sources.
+     */
+    disabledOauthSignInSources?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Enforce DNS rebinding attack protection.
+     */
+    dnsRebindingProtectionEnabled?: pulumi.Input<boolean>;
+    /**
+     * Force people to use only corporate emails for sign-up. Default is null, meaning there is no restriction.
+     */
+    domainAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (If enabled, requires: domain_denylist) Allows blocking sign-ups from emails from specific domains.
+     */
+    domainDenylistEnabled?: pulumi.Input<boolean>;
+    /**
+     * Users with email addresses that match these domains cannot sign up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com.
+     */
+    domainDenylists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The minimum allowed bit length of an uploaded DSA key. Default is 0 (no restriction). -1 disables DSA keys.
+     */
+    dsaKeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is 0 (no restriction). -1 disables ECDSA keys.
+     */
+    ecdsaKeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ECDSA*SK key. Default is 0 (no restriction). -1 disables ECDSA*SK keys.
+     */
+    ecdsaSkKeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is 0 (no restriction). -1 disables ED25519 keys.
+     */
+    ed25519KeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ED25519*SK key. Default is 0 (no restriction). -1 disables ED25519*SK keys.
+     */
+    ed25519SkKeyRestriction?: pulumi.Input<number>;
+    /**
+     * AWS IAM access key ID.
+     */
+    eksAccessKeyId?: pulumi.Input<string>;
+    /**
+     * Amazon account ID.
+     */
+    eksAccountId?: pulumi.Input<string>;
+    /**
+     * Enable integration with Amazon EKS.
+     */
+    eksIntegrationEnabled?: pulumi.Input<boolean>;
+    /**
+     * AWS IAM secret access key.
+     */
+    eksSecretAccessKey?: pulumi.Input<string>;
+    /**
+     * Enable the use of AWS hosted Elasticsearch.
+     */
+    elasticsearchAws?: pulumi.Input<boolean>;
+    /**
+     * AWS IAM access key.
+     */
+    elasticsearchAwsAccessKey?: pulumi.Input<string>;
+    /**
+     * The AWS region the Elasticsearch domain is configured.
+     */
+    elasticsearchAwsRegion?: pulumi.Input<string>;
+    /**
+     * AWS IAM secret access key.
+     */
+    elasticsearchAwsSecretAccessKey?: pulumi.Input<string>;
+    /**
+     * Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing.
+     */
+    elasticsearchIndexedFieldLengthLimit?: pulumi.Input<number>;
+    /**
+     * Maximum size of repository and wiki files that are indexed by Elasticsearch.
+     */
+    elasticsearchIndexedFileSizeLimitKb?: pulumi.Input<number>;
+    /**
+     * Enable Elasticsearch indexing.
+     */
+    elasticsearchIndexing?: pulumi.Input<boolean>;
+    /**
+     * Limit Elasticsearch to index certain namespaces and projects.
+     */
+    elasticsearchLimitIndexing?: pulumi.Input<boolean>;
+    /**
+     * Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations.
+     */
+    elasticsearchMaxBulkConcurrency?: pulumi.Input<number>;
+    /**
+     * Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations.
+     */
+    elasticsearchMaxBulkSizeMb?: pulumi.Input<number>;
+    /**
+     * The namespaces to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
+     */
+    elasticsearchNamespaceIds?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The password of your Elasticsearch instance.
+     */
+    elasticsearchPassword?: pulumi.Input<string>;
+    /**
+     * The projects to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
+     */
+    elasticsearchProjectIds?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Enable Elasticsearch search.
+     */
+    elasticsearchSearch?: pulumi.Input<boolean>;
+    /**
+     * The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, http://localhost:9200, http://localhost:9201).
+     */
+    elasticsearchUrls?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The username of your Elasticsearch instance.
+     */
+    elasticsearchUsername?: pulumi.Input<string>;
+    /**
+     * Additional text added to the bottom of every email for legal/auditing/compliance reasons.
+     */
+    emailAdditionalText?: pulumi.Input<string>;
+    /**
+     * Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.
+     */
+    emailAuthorInBody?: pulumi.Input<boolean>;
+    /**
+     * Enabled protocols for Git access. Allowed values are: ssh, http, and nil to allow both protocols.
+     */
+    enabledGitAccessProtocol?: pulumi.Input<string>;
+    /**
+     * Enabling this permits enforcement of namespace storage limits.
+     */
+    enforceNamespaceStorageLimit?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: terms) Enforce application ToS to all users.
+     */
+    enforceTerms?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: external*auth*client_key) The certificate to use to authenticate with the external authorization service.
+     */
+    externalAuthClientCert?: pulumi.Input<string>;
+    /**
+     * Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored.
+     */
+    externalAuthClientKey?: pulumi.Input<string>;
+    /**
+     * Passphrase to use for the private key when authenticating with the external service this is encrypted when stored.
+     */
+    externalAuthClientKeyPass?: pulumi.Input<string>;
+    /**
+     * The default classification label to use when requesting authorization and no classification label has been specified on the project.
+     */
+    externalAuthorizationServiceDefaultLabel?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: external*authorization*service*default*label, external*authorization*service*timeout and external*authorization*service*url) Enable using an external authorization service for accessing projects.
+     */
+    externalAuthorizationServiceEnabled?: pulumi.Input<boolean>;
+    /**
+     * The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001).
+     */
+    externalAuthorizationServiceTimeout?: pulumi.Input<number>;
+    /**
+     * URL to which authorization requests are directed.
+     */
+    externalAuthorizationServiceUrl?: pulumi.Input<string>;
+    /**
+     * How long to wait for a response from the pipeline validation service. Assumes OK if it times out.
+     */
+    externalPipelineValidationServiceTimeout?: pulumi.Input<number>;
+    /**
+     * Optional. Token to include as the X-Gitlab-Token header in requests to the URL in external*pipeline*validation*service*url.
+     */
+    externalPipelineValidationServiceToken?: pulumi.Input<string>;
+    /**
+     * URL to use for pipeline validation requests.
+     */
+    externalPipelineValidationServiceUrl?: pulumi.Input<string>;
+    /**
+     * The ID of a project to load custom file templates from.
+     */
+    fileTemplateProjectId?: pulumi.Input<number>;
+    /**
+     * Start day of the week for calendar views and date pickers. Valid values are 0 (default) for Sunday, 1 for Monday, and 6 for Saturday.
+     */
+    firstDayOfWeek?: pulumi.Input<number>;
+    /**
+     * Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, 1.1.1.1, 2.2.2.0/24.
+     */
+    geoNodeAllowedIps?: pulumi.Input<string>;
+    /**
+     * The amount of seconds after which a request to get a secondary node status times out.
+     */
+    geoStatusTimeout?: pulumi.Input<number>;
+    /**
+     * List of usernames excluded from Git anti-abuse rate limits. Default: [], Maximum: 100 usernames. Introduced in GitLab 15.2.
+     */
+    gitRateLimitUsersAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Maximum duration (in minutes) of a session for Git operations when 2FA is enabled.
+     */
+    gitTwoFactorSessionExpiry?: pulumi.Input<number>;
+    /**
+     * Default Gitaly timeout, in seconds. This timeout is not enforced for Git fetch/push operations or Sidekiq jobs. Set to 0 to disable timeouts.
+     */
+    gitalyTimeoutDefault?: pulumi.Input<number>;
+    /**
+     * Gitaly fast operation timeout, in seconds. Some Gitaly operations are expected to be fast. If they exceed this threshold, there may be a problem with a storage shard and ‘failing fast’ can help maintain the stability of the GitLab instance. Set to 0 to disable timeouts.
+     */
+    gitalyTimeoutFast?: pulumi.Input<number>;
+    /**
+     * Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to 0 to disable timeouts.
+     */
+    gitalyTimeoutMedium?: pulumi.Input<number>;
+    /**
+     * Enable Grafana.
+     */
+    grafanaEnabled?: pulumi.Input<boolean>;
+    /**
+     * Grafana URL.
+     */
+    grafanaUrl?: pulumi.Input<string>;
+    /**
+     * Enable Gravatar.
+     */
+    gravatarEnabled?: pulumi.Input<boolean>;
+    /**
+     * Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (Always enabled in GitLab versions 13.0 and later, configuration is scheduled for removal in 14.0).
+     */
+    hashedStorageEnabled?: pulumi.Input<boolean>;
+    /**
+     * Hide marketing-related entries from help.
+     */
+    helpPageHideCommercialContent?: pulumi.Input<boolean>;
+    /**
+     * Alternate support URL for help page and help dropdown.
+     */
+    helpPageSupportUrl?: pulumi.Input<string>;
+    /**
+     * Custom text displayed on the help page.
+     */
+    helpPageText?: pulumi.Input<string>;
+    /**
+     * GitLab server administrator information.
+     */
+    helpText?: pulumi.Input<string>;
+    /**
+     * Do not display offers from third parties in GitLab.
+     */
+    hideThirdPartyOffers?: pulumi.Input<boolean>;
+    /**
+     * Redirect to this URL when not logged in.
+     */
+    homePageUrl?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: housekeeping*bitmaps*enabled, housekeeping*full*repack*period, housekeeping*gc*period, and housekeeping*incremental*repack*period) Enable or disable Git housekeeping.
+     */
+    housekeepingEnabled?: pulumi.Input<boolean>;
+    /**
+     * Number of Git pushes after which an incremental git repack is run.
+     */
+    housekeepingFullRepackPeriod?: pulumi.Input<number>;
+    /**
+     * Number of Git pushes after which git gc is run.
+     */
+    housekeepingGcPeriod?: pulumi.Input<number>;
+    /**
+     * Number of Git pushes after which an incremental git repack is run.
+     */
+    housekeepingIncrementalRepackPeriod?: pulumi.Input<number>;
+    /**
+     * Enable HTML emails.
+     */
+    htmlEmailsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Sources to allow project import from, possible values: github, bitbucket, bitbucket*server, gitlab, fogbugz, git, gitlab*project, gitea, manifest, and phabricator.
+     */
+    importSources?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Enable in-product marketing emails. Enabled by default.
+     */
+    inProductMarketingEmailsEnabled?: pulumi.Input<boolean>;
+    /**
+     * If delete*inactive*projects is true, the time (in months) to wait before deleting inactive projects. Default is 2. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    inactiveProjectsDeleteAfterMonths?: pulumi.Input<number>;
+    /**
+     * If delete*inactive*projects is true, the minimum repository size for projects to be checked for inactivity. Default is 0. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    inactiveProjectsMinSizeMb?: pulumi.Input<number>;
+    /**
+     * If delete*inactive*projects is true, sets the time (in months) to wait before emailing maintainers that the project is scheduled be deleted because it is inactive. Default is 1. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    inactiveProjectsSendWarningEmailAfterMonths?: pulumi.Input<number>;
+    /**
+     * Enable Invisible CAPTCHA spam detection during sign-up. Disabled by default.
+     */
+    invisibleCaptchaEnabled?: pulumi.Input<boolean>;
+    /**
+     * Max number of issue creation requests per minute per user. Disabled by default.
+     */
+    issuesCreateLimit?: pulumi.Input<number>;
+    /**
+     * Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time. Enabled by default.
+     */
+    keepLatestArtifact?: pulumi.Input<boolean>;
+    /**
+     * Increase this value when any cached Markdown should be invalidated.
+     */
+    localMarkdownVersion?: pulumi.Input<number>;
+    /**
+     * Enable Mailgun event receiver.
+     */
+    mailgunEventsEnabled?: pulumi.Input<boolean>;
+    /**
+     * The Mailgun HTTP webhook signing key for receiving events from webhook.
+     */
+    mailgunSigningKey?: pulumi.Input<string>;
+    /**
+     * When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests.
+     */
+    maintenanceMode?: pulumi.Input<boolean>;
+    /**
+     * Message displayed when instance is in maintenance mode.
+     */
+    maintenanceModeMessage?: pulumi.Input<string>;
+    /**
+     * Maximum artifacts size in MB.
+     */
+    maxArtifactsSize?: pulumi.Input<number>;
+    /**
+     * Limit attachment size in MB.
+     */
+    maxAttachmentSize?: pulumi.Input<number>;
+    /**
+     * Maximum export size in MB. 0 for unlimited. Default = 0 (unlimited).
+     */
+    maxExportSize?: pulumi.Input<number>;
+    /**
+     * Maximum import size in MB. 0 for unlimited. Default = 0 (unlimited) Modified from 50MB to 0 in GitLab 13.8.
+     */
+    maxImportSize?: pulumi.Input<number>;
+    /**
+     * Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. Introduced in GitLab 15.1.
+     */
+    maxNumberOfRepositoryDownloads?: pulumi.Input<number>;
+    /**
+     * Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). Introduced in GitLab 15.1.
+     */
+    maxNumberOfRepositoryDownloadsWithinTimePeriod?: pulumi.Input<number>;
+    /**
+     * Maximum size of pages repositories in MB.
+     */
+    maxPagesSize?: pulumi.Input<number>;
+    /**
+     * Maximum allowable lifetime for access tokens in days.
+     */
+    maxPersonalAccessTokenLifetime?: pulumi.Input<number>;
+    /**
+     * Maximum allowable lifetime for SSH keys in days. Introduced in GitLab 14.6.
+     */
+    maxSshKeyLifetime?: pulumi.Input<number>;
+    /**
+     * A method call is only tracked when it takes longer than the given amount of milliseconds.
+     */
+    metricsMethodCallThreshold?: pulumi.Input<number>;
+    /**
+     * Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring.
+     */
+    mirrorAvailable?: pulumi.Input<boolean>;
+    /**
+     * Minimum capacity to be available before scheduling more mirrors preemptively.
+     */
+    mirrorCapacityThreshold?: pulumi.Input<number>;
+    /**
+     * Maximum number of mirrors that can be synchronizing at the same time.
+     */
+    mirrorMaxCapacity?: pulumi.Input<number>;
+    /**
+     * Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize.
+     */
+    mirrorMaxDelay?: pulumi.Input<number>;
+    /**
+     * Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm.
+     */
+    npmPackageRequestsForwarding?: pulumi.Input<boolean>;
+    /**
+     * Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled.
+     */
+    outboundLocalRequestsWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Number of workers assigned to the packages cleanup policies.
+     */
+    packageRegistryCleanupPoliciesWorkerCapacity?: pulumi.Input<number>;
+    /**
+     * Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled.
+     */
+    pagesDomainVerificationEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable authentication for Git over HTTP(S) via a GitLab account password. Default is true.
+     */
+    passwordAuthenticationEnabledForGit?: pulumi.Input<boolean>;
+    /**
+     * Enable authentication for the web interface via a GitLab account password. Default is true.
+     */
+    passwordAuthenticationEnabledForWeb?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one lowercase letter. Introduced in GitLab 15.1.
+     */
+    passwordLowercaseRequired?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one number. Introduced in GitLab 15.1.
+     */
+    passwordNumberRequired?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one symbol character. Introduced in GitLab 15.1.
+     */
+    passwordSymbolRequired?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one uppercase letter. Introduced in GitLab 15.1.
+     */
+    passwordUppercaseRequired?: pulumi.Input<boolean>;
+    /**
+     * Path of the group that is allowed to toggle the performance bar.
+     */
+    performanceBarAllowedGroupPath?: pulumi.Input<string>;
+    /**
+     * Prefix for all generated personal access tokens.
+     */
+    personalAccessTokenPrefix?: pulumi.Input<string>;
+    /**
+     * Maximum number of pipeline creation requests per minute per user and commit. Disabled by default.
+     */
+    pipelineLimitPerProjectUserSha?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: plantuml_url) Enable PlantUML integration. Default is false.
+     */
+    plantumlEnabled?: pulumi.Input<boolean>;
+    /**
+     * The PlantUML instance URL for integration.
+     */
+    plantumlUrl?: pulumi.Input<string>;
+    /**
+     * Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling.
+     */
+    pollingIntervalMultiplier?: pulumi.Input<number>;
+    /**
+     * Enable project export.
+     */
+    projectExportEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Prometheus metrics.
+     */
+    prometheusMetricsEnabled?: pulumi.Input<boolean>;
+    /**
+     * CI/CD variables are protected by default.
+     */
+    protectedCiVariables?: pulumi.Input<boolean>;
+    /**
+     * Number of changes (branches or tags) in a single push to determine whether individual push events or bulk push events are created. Bulk push events are created if it surpasses that value.
+     */
+    pushEventActivitiesLimit?: pulumi.Input<number>;
+    /**
+     * Number of changes (branches or tags) in a single push to determine whether webhooks and services fire or not. Webhooks and services aren’t submitted if it surpasses that value.
+     */
+    pushEventHooksLimit?: pulumi.Input<number>;
+    /**
+     * Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI.
+     */
+    pypiPackageRequestsForwarding?: pulumi.Input<boolean>;
+    /**
+     * When rate limiting is enabled via the throttle_* settings, send this plain text response when a rate limit is exceeded. ‘Retry later’ is sent if this is blank.
+     */
+    rateLimitingResponseText?: pulumi.Input<string>;
+    /**
+     * Max number of requests per minute for each raw path. Default: 300. To disable throttling set to 0.
+     */
+    rawBlobRequestLimit?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: recaptcha*private*key and recaptcha*site*key) Enable reCAPTCHA.
+     */
+    recaptchaEnabled?: pulumi.Input<boolean>;
+    /**
+     * Private key for reCAPTCHA.
+     */
+    recaptchaPrivateKey?: pulumi.Input<string>;
+    /**
+     * Site key for reCAPTCHA.
+     */
+    recaptchaSiteKey?: pulumi.Input<string>;
+    /**
+     * Maximum push size (MB).
+     */
+    receiveMaxInputSize?: pulumi.Input<number>;
+    /**
+     * GitLab periodically runs git fsck in all project and wiki repositories to look for silent disk corruption issues.
+     */
+    repositoryChecksEnabled?: pulumi.Input<boolean>;
+    /**
+     * Size limit per repository (MB).
+     */
+    repositorySizeLimit?: pulumi.Input<number>;
+    /**
+     * (GitLab 13.0 and earlier) List of names of enabled storage paths, taken from gitlab.yml. New projects are created in one of these stores, chosen at random.
+     */
+    repositoryStorages?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (GitLab 13.1 and later) Hash of names of taken from gitlab.yml to weights. New projects are created in one of these stores, chosen by a weighted random selection.
+     */
+    repositoryStoragesWeighted?: pulumi.Input<{
+        [key: string]: pulumi.Input<number>;
+    }>;
+    /**
+     * When enabled, any user that signs up for an account using the registration form is placed under a Pending approval state and has to be explicitly approved by an administrator.
+     */
+    requireAdminApprovalAfterUserSignup?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: two*factor*grace_period) Require all users to set up Two-factor authentication.
+     */
+    requireTwoFactorAuthentication?: pulumi.Input<boolean>;
+    /**
+     * Selected levels cannot be used by non-Administrator users for groups, projects or snippets. Can take private, internal and public as a parameter. Default is null which means there is no restriction.
+     */
+    restrictedVisibilityLevels?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The minimum allowed bit length of an uploaded RSA key. Default is 0 (no restriction). -1 disables RSA keys.
+     */
+    rsaKeyRestriction?: pulumi.Input<number>;
+    /**
+     * Max number of requests per minute for performing a search while authenticated. Default: 30. To disable throttling set to 0.
+     */
+    searchRateLimit?: pulumi.Input<number>;
+    /**
+     * Max number of requests per minute for performing a search while unauthenticated. Default: 10. To disable throttling set to 0.
+     */
+    searchRateLimitUnauthenticated?: pulumi.Input<number>;
+    /**
+     * Send confirmation email on sign-up.
+     */
+    sendUserConfirmationEmail?: pulumi.Input<boolean>;
+    /**
+     * Session duration in minutes. GitLab restart is required to apply changes.
+     */
+    sessionExpireDelay?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: shared*runners*text and shared*runners*minutes) Enable shared runners for new projects.
+     */
+    sharedRunnersEnabled?: pulumi.Input<boolean>;
+    /**
+     * Set the maximum number of CI/CD minutes that a group can use on shared runners per month.
+     */
+    sharedRunnersMinutes?: pulumi.Input<number>;
+    /**
+     * Shared runners text.
+     */
+    sharedRunnersText?: pulumi.Input<string>;
+    /**
+     * The threshold in bytes at which Sidekiq jobs are compressed before being stored in Redis. Default: 100 000 bytes (100KB).
+     */
+    sidekiqJobLimiterCompressionThresholdBytes?: pulumi.Input<number>;
+    /**
+     * The threshold in bytes at which Sidekiq jobs are rejected. Default: 0 bytes (doesn’t reject any job).
+     */
+    sidekiqJobLimiterLimitBytes?: pulumi.Input<number>;
+    /**
+     * track or compress. Sets the behavior for Sidekiq job size limits. Default: ‘compress’.
+     */
+    sidekiqJobLimiterMode?: pulumi.Input<string>;
+    /**
+     * Text on the login page.
+     */
+    signInText?: pulumi.Input<string>;
+    /**
+     * Enable registration. Default is true.
+     */
+    signupEnabled?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: slack*app*id, slack*app*secret and slack*app*secret) Enable Slack app.
+     */
+    slackAppEnabled?: pulumi.Input<boolean>;
+    /**
+     * The app ID of the Slack-app.
+     */
+    slackAppId?: pulumi.Input<string>;
+    /**
+     * The app secret of the Slack-app.
+     */
+    slackAppSecret?: pulumi.Input<string>;
+    /**
+     * The signing secret of the Slack-app.
+     */
+    slackAppSigningSecret?: pulumi.Input<string>;
+    /**
+     * The verification token of the Slack-app.
+     */
+    slackAppVerificationToken?: pulumi.Input<string>;
+    /**
+     * Max snippet content size in bytes. Default: 52428800 Bytes (50MB).
+     */
+    snippetSizeLimit?: pulumi.Input<number>;
+    /**
+     * The Snowplow site name / application ID. (for example, gitlab)
+     */
+    snowplowAppId?: pulumi.Input<string>;
+    /**
+     * The Snowplow collector hostname. (for example, snowplow.trx.gitlab.net)
+     */
+    snowplowCollectorHostname?: pulumi.Input<string>;
+    /**
+     * The Snowplow cookie domain. (for example, .gitlab.com)
+     */
+    snowplowCookieDomain?: pulumi.Input<string>;
+    /**
+     * Enable snowplow tracking.
+     */
+    snowplowEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enables Sourcegraph integration. Default is false. If enabled, requires sourcegraph_url.
+     */
+    sourcegraphEnabled?: pulumi.Input<boolean>;
+    /**
+     * Blocks Sourcegraph from being loaded on private and internal projects. Default is true.
+     */
+    sourcegraphPublicOnly?: pulumi.Input<boolean>;
+    /**
+     * The Sourcegraph instance URL for integration.
+     */
+    sourcegraphUrl?: pulumi.Input<string>;
+    /**
+     * API key used by GitLab for accessing the Spam Check service endpoint.
+     */
+    spamCheckApiKey?: pulumi.Input<string>;
+    /**
+     * Enables spam checking using external Spam Check API endpoint. Default is false.
+     */
+    spamCheckEndpointEnabled?: pulumi.Input<boolean>;
+    /**
+     * URL of the external Spamcheck service endpoint. Valid URI schemes are grpc or tls. Specifying tls forces communication to be encrypted.
+     */
+    spamCheckEndpointUrl?: pulumi.Input<string>;
+    /**
+     * Enable pipeline suggestion banner.
+     */
+    suggestPipelineEnabled?: pulumi.Input<boolean>;
+    /**
+     * Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.
+     */
+    terminalMaxSessionTime?: pulumi.Input<number>;
+    /**
+     * (Required by: enforce_terms) Markdown content for the ToS.
+     */
+    terms?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: throttle*authenticated*api*period*in*seconds and throttle*authenticated*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleAuthenticatedApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds).
+     */
+    throttleAuthenticatedApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user.
+     */
+    throttleAuthenticatedApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*authenticated*packages*api*period*in*seconds and throttle*authenticated*packages*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View Package Registry rate limits for more details.
+     */
+    throttleAuthenticatedPackagesApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds). View Package Registry rate limits for more details.
+     */
+    throttleAuthenticatedPackagesApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user. View Package Registry rate limits for more details.
+     */
+    throttleAuthenticatedPackagesApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*authenticated*web*period*in*seconds and throttle*authenticated*web*requests*per*period) Enable authenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleAuthenticatedWebEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds).
+     */
+    throttleAuthenticatedWebPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user.
+     */
+    throttleAuthenticatedWebRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*api*period*in*seconds and throttle*unauthenticated*api*requests*per*period) Enable unauthenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleUnauthenticatedApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period in seconds.
+     */
+    throttleUnauthenticatedApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Max requests per period per IP.
+     */
+    throttleUnauthenticatedApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*packages*api*period*in*seconds and throttle*unauthenticated*packages*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View Package Registry rate limits for more details.
+     */
+    throttleUnauthenticatedPackagesApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds). View Package Registry rate limits for more details.
+     */
+    throttleUnauthenticatedPackagesApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user. View Package Registry rate limits for more details.
+     */
+    throttleUnauthenticatedPackagesApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*web*period*in*seconds and throttle*unauthenticated*web*requests*per*period) Enable unauthenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleUnauthenticatedWebEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period in seconds.
+     */
+    throttleUnauthenticatedWebPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Max requests per period per IP.
+     */
+    throttleUnauthenticatedWebRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * Limit display of time tracking units to hours. Default is false.
+     */
+    timeTrackingLimitToHours?: pulumi.Input<boolean>;
+    /**
+     * Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication.
+     */
+    twoFactorGracePeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: unique*ips*limit*per*user and unique*ips*limit*time*window) Limit sign in from multiple IPs.
+     */
+    uniqueIpsLimitEnabled?: pulumi.Input<boolean>;
+    /**
+     * Maximum number of IPs per user.
+     */
+    uniqueIpsLimitPerUser?: pulumi.Input<number>;
+    /**
+     * How many seconds an IP is counted towards the limit.
+     */
+    uniqueIpsLimitTimeWindow?: pulumi.Input<number>;
+    /**
+     * Every week GitLab reports license usage back to GitLab, Inc.
+     */
+    usagePingEnabled?: pulumi.Input<boolean>;
+    /**
+     * Send an email to users upon account deactivation.
+     */
+    userDeactivationEmailsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Newly registered users are external by default.
+     */
+    userDefaultExternal?: pulumi.Input<boolean>;
+    /**
+     * Specify an email address regex pattern to identify default internal users.
+     */
+    userDefaultInternalRegex?: pulumi.Input<string>;
+    /**
+     * Allow users to register any application to use GitLab as an OAuth provider.
+     */
+    userOauthApplications?: pulumi.Input<boolean>;
+    /**
+     * When set to false disable the You won't be able to pull or push project code via SSH warning shown to users with no uploaded SSH key.
+     */
+    userShowAddSshKeyMessage?: pulumi.Input<boolean>;
+    /**
+     * Let GitLab inform you when an update is available.
+     */
+    versionCheckEnabled?: pulumi.Input<boolean>;
+    /**
+     * Live Preview (allow live previews of JavaScript projects in the Web IDE using CodeSandbox Live Preview).
+     */
+    webIdeClientsidePreviewEnabled?: pulumi.Input<boolean>;
+    /**
+     * What’s new variant, possible values: all*tiers, current*tier, and disabled.
+     */
+    whatsNewVariant?: pulumi.Input<string>;
+    /**
+     * Maximum wiki page content size in bytes. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes.
+     */
+    wikiPageMaxContentBytes?: pulumi.Input<number>;
+}
+/**
+ * The set of arguments for constructing a ApplicationSettings resource.
+ */
+export interface ApplicationSettingsArgs {
+    /**
+     * If set, abuse reports are sent to this address. Abuse reports are always available in the Admin Area.
+     */
+    abuseNotificationEmail?: pulumi.Input<string>;
+    /**
+     * Require administrators to enable Admin Mode by re-authenticating for administrative tasks.
+     */
+    adminMode?: pulumi.Input<boolean>;
+    /**
+     * Where to redirect users after logout.
+     */
+    afterSignOutPath?: pulumi.Input<string>;
+    /**
+     * Text shown to the user after signing up.
+     */
+    afterSignUpText?: pulumi.Input<string>;
+    /**
+     * API key for Akismet spam protection.
+     */
+    akismetApiKey?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: akismet*api*key) Enable or disable Akismet spam protection.
+     */
+    akismetEnabled?: pulumi.Input<boolean>;
+    /**
+     * Set to true to allow group owners to manage LDAP.
+     */
+    allowGroupOwnersToManageLdap?: pulumi.Input<boolean>;
+    /**
+     * Allow requests to the local network from system hooks.
+     */
+    allowLocalRequestsFromSystemHooks?: pulumi.Input<boolean>;
+    /**
+     * Allow requests to the local network from web hooks and services.
+     */
+    allowLocalRequestsFromWebHooksAndServices?: pulumi.Input<boolean>;
+    /**
+     * Set the duration for which the jobs are considered as old and expired. After that time passes, the jobs are archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: 15 days, 1 month, 2 years.
+     */
+    archiveBuildsInHumanReadable?: pulumi.Input<string>;
+    /**
+     * Assets that match these domains are not proxied. Wildcards allowed. Your GitLab installation URL is automatically allowlisted. GitLab restart is required to apply changes.
+     */
+    assetProxyAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (If enabled, requires: asset*proxy*url) Enable proxying of assets. GitLab restart is required to apply changes.
+     */
+    assetProxyEnabled?: pulumi.Input<boolean>;
+    /**
+     * Shared secret with the asset proxy server. GitLab restart is required to apply changes.
+     */
+    assetProxySecretKey?: pulumi.Input<string>;
+    /**
+     * URL of the asset proxy server. GitLab restart is required to apply changes.
+     */
+    assetProxyUrl?: pulumi.Input<string>;
+    /**
+     * By default, we write to the authorizedKeys file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand.
+     */
+    authorizedKeysEnabled?: pulumi.Input<boolean>;
+    /**
+     * Specify a domain to use by default for every project’s Auto Review Apps and Auto Deploy stages.
+     */
+    autoDevopsDomain?: pulumi.Input<string>;
+    /**
+     * Enable Auto DevOps for projects by default. It automatically builds, tests, and deploys applications based on a predefined CI/CD configuration.
+     */
+    autoDevopsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enabling this permits automatic allocation of purchased storage in a namespace.
+     */
+    automaticPurchasedStorageAllocation?: pulumi.Input<boolean>;
+    /**
+     * Enabling this makes only licensed EE features available to projects if the project namespace’s plan includes the feature or if the project is public.
+     */
+    checkNamespacePlan?: pulumi.Input<boolean>;
+    /**
+     * Custom hostname (for private commit emails).
+     */
+    commitEmailHostname?: pulumi.Input<string>;
+    /**
+     * Enable cleanup policies for all projects.
+     */
+    containerExpirationPoliciesEnableHistoricEntries?: pulumi.Input<boolean>;
+    /**
+     * The maximum number of tags that can be deleted in a single execution of cleanup policies.
+     */
+    containerRegistryCleanupTagsServiceMaxListSize?: pulumi.Input<number>;
+    /**
+     * The maximum time, in seconds, that the cleanup process can take to delete a batch of tags for cleanup policies.
+     */
+    containerRegistryDeleteTagsServiceTimeout?: pulumi.Input<number>;
+    /**
+     * Caching during the execution of cleanup policies.
+     */
+    containerRegistryExpirationPoliciesCaching?: pulumi.Input<boolean>;
+    /**
+     * Number of workers for cleanup policies.
+     */
+    containerRegistryExpirationPoliciesWorkerCapacity?: pulumi.Input<number>;
+    /**
+     * Container Registry token duration in minutes.
+     */
+    containerRegistryTokenExpireDelay?: pulumi.Input<number>;
+    /**
+     * Enable automatic deactivation of dormant users.
+     */
+    deactivateDormantUsers?: pulumi.Input<boolean>;
+    /**
+     * Set the default expiration time for each job’s artifacts.
+     */
+    defaultArtifactsExpireIn?: pulumi.Input<string>;
+    /**
+     * Instance-level custom initial branch name (introduced in GitLab 13.2).
+     */
+    defaultBranchName?: pulumi.Input<string>;
+    /**
+     * Determine if developers can push to the default branch. Can take: 0 (not protected, both users with the Developer role or Maintainer role can push new commits and force push), 1 (partially protected, users with the Developer role or Maintainer role can push new commits, but cannot force push) or 2 (fully protected, users with the Developer or Maintainer role cannot push new commits, but users with the Developer or Maintainer role can; no one can force push) as a parameter. Default is 2.
+     */
+    defaultBranchProtection?: pulumi.Input<number>;
+    /**
+     * Default CI/CD configuration file and path for new projects (.gitlab-ci.yml if not set).
+     */
+    defaultCiConfigPath?: pulumi.Input<string>;
+    /**
+     * What visibility level new groups receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    defaultGroupVisibility?: pulumi.Input<string>;
+    /**
+     * Default project creation protection. Can take: 0 (No one), 1 (Maintainers) or 2 (Developers + Maintainers).
+     */
+    defaultProjectCreation?: pulumi.Input<number>;
+    /**
+     * What visibility level new projects receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    defaultProjectVisibility?: pulumi.Input<string>;
+    /**
+     * Project limit per user. Default is 100000.
+     */
+    defaultProjectsLimit?: pulumi.Input<number>;
+    /**
+     * What visibility level new snippets receive. Can take private, internal and public as a parameter. Default is private.
+     */
+    defaultSnippetVisibility?: pulumi.Input<string>;
+    /**
+     * Enable delayed group deletion. Default is true. Introduced in GitLab 15.0. From GitLab 15.1, disables and locks the group-level setting for delayed protect deletion when set to false.
+     */
+    delayedGroupDeletion?: pulumi.Input<boolean>;
+    /**
+     * Enable delayed project deletion by default in new groups. Default is false. From GitLab 15.1, can only be enabled when delayed*group*deletion is true.
+     */
+    delayedProjectDeletion?: pulumi.Input<boolean>;
+    /**
+     * Enable inactive project deletion feature. Default is false. Introduced in GitLab 14.10. Became operational in GitLab 15.0 (with feature flag inactive*projects*deletion, disabled by default).
+     */
+    deleteInactiveProjects?: pulumi.Input<boolean>;
+    /**
+     * The number of days to wait before deleting a project or group that is marked for deletion. Value must be between 1 and 90. Defaults to 7. From GitLab 15.1, a hook on deletion*adjourned*period sets the period to 1 on every update, and sets both delayed*project*deletion and delayed*group*deletion to false if the period is 0.
+     */
+    deletionAdjournedPeriod?: pulumi.Input<number>;
+    /**
+     * Maximum files in a diff.
+     */
+    diffMaxFiles?: pulumi.Input<number>;
+    /**
+     * Maximum lines in a diff.
+     */
+    diffMaxLines?: pulumi.Input<number>;
+    /**
+     * Maximum diff patch size, in bytes.
+     */
+    diffMaxPatchBytes?: pulumi.Input<number>;
+    /**
+     * Disable display of RSS/Atom and calendar feed tokens (introduced in GitLab 13.7).
+     */
+    disableFeedToken?: pulumi.Input<boolean>;
+    /**
+     * Disabled OAuth sign-in sources.
+     */
+    disabledOauthSignInSources?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Enforce DNS rebinding attack protection.
+     */
+    dnsRebindingProtectionEnabled?: pulumi.Input<boolean>;
+    /**
+     * Force people to use only corporate emails for sign-up. Default is null, meaning there is no restriction.
+     */
+    domainAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (If enabled, requires: domain_denylist) Allows blocking sign-ups from emails from specific domains.
+     */
+    domainDenylistEnabled?: pulumi.Input<boolean>;
+    /**
+     * Users with email addresses that match these domains cannot sign up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com.
+     */
+    domainDenylists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The minimum allowed bit length of an uploaded DSA key. Default is 0 (no restriction). -1 disables DSA keys.
+     */
+    dsaKeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is 0 (no restriction). -1 disables ECDSA keys.
+     */
+    ecdsaKeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ECDSA*SK key. Default is 0 (no restriction). -1 disables ECDSA*SK keys.
+     */
+    ecdsaSkKeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is 0 (no restriction). -1 disables ED25519 keys.
+     */
+    ed25519KeyRestriction?: pulumi.Input<number>;
+    /**
+     * The minimum allowed curve size (in bits) of an uploaded ED25519*SK key. Default is 0 (no restriction). -1 disables ED25519*SK keys.
+     */
+    ed25519SkKeyRestriction?: pulumi.Input<number>;
+    /**
+     * AWS IAM access key ID.
+     */
+    eksAccessKeyId?: pulumi.Input<string>;
+    /**
+     * Amazon account ID.
+     */
+    eksAccountId?: pulumi.Input<string>;
+    /**
+     * Enable integration with Amazon EKS.
+     */
+    eksIntegrationEnabled?: pulumi.Input<boolean>;
+    /**
+     * AWS IAM secret access key.
+     */
+    eksSecretAccessKey?: pulumi.Input<string>;
+    /**
+     * Enable the use of AWS hosted Elasticsearch.
+     */
+    elasticsearchAws?: pulumi.Input<boolean>;
+    /**
+     * AWS IAM access key.
+     */
+    elasticsearchAwsAccessKey?: pulumi.Input<string>;
+    /**
+     * The AWS region the Elasticsearch domain is configured.
+     */
+    elasticsearchAwsRegion?: pulumi.Input<string>;
+    /**
+     * AWS IAM secret access key.
+     */
+    elasticsearchAwsSecretAccessKey?: pulumi.Input<string>;
+    /**
+     * Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing.
+     */
+    elasticsearchIndexedFieldLengthLimit?: pulumi.Input<number>;
+    /**
+     * Maximum size of repository and wiki files that are indexed by Elasticsearch.
+     */
+    elasticsearchIndexedFileSizeLimitKb?: pulumi.Input<number>;
+    /**
+     * Enable Elasticsearch indexing.
+     */
+    elasticsearchIndexing?: pulumi.Input<boolean>;
+    /**
+     * Limit Elasticsearch to index certain namespaces and projects.
+     */
+    elasticsearchLimitIndexing?: pulumi.Input<boolean>;
+    /**
+     * Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations.
+     */
+    elasticsearchMaxBulkConcurrency?: pulumi.Input<number>;
+    /**
+     * Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations.
+     */
+    elasticsearchMaxBulkSizeMb?: pulumi.Input<number>;
+    /**
+     * The namespaces to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
+     */
+    elasticsearchNamespaceIds?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The password of your Elasticsearch instance.
+     */
+    elasticsearchPassword?: pulumi.Input<string>;
+    /**
+     * The projects to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
+     */
+    elasticsearchProjectIds?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Enable Elasticsearch search.
+     */
+    elasticsearchSearch?: pulumi.Input<boolean>;
+    /**
+     * The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, http://localhost:9200, http://localhost:9201).
+     */
+    elasticsearchUrls?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The username of your Elasticsearch instance.
+     */
+    elasticsearchUsername?: pulumi.Input<string>;
+    /**
+     * Additional text added to the bottom of every email for legal/auditing/compliance reasons.
+     */
+    emailAdditionalText?: pulumi.Input<string>;
+    /**
+     * Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.
+     */
+    emailAuthorInBody?: pulumi.Input<boolean>;
+    /**
+     * Enabled protocols for Git access. Allowed values are: ssh, http, and nil to allow both protocols.
+     */
+    enabledGitAccessProtocol?: pulumi.Input<string>;
+    /**
+     * Enabling this permits enforcement of namespace storage limits.
+     */
+    enforceNamespaceStorageLimit?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: terms) Enforce application ToS to all users.
+     */
+    enforceTerms?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: external*auth*client_key) The certificate to use to authenticate with the external authorization service.
+     */
+    externalAuthClientCert?: pulumi.Input<string>;
+    /**
+     * Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored.
+     */
+    externalAuthClientKey?: pulumi.Input<string>;
+    /**
+     * Passphrase to use for the private key when authenticating with the external service this is encrypted when stored.
+     */
+    externalAuthClientKeyPass?: pulumi.Input<string>;
+    /**
+     * The default classification label to use when requesting authorization and no classification label has been specified on the project.
+     */
+    externalAuthorizationServiceDefaultLabel?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: external*authorization*service*default*label, external*authorization*service*timeout and external*authorization*service*url) Enable using an external authorization service for accessing projects.
+     */
+    externalAuthorizationServiceEnabled?: pulumi.Input<boolean>;
+    /**
+     * The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001).
+     */
+    externalAuthorizationServiceTimeout?: pulumi.Input<number>;
+    /**
+     * URL to which authorization requests are directed.
+     */
+    externalAuthorizationServiceUrl?: pulumi.Input<string>;
+    /**
+     * How long to wait for a response from the pipeline validation service. Assumes OK if it times out.
+     */
+    externalPipelineValidationServiceTimeout?: pulumi.Input<number>;
+    /**
+     * Optional. Token to include as the X-Gitlab-Token header in requests to the URL in external*pipeline*validation*service*url.
+     */
+    externalPipelineValidationServiceToken?: pulumi.Input<string>;
+    /**
+     * URL to use for pipeline validation requests.
+     */
+    externalPipelineValidationServiceUrl?: pulumi.Input<string>;
+    /**
+     * The ID of a project to load custom file templates from.
+     */
+    fileTemplateProjectId?: pulumi.Input<number>;
+    /**
+     * Start day of the week for calendar views and date pickers. Valid values are 0 (default) for Sunday, 1 for Monday, and 6 for Saturday.
+     */
+    firstDayOfWeek?: pulumi.Input<number>;
+    /**
+     * Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, 1.1.1.1, 2.2.2.0/24.
+     */
+    geoNodeAllowedIps?: pulumi.Input<string>;
+    /**
+     * The amount of seconds after which a request to get a secondary node status times out.
+     */
+    geoStatusTimeout?: pulumi.Input<number>;
+    /**
+     * List of usernames excluded from Git anti-abuse rate limits. Default: [], Maximum: 100 usernames. Introduced in GitLab 15.2.
+     */
+    gitRateLimitUsersAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Maximum duration (in minutes) of a session for Git operations when 2FA is enabled.
+     */
+    gitTwoFactorSessionExpiry?: pulumi.Input<number>;
+    /**
+     * Default Gitaly timeout, in seconds. This timeout is not enforced for Git fetch/push operations or Sidekiq jobs. Set to 0 to disable timeouts.
+     */
+    gitalyTimeoutDefault?: pulumi.Input<number>;
+    /**
+     * Gitaly fast operation timeout, in seconds. Some Gitaly operations are expected to be fast. If they exceed this threshold, there may be a problem with a storage shard and ‘failing fast’ can help maintain the stability of the GitLab instance. Set to 0 to disable timeouts.
+     */
+    gitalyTimeoutFast?: pulumi.Input<number>;
+    /**
+     * Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to 0 to disable timeouts.
+     */
+    gitalyTimeoutMedium?: pulumi.Input<number>;
+    /**
+     * Enable Grafana.
+     */
+    grafanaEnabled?: pulumi.Input<boolean>;
+    /**
+     * Grafana URL.
+     */
+    grafanaUrl?: pulumi.Input<string>;
+    /**
+     * Enable Gravatar.
+     */
+    gravatarEnabled?: pulumi.Input<boolean>;
+    /**
+     * Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (Always enabled in GitLab versions 13.0 and later, configuration is scheduled for removal in 14.0).
+     */
+    hashedStorageEnabled?: pulumi.Input<boolean>;
+    /**
+     * Hide marketing-related entries from help.
+     */
+    helpPageHideCommercialContent?: pulumi.Input<boolean>;
+    /**
+     * Alternate support URL for help page and help dropdown.
+     */
+    helpPageSupportUrl?: pulumi.Input<string>;
+    /**
+     * Custom text displayed on the help page.
+     */
+    helpPageText?: pulumi.Input<string>;
+    /**
+     * GitLab server administrator information.
+     */
+    helpText?: pulumi.Input<string>;
+    /**
+     * Do not display offers from third parties in GitLab.
+     */
+    hideThirdPartyOffers?: pulumi.Input<boolean>;
+    /**
+     * Redirect to this URL when not logged in.
+     */
+    homePageUrl?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: housekeeping*bitmaps*enabled, housekeeping*full*repack*period, housekeeping*gc*period, and housekeeping*incremental*repack*period) Enable or disable Git housekeeping.
+     */
+    housekeepingEnabled?: pulumi.Input<boolean>;
+    /**
+     * Number of Git pushes after which an incremental git repack is run.
+     */
+    housekeepingFullRepackPeriod?: pulumi.Input<number>;
+    /**
+     * Number of Git pushes after which git gc is run.
+     */
+    housekeepingGcPeriod?: pulumi.Input<number>;
+    /**
+     * Number of Git pushes after which an incremental git repack is run.
+     */
+    housekeepingIncrementalRepackPeriod?: pulumi.Input<number>;
+    /**
+     * Enable HTML emails.
+     */
+    htmlEmailsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Sources to allow project import from, possible values: github, bitbucket, bitbucket*server, gitlab, fogbugz, git, gitlab*project, gitea, manifest, and phabricator.
+     */
+    importSources?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Enable in-product marketing emails. Enabled by default.
+     */
+    inProductMarketingEmailsEnabled?: pulumi.Input<boolean>;
+    /**
+     * If delete*inactive*projects is true, the time (in months) to wait before deleting inactive projects. Default is 2. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    inactiveProjectsDeleteAfterMonths?: pulumi.Input<number>;
+    /**
+     * If delete*inactive*projects is true, the minimum repository size for projects to be checked for inactivity. Default is 0. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    inactiveProjectsMinSizeMb?: pulumi.Input<number>;
+    /**
+     * If delete*inactive*projects is true, sets the time (in months) to wait before emailing maintainers that the project is scheduled be deleted because it is inactive. Default is 1. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
+     */
+    inactiveProjectsSendWarningEmailAfterMonths?: pulumi.Input<number>;
+    /**
+     * Enable Invisible CAPTCHA spam detection during sign-up. Disabled by default.
+     */
+    invisibleCaptchaEnabled?: pulumi.Input<boolean>;
+    /**
+     * Max number of issue creation requests per minute per user. Disabled by default.
+     */
+    issuesCreateLimit?: pulumi.Input<number>;
+    /**
+     * Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time. Enabled by default.
+     */
+    keepLatestArtifact?: pulumi.Input<boolean>;
+    /**
+     * Increase this value when any cached Markdown should be invalidated.
+     */
+    localMarkdownVersion?: pulumi.Input<number>;
+    /**
+     * Enable Mailgun event receiver.
+     */
+    mailgunEventsEnabled?: pulumi.Input<boolean>;
+    /**
+     * The Mailgun HTTP webhook signing key for receiving events from webhook.
+     */
+    mailgunSigningKey?: pulumi.Input<string>;
+    /**
+     * When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests.
+     */
+    maintenanceMode?: pulumi.Input<boolean>;
+    /**
+     * Message displayed when instance is in maintenance mode.
+     */
+    maintenanceModeMessage?: pulumi.Input<string>;
+    /**
+     * Maximum artifacts size in MB.
+     */
+    maxArtifactsSize?: pulumi.Input<number>;
+    /**
+     * Limit attachment size in MB.
+     */
+    maxAttachmentSize?: pulumi.Input<number>;
+    /**
+     * Maximum export size in MB. 0 for unlimited. Default = 0 (unlimited).
+     */
+    maxExportSize?: pulumi.Input<number>;
+    /**
+     * Maximum import size in MB. 0 for unlimited. Default = 0 (unlimited) Modified from 50MB to 0 in GitLab 13.8.
+     */
+    maxImportSize?: pulumi.Input<number>;
+    /**
+     * Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. Introduced in GitLab 15.1.
+     */
+    maxNumberOfRepositoryDownloads?: pulumi.Input<number>;
+    /**
+     * Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). Introduced in GitLab 15.1.
+     */
+    maxNumberOfRepositoryDownloadsWithinTimePeriod?: pulumi.Input<number>;
+    /**
+     * Maximum size of pages repositories in MB.
+     */
+    maxPagesSize?: pulumi.Input<number>;
+    /**
+     * Maximum allowable lifetime for access tokens in days.
+     */
+    maxPersonalAccessTokenLifetime?: pulumi.Input<number>;
+    /**
+     * Maximum allowable lifetime for SSH keys in days. Introduced in GitLab 14.6.
+     */
+    maxSshKeyLifetime?: pulumi.Input<number>;
+    /**
+     * A method call is only tracked when it takes longer than the given amount of milliseconds.
+     */
+    metricsMethodCallThreshold?: pulumi.Input<number>;
+    /**
+     * Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring.
+     */
+    mirrorAvailable?: pulumi.Input<boolean>;
+    /**
+     * Minimum capacity to be available before scheduling more mirrors preemptively.
+     */
+    mirrorCapacityThreshold?: pulumi.Input<number>;
+    /**
+     * Maximum number of mirrors that can be synchronizing at the same time.
+     */
+    mirrorMaxCapacity?: pulumi.Input<number>;
+    /**
+     * Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize.
+     */
+    mirrorMaxDelay?: pulumi.Input<number>;
+    /**
+     * Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm.
+     */
+    npmPackageRequestsForwarding?: pulumi.Input<boolean>;
+    /**
+     * Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled.
+     */
+    outboundLocalRequestsWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Number of workers assigned to the packages cleanup policies.
+     */
+    packageRegistryCleanupPoliciesWorkerCapacity?: pulumi.Input<number>;
+    /**
+     * Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled.
+     */
+    pagesDomainVerificationEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable authentication for Git over HTTP(S) via a GitLab account password. Default is true.
+     */
+    passwordAuthenticationEnabledForGit?: pulumi.Input<boolean>;
+    /**
+     * Enable authentication for the web interface via a GitLab account password. Default is true.
+     */
+    passwordAuthenticationEnabledForWeb?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one lowercase letter. Introduced in GitLab 15.1.
+     */
+    passwordLowercaseRequired?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one number. Introduced in GitLab 15.1.
+     */
+    passwordNumberRequired?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one symbol character. Introduced in GitLab 15.1.
+     */
+    passwordSymbolRequired?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether passwords require at least one uppercase letter. Introduced in GitLab 15.1.
+     */
+    passwordUppercaseRequired?: pulumi.Input<boolean>;
+    /**
+     * Path of the group that is allowed to toggle the performance bar.
+     */
+    performanceBarAllowedGroupPath?: pulumi.Input<string>;
+    /**
+     * Prefix for all generated personal access tokens.
+     */
+    personalAccessTokenPrefix?: pulumi.Input<string>;
+    /**
+     * Maximum number of pipeline creation requests per minute per user and commit. Disabled by default.
+     */
+    pipelineLimitPerProjectUserSha?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: plantuml_url) Enable PlantUML integration. Default is false.
+     */
+    plantumlEnabled?: pulumi.Input<boolean>;
+    /**
+     * The PlantUML instance URL for integration.
+     */
+    plantumlUrl?: pulumi.Input<string>;
+    /**
+     * Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling.
+     */
+    pollingIntervalMultiplier?: pulumi.Input<number>;
+    /**
+     * Enable project export.
+     */
+    projectExportEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Prometheus metrics.
+     */
+    prometheusMetricsEnabled?: pulumi.Input<boolean>;
+    /**
+     * CI/CD variables are protected by default.
+     */
+    protectedCiVariables?: pulumi.Input<boolean>;
+    /**
+     * Number of changes (branches or tags) in a single push to determine whether individual push events or bulk push events are created. Bulk push events are created if it surpasses that value.
+     */
+    pushEventActivitiesLimit?: pulumi.Input<number>;
+    /**
+     * Number of changes (branches or tags) in a single push to determine whether webhooks and services fire or not. Webhooks and services aren’t submitted if it surpasses that value.
+     */
+    pushEventHooksLimit?: pulumi.Input<number>;
+    /**
+     * Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI.
+     */
+    pypiPackageRequestsForwarding?: pulumi.Input<boolean>;
+    /**
+     * When rate limiting is enabled via the throttle_* settings, send this plain text response when a rate limit is exceeded. ‘Retry later’ is sent if this is blank.
+     */
+    rateLimitingResponseText?: pulumi.Input<string>;
+    /**
+     * Max number of requests per minute for each raw path. Default: 300. To disable throttling set to 0.
+     */
+    rawBlobRequestLimit?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: recaptcha*private*key and recaptcha*site*key) Enable reCAPTCHA.
+     */
+    recaptchaEnabled?: pulumi.Input<boolean>;
+    /**
+     * Private key for reCAPTCHA.
+     */
+    recaptchaPrivateKey?: pulumi.Input<string>;
+    /**
+     * Site key for reCAPTCHA.
+     */
+    recaptchaSiteKey?: pulumi.Input<string>;
+    /**
+     * Maximum push size (MB).
+     */
+    receiveMaxInputSize?: pulumi.Input<number>;
+    /**
+     * GitLab periodically runs git fsck in all project and wiki repositories to look for silent disk corruption issues.
+     */
+    repositoryChecksEnabled?: pulumi.Input<boolean>;
+    /**
+     * Size limit per repository (MB).
+     */
+    repositorySizeLimit?: pulumi.Input<number>;
+    /**
+     * (GitLab 13.0 and earlier) List of names of enabled storage paths, taken from gitlab.yml. New projects are created in one of these stores, chosen at random.
+     */
+    repositoryStorages?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * (GitLab 13.1 and later) Hash of names of taken from gitlab.yml to weights. New projects are created in one of these stores, chosen by a weighted random selection.
+     */
+    repositoryStoragesWeighted?: pulumi.Input<{
+        [key: string]: pulumi.Input<number>;
+    }>;
+    /**
+     * When enabled, any user that signs up for an account using the registration form is placed under a Pending approval state and has to be explicitly approved by an administrator.
+     */
+    requireAdminApprovalAfterUserSignup?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: two*factor*grace_period) Require all users to set up Two-factor authentication.
+     */
+    requireTwoFactorAuthentication?: pulumi.Input<boolean>;
+    /**
+     * Selected levels cannot be used by non-Administrator users for groups, projects or snippets. Can take private, internal and public as a parameter. Default is null which means there is no restriction.
+     */
+    restrictedVisibilityLevels?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The minimum allowed bit length of an uploaded RSA key. Default is 0 (no restriction). -1 disables RSA keys.
+     */
+    rsaKeyRestriction?: pulumi.Input<number>;
+    /**
+     * Max number of requests per minute for performing a search while authenticated. Default: 30. To disable throttling set to 0.
+     */
+    searchRateLimit?: pulumi.Input<number>;
+    /**
+     * Max number of requests per minute for performing a search while unauthenticated. Default: 10. To disable throttling set to 0.
+     */
+    searchRateLimitUnauthenticated?: pulumi.Input<number>;
+    /**
+     * Send confirmation email on sign-up.
+     */
+    sendUserConfirmationEmail?: pulumi.Input<boolean>;
+    /**
+     * Session duration in minutes. GitLab restart is required to apply changes.
+     */
+    sessionExpireDelay?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: shared*runners*text and shared*runners*minutes) Enable shared runners for new projects.
+     */
+    sharedRunnersEnabled?: pulumi.Input<boolean>;
+    /**
+     * Set the maximum number of CI/CD minutes that a group can use on shared runners per month.
+     */
+    sharedRunnersMinutes?: pulumi.Input<number>;
+    /**
+     * Shared runners text.
+     */
+    sharedRunnersText?: pulumi.Input<string>;
+    /**
+     * The threshold in bytes at which Sidekiq jobs are compressed before being stored in Redis. Default: 100 000 bytes (100KB).
+     */
+    sidekiqJobLimiterCompressionThresholdBytes?: pulumi.Input<number>;
+    /**
+     * The threshold in bytes at which Sidekiq jobs are rejected. Default: 0 bytes (doesn’t reject any job).
+     */
+    sidekiqJobLimiterLimitBytes?: pulumi.Input<number>;
+    /**
+     * track or compress. Sets the behavior for Sidekiq job size limits. Default: ‘compress’.
+     */
+    sidekiqJobLimiterMode?: pulumi.Input<string>;
+    /**
+     * Text on the login page.
+     */
+    signInText?: pulumi.Input<string>;
+    /**
+     * Enable registration. Default is true.
+     */
+    signupEnabled?: pulumi.Input<boolean>;
+    /**
+     * (If enabled, requires: slack*app*id, slack*app*secret and slack*app*secret) Enable Slack app.
+     */
+    slackAppEnabled?: pulumi.Input<boolean>;
+    /**
+     * The app ID of the Slack-app.
+     */
+    slackAppId?: pulumi.Input<string>;
+    /**
+     * The app secret of the Slack-app.
+     */
+    slackAppSecret?: pulumi.Input<string>;
+    /**
+     * The signing secret of the Slack-app.
+     */
+    slackAppSigningSecret?: pulumi.Input<string>;
+    /**
+     * The verification token of the Slack-app.
+     */
+    slackAppVerificationToken?: pulumi.Input<string>;
+    /**
+     * Max snippet content size in bytes. Default: 52428800 Bytes (50MB).
+     */
+    snippetSizeLimit?: pulumi.Input<number>;
+    /**
+     * The Snowplow site name / application ID. (for example, gitlab)
+     */
+    snowplowAppId?: pulumi.Input<string>;
+    /**
+     * The Snowplow collector hostname. (for example, snowplow.trx.gitlab.net)
+     */
+    snowplowCollectorHostname?: pulumi.Input<string>;
+    /**
+     * The Snowplow cookie domain. (for example, .gitlab.com)
+     */
+    snowplowCookieDomain?: pulumi.Input<string>;
+    /**
+     * Enable snowplow tracking.
+     */
+    snowplowEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enables Sourcegraph integration. Default is false. If enabled, requires sourcegraph_url.
+     */
+    sourcegraphEnabled?: pulumi.Input<boolean>;
+    /**
+     * Blocks Sourcegraph from being loaded on private and internal projects. Default is true.
+     */
+    sourcegraphPublicOnly?: pulumi.Input<boolean>;
+    /**
+     * The Sourcegraph instance URL for integration.
+     */
+    sourcegraphUrl?: pulumi.Input<string>;
+    /**
+     * API key used by GitLab for accessing the Spam Check service endpoint.
+     */
+    spamCheckApiKey?: pulumi.Input<string>;
+    /**
+     * Enables spam checking using external Spam Check API endpoint. Default is false.
+     */
+    spamCheckEndpointEnabled?: pulumi.Input<boolean>;
+    /**
+     * URL of the external Spamcheck service endpoint. Valid URI schemes are grpc or tls. Specifying tls forces communication to be encrypted.
+     */
+    spamCheckEndpointUrl?: pulumi.Input<string>;
+    /**
+     * Enable pipeline suggestion banner.
+     */
+    suggestPipelineEnabled?: pulumi.Input<boolean>;
+    /**
+     * Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.
+     */
+    terminalMaxSessionTime?: pulumi.Input<number>;
+    /**
+     * (Required by: enforce_terms) Markdown content for the ToS.
+     */
+    terms?: pulumi.Input<string>;
+    /**
+     * (If enabled, requires: throttle*authenticated*api*period*in*seconds and throttle*authenticated*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleAuthenticatedApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds).
+     */
+    throttleAuthenticatedApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user.
+     */
+    throttleAuthenticatedApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*authenticated*packages*api*period*in*seconds and throttle*authenticated*packages*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View Package Registry rate limits for more details.
+     */
+    throttleAuthenticatedPackagesApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds). View Package Registry rate limits for more details.
+     */
+    throttleAuthenticatedPackagesApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user. View Package Registry rate limits for more details.
+     */
+    throttleAuthenticatedPackagesApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*authenticated*web*period*in*seconds and throttle*authenticated*web*requests*per*period) Enable authenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleAuthenticatedWebEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds).
+     */
+    throttleAuthenticatedWebPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user.
+     */
+    throttleAuthenticatedWebRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*api*period*in*seconds and throttle*unauthenticated*api*requests*per*period) Enable unauthenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleUnauthenticatedApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period in seconds.
+     */
+    throttleUnauthenticatedApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Max requests per period per IP.
+     */
+    throttleUnauthenticatedApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*packages*api*period*in*seconds and throttle*unauthenticated*packages*api*requests*per*period) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View Package Registry rate limits for more details.
+     */
+    throttleUnauthenticatedPackagesApiEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period (in seconds). View Package Registry rate limits for more details.
+     */
+    throttleUnauthenticatedPackagesApiPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Maximum requests per period per user. View Package Registry rate limits for more details.
+     */
+    throttleUnauthenticatedPackagesApiRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: throttle*unauthenticated*web*period*in*seconds and throttle*unauthenticated*web*requests*per*period) Enable unauthenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots).
+     */
+    throttleUnauthenticatedWebEnabled?: pulumi.Input<boolean>;
+    /**
+     * Rate limit period in seconds.
+     */
+    throttleUnauthenticatedWebPeriodInSeconds?: pulumi.Input<number>;
+    /**
+     * Max requests per period per IP.
+     */
+    throttleUnauthenticatedWebRequestsPerPeriod?: pulumi.Input<number>;
+    /**
+     * Limit display of time tracking units to hours. Default is false.
+     */
+    timeTrackingLimitToHours?: pulumi.Input<boolean>;
+    /**
+     * Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication.
+     */
+    twoFactorGracePeriod?: pulumi.Input<number>;
+    /**
+     * (If enabled, requires: unique*ips*limit*per*user and unique*ips*limit*time*window) Limit sign in from multiple IPs.
+     */
+    uniqueIpsLimitEnabled?: pulumi.Input<boolean>;
+    /**
+     * Maximum number of IPs per user.
+     */
+    uniqueIpsLimitPerUser?: pulumi.Input<number>;
+    /**
+     * How many seconds an IP is counted towards the limit.
+     */
+    uniqueIpsLimitTimeWindow?: pulumi.Input<number>;
+    /**
+     * Every week GitLab reports license usage back to GitLab, Inc.
+     */
+    usagePingEnabled?: pulumi.Input<boolean>;
+    /**
+     * Send an email to users upon account deactivation.
+     */
+    userDeactivationEmailsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Newly registered users are external by default.
+     */
+    userDefaultExternal?: pulumi.Input<boolean>;
+    /**
+     * Specify an email address regex pattern to identify default internal users.
+     */
+    userDefaultInternalRegex?: pulumi.Input<string>;
+    /**
+     * Allow users to register any application to use GitLab as an OAuth provider.
+     */
+    userOauthApplications?: pulumi.Input<boolean>;
+    /**
+     * When set to false disable the You won't be able to pull or push project code via SSH warning shown to users with no uploaded SSH key.
+     */
+    userShowAddSshKeyMessage?: pulumi.Input<boolean>;
+    /**
+     * Let GitLab inform you when an update is available.
+     */
+    versionCheckEnabled?: pulumi.Input<boolean>;
+    /**
+     * Live Preview (allow live previews of JavaScript projects in the Web IDE using CodeSandbox Live Preview).
+     */
+    webIdeClientsidePreviewEnabled?: pulumi.Input<boolean>;
+    /**
+     * What’s new variant, possible values: all*tiers, current*tier, and disabled.
+     */
+    whatsNewVariant?: pulumi.Input<string>;
+    /**
+     * Maximum wiki page content size in bytes. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes.
+     */
+    wikiPageMaxContentBytes?: pulumi.Input<number>;
+}