@pulumi/gitlab 8.5.0-alpha.1729186816 → 8.5.0-alpha.1729277407

package/applicationSettings.d.ts

@@ -388,6 +388,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations.
      */
     readonly elasticsearchMaxBulkSizeMb: pulumi.Output<number>;
+    /**
+     * Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. Premium and Ultimate only.
+     */
+    readonly elasticsearchMaxCodeIndexingConcurrency: pulumi.Output<number>;
     /**
      * The namespaces to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
      */
@@ -400,6 +404,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * The projects to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
      */
     readonly elasticsearchProjectIds: pulumi.Output<number[]>;
+    /**
+     * Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. Premium and Ultimate only.
+     */
+    readonly elasticsearchRequeueWorkers: pulumi.Output<boolean>;
     /**
      * Enable Elasticsearch search.
      */
@@ -412,6 +420,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * The username of your Elasticsearch instance.
      */
     readonly elasticsearchUsername: pulumi.Output<string>;
+    /**
+     * Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Premium and Ultimate only.
+     */
+    readonly elasticsearchWorkerNumberOfShards: pulumi.Output<number>;
     /**
      * Additional text added to the bottom of every email for legal/auditing/compliance reasons.
      */
@@ -420,6 +432,14 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.
      */
     readonly emailAuthorInBody: pulumi.Output<boolean>;
+    /**
+     * Specifies whether users must confirm their email before sign in. Possible values are off, soft, and hard.
+     */
+    readonly emailConfirmationSetting: pulumi.Output<string>;
+    /**
+     * Show the external redirect page that warns you about user-generated content in GitLab Pages.
+     */
+    readonly enableArtifactExternalRedirectWarningPage: pulumi.Output<boolean>;
     /**
      * Enabled protocols for Git access. Allowed values are: ssh, http, and nil to allow both protocols.
      */
@@ -472,6 +492,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * URL to use for pipeline validation requests.
      */
     readonly externalPipelineValidationServiceUrl: pulumi.Output<string>;
+    /**
+     * Time period in minutes after which the user is unlocked when maximum number of failed sign-in attempts reached.
+     */
+    readonly failedLoginAttemptsUnlockPeriodInMinutes: pulumi.Output<number>;
     /**
      * The ID of a project to load custom file templates from.
      */
@@ -489,7 +513,11 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      */
     readonly geoStatusTimeout: pulumi.Output<number>;
     /**
-     * List of usernames excluded from Git anti-abuse rate limits. Maximum: 100 usernames. Introduced in GitLab 15.2.
+     * List of user IDs that are emailed when the Git abuse rate limit is exceeded. Maximum: 100 user IDs. Introduced in GitLab 15.9. Self-managed, Ultimate only.
+     */
+    readonly gitRateLimitUsersAlertlists: pulumi.Output<number[]>;
+    /**
+     * List of usernames excluded from Git anti-abuse rate limits. Maximum: 100 usernames. Introduced in GitLab 15.2. Self-managed, Ultimate only.
      */
     readonly gitRateLimitUsersAllowlists: pulumi.Output<string[]>;
     /**
@@ -508,6 +536,30 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to 0 to disable timeouts.
      */
     readonly gitalyTimeoutMedium: pulumi.Output<number>;
+    /**
+     * Indicates whether the instance was provisioned for GitLab Dedicated.
+     */
+    readonly gitlabDedicatedInstance: pulumi.Output<boolean>;
+    /**
+     * Indicates whether the instance was provisioned with the GitLab Environment Toolkit for Service Ping reporting.
+     */
+    readonly gitlabEnvironmentToolkitInstance: pulumi.Output<boolean>;
+    /**
+     * Maximum number of Git operations per minute a user can perform. Introduced in GitLab 16.2.
+     */
+    readonly gitlabShellOperationLimit: pulumi.Output<number>;
+    /**
+     * Enable Gitpod integration.
+     */
+    readonly gitpodEnabled: pulumi.Output<boolean>;
+    /**
+     * The Gitpod instance URL for integration.
+     */
+    readonly gitpodUrl: pulumi.Output<string>;
+    /**
+     * Comma-separated list of IP addresses and CIDRs always allowed for inbound traffic. For example, 1.1.1.1, 2.2.2.0/24.
+     */
+    readonly globallyAllowedIps: pulumi.Output<string>;
     /**
      * Enable Grafana.
      */
@@ -604,6 +656,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * If delete*inactive*projects is true, sets the time (in months) to wait before emailing maintainers that the project is scheduled be deleted because it is inactive. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
      */
     readonly inactiveProjectsSendWarningEmailAfterMonths: pulumi.Output<number>;
+    /**
+     * Whether or not optional metrics are enabled in Service Ping. Introduced in GitLab 16.10.
+     */
+    readonly includeOptionalMetricsInServicePing: pulumi.Output<boolean>;
     /**
      * Enable Invisible CAPTCHA spam detection during sign-up.
      */
@@ -612,6 +668,18 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Max number of issue creation requests per minute per user.
      */
     readonly issuesCreateLimit: pulumi.Output<number>;
+    /**
+     * ID of the OAuth application used to authenticate with the GitLab for Jira Cloud app.
+     */
+    readonly jiraConnectApplicationKey: pulumi.Output<string>;
+    /**
+     * URL of the GitLab instance used as a proxy for the GitLab for Jira Cloud app.
+     */
+    readonly jiraConnectProxyUrl: pulumi.Output<string>;
+    /**
+     * Enable public key storage for the GitLab for Jira Cloud app.
+     */
+    readonly jiraConnectPublicKeyStorageEnabled: pulumi.Output<boolean>;
     /**
      * Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time.
      */
@@ -620,6 +688,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Increase this value when any cached Markdown should be invalidated.
      */
     readonly localMarkdownVersion: pulumi.Output<number>;
+    /**
+     * Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. Introduced in GitLab 16.10. Self-managed, Premium and Ultimate only.
+     */
+    readonly lockDuoFeaturesEnabled: pulumi.Output<boolean>;
     /**
      * Enable Mailgun event receiver.
      */
@@ -636,6 +708,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Message displayed when instance is in maintenance mode.
      */
     readonly maintenanceModeMessage: pulumi.Output<string>;
+    /**
+     * Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only.
+     */
+    readonly mavenPackageRequestsForwarding: pulumi.Output<boolean>;
     /**
      * Maximum artifacts size in MB.
      */
@@ -644,14 +720,26 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Limit attachment size in MB.
      */
     readonly maxAttachmentSize: pulumi.Output<number>;
+    /**
+     * Maximum decompressed archive size in bytes.
+     */
+    readonly maxDecompressedArchiveSize: pulumi.Output<number>;
     /**
      * Maximum export size in MB. 0 for unlimited.
      */
     readonly maxExportSize: pulumi.Output<number>;
+    /**
+     * Maximum remote file size for imports from external object storages. Introduced in GitLab 16.3.
+     */
+    readonly maxImportRemoteFileSize: pulumi.Output<number>;
     /**
      * Maximum import size in MB. 0 for unlimited.
      */
     readonly maxImportSize: pulumi.Output<number>;
+    /**
+     * Maximum number of sign-in attempts before locking out the user.
+     */
+    readonly maxLoginAttempts: pulumi.Output<number>;
     /**
      * Maximum number of unique repositories a user can download in the specified time period before they are banned. Maximum: 10,000 repositories. Introduced in GitLab 15.1.
      */
@@ -701,10 +789,22 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm.
      */
     readonly npmPackageRequestsForwarding: pulumi.Output<boolean>;
+    /**
+     * Indicates whether to skip metadata URL validation for the NuGet package. Introduced in GitLab 17.0.
+     */
+    readonly nugetSkipMetadataUrlValidation: pulumi.Output<boolean>;
     /**
      * Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled.
      */
     readonly outboundLocalRequestsWhitelists: pulumi.Output<string[]>;
+    /**
+     * List of package registry metadata to sync. See the list of the available values (https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5). Self-managed, Ultimate only.
+     */
+    readonly packageMetadataPurlTypes: pulumi.Output<number[]>;
+    /**
+     * Enable to allow anyone to pull from Package Registry visible and changeable.
+     */
+    readonly packageRegistryAllowAnyoneToPullOption: pulumi.Output<boolean>;
     /**
      * Number of workers assigned to the packages cleanup policies.
      */
@@ -765,6 +865,14 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Enable project export.
      */
     readonly projectExportEnabled: pulumi.Output<boolean>;
+    /**
+     * Maximum authenticated requests to /project/:id/jobs per minute. Introduced in GitLab 16.5.
+     */
+    readonly projectJobsApiRateLimit: pulumi.Output<number>;
+    /**
+     * Introduced in GitLab 15.10. Max number of requests per 10 minutes per IP address for unauthenticated requests to the list all projects API. To disable throttling set to 0.
+     */
+    readonly projectsApiRateLimitUnauthenticated: pulumi.Output<number>;
     /**
      * Enable Prometheus metrics.
      */
@@ -809,6 +917,14 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Maximum push size (MB).
      */
     readonly receiveMaxInputSize: pulumi.Output<number>;
+    /**
+     * Enable receptive mode for GitLab Agents for Kubernetes.
+     */
+    readonly receptiveClusterAgentsEnabled: pulumi.Output<boolean>;
+    /**
+     * Enable Remember me setting. Introduced in GitLab 16.0.
+     */
+    readonly rememberMeEnabled: pulumi.Output<boolean>;
     /**
      * GitLab periodically runs git fsck in all project and wiki repositories to look for silent disk corruption issues.
      */
@@ -831,6 +947,14 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * When enabled, any user that signs up for an account using the registration form is placed under a Pending approval state and has to be explicitly approved by an administrator.
      */
     readonly requireAdminApprovalAfterUserSignup: pulumi.Output<boolean>;
+    /**
+     * Allow administrators to require 2FA for all administrators on the instance.
+     */
+    readonly requireAdminTwoFactorAuthentication: pulumi.Output<boolean>;
+    /**
+     * When enabled, users must set an expiration date when creating a group or project access token, or a personal access token owned by a non-service account.
+     */
+    readonly requirePersonalAccessTokenExpiry: pulumi.Output<boolean>;
     /**
      * (If enabled, requires: two*factor*grace_period) Require all users to set up Two-factor authentication.
      */
@@ -851,10 +975,26 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Max number of requests per minute for performing a search while unauthenticated. To disable throttling set to 0.
      */
     readonly searchRateLimitUnauthenticated: pulumi.Output<number>;
+    /**
+     * Maximum number of active merge request approval policies per security policy project. Maximum: 20
+     */
+    readonly securityApprovalPoliciesLimit: pulumi.Output<number>;
+    /**
+     * Whether to look up merge request approval policy approval groups globally or within project hierarchies.
+     */
+    readonly securityPolicyGlobalGroupApproversEnabled: pulumi.Output<boolean>;
+    /**
+     * Public security contact information. Introduced in GitLab 16.7.
+     */
+    readonly securityTxtContent: pulumi.Output<string>;
     /**
      * Send confirmation email on sign-up.
      */
     readonly sendUserConfirmationEmail: pulumi.Output<boolean>;
+    /**
+     * Flag to indicate if token expiry date can be optional for service account users
+     */
+    readonly serviceAccessTokensExpirationEnforced: pulumi.Output<boolean>;
     /**
      * Session duration in minutes. GitLab restart is required to apply changes.
      */
@@ -891,6 +1031,14 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Enable registration.
      */
     readonly signupEnabled: pulumi.Output<boolean>;
+    /**
+     * Enable Silent admin exports.
+     */
+    readonly silentAdminExportsEnabled: pulumi.Output<boolean>;
+    /**
+     * Enable Silent mode.
+     */
+    readonly silentModeEnabled: pulumi.Output<boolean>;
     /**
      * (If enabled, requires: slack*app*id, slack*app*secret and slack*app*secret) Enable Slack app.
      */
@@ -927,6 +1075,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * The Snowplow cookie domain. (for example, .gitlab.com)
      */
     readonly snowplowCookieDomain: pulumi.Output<string>;
+    /**
+     * The Snowplow collector for database events hostname. (for example, db-snowplow.trx.gitlab.net)
+     */
+    readonly snowplowDatabaseCollectorHostname: pulumi.Output<string>;
     /**
      * Enable snowplow tracking.
      */
@@ -955,6 +1107,14 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * URL of the external Spamcheck service endpoint. Valid URI schemes are grpc or tls. Specifying tls forces communication to be encrypted.
      */
     readonly spamCheckEndpointUrl: pulumi.Output<string>;
+    /**
+     * Authentication token for the external storage linked in static*objects*external*storage*url.
+     */
+    readonly staticObjectsExternalStorageAuthToken: pulumi.Output<string | undefined>;
+    /**
+     * URL to an external storage for repository static objects.
+     */
+    readonly staticObjectsExternalStorageUrl: pulumi.Output<string | undefined>;
     /**
      * Enable pipeline suggestion banner.
      */
@@ -1047,6 +1207,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication.
      */
     readonly twoFactorGracePeriod: pulumi.Output<number>;
+    /**
+     * Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if delete*unconfirmed*users is set to true. Must be 1 or greater. Introduced in GitLab 16.1. Self-managed, Premium and Ultimate only.
+     */
+    readonly unconfirmedUsersDeleteAfterDays: pulumi.Output<number>;
     /**
      * (If enabled, requires: unique*ips*limit*per*user and unique*ips*limit*time*window) Limit sign in from multiple IPs.
      */
@@ -1059,10 +1223,18 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * How many seconds an IP is counted towards the limit.
      */
     readonly uniqueIpsLimitTimeWindow: pulumi.Output<number>;
+    /**
+     * Fetch GitLab Runner release version data from GitLab.com.
+     */
+    readonly updateRunnerVersionsEnabled: pulumi.Output<boolean>;
     /**
      * Every week GitLab reports license usage back to GitLab, Inc.
      */
     readonly usagePingEnabled: pulumi.Output<boolean>;
+    /**
+     * Enables ClickHouse as a data source for analytics reports. ClickHouse must be configured for this setting to take effect. Available on Premium and Ultimate only.
+     */
+    readonly useClickhouseForAnalytics: pulumi.Output<boolean>;
     /**
      * Send an email to users upon account deactivation.
      */
@@ -1075,6 +1247,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * Specify an email address regex pattern to identify default internal users.
      */
     readonly userDefaultInternalRegex: pulumi.Output<string>;
+    /**
+     * Newly created users have private profile by default. Introduced in GitLab 15.8.
+     */
+    readonly userDefaultsToPrivateProfile: pulumi.Output<boolean>;
     /**
      * Allow users to register any application to use GitLab as an OAuth provider.
      */
@@ -1083,6 +1259,10 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      * When set to false disable the You won't be able to pull or push project code via SSH warning shown to users with no uploaded SSH key.
      */
     readonly userShowAddSshKeyMessage: pulumi.Output<boolean>;
+    /**
+     * List of types which are allowed to register a GitLab Runner. Can be [], ['group'], ['project'] or ['group', 'project'].
+     */
+    readonly validRunnerRegistrars: pulumi.Output<string[]>;
     /**
      * Let GitLab inform you when an update is available.
      */
@@ -1092,7 +1272,7 @@ export declare class ApplicationSettings extends pulumi.CustomResource {
      */
     readonly webIdeClientsidePreviewEnabled: pulumi.Output<boolean>;
     /**
-     * What’s new variant, possible values: all*tiers, current*tier, and disabled.
+     * What's new variant, possible values: all*tiers, current*tier, and disabled.
      */
     readonly whatsNewVariant: pulumi.Output<string>;
     /**
@@ -1480,6 +1660,10 @@ export interface ApplicationSettingsState {
      * Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations.
      */
     elasticsearchMaxBulkSizeMb?: pulumi.Input<number>;
+    /**
+     * Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. Premium and Ultimate only.
+     */
+    elasticsearchMaxCodeIndexingConcurrency?: pulumi.Input<number>;
     /**
      * The namespaces to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
      */
@@ -1492,6 +1676,10 @@ export interface ApplicationSettingsState {
      * The projects to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
      */
     elasticsearchProjectIds?: pulumi.Input<pulumi.Input<number>[]>;
+    /**
+     * Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. Premium and Ultimate only.
+     */
+    elasticsearchRequeueWorkers?: pulumi.Input<boolean>;
     /**
      * Enable Elasticsearch search.
      */
@@ -1504,6 +1692,10 @@ export interface ApplicationSettingsState {
      * The username of your Elasticsearch instance.
      */
     elasticsearchUsername?: pulumi.Input<string>;
+    /**
+     * Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Premium and Ultimate only.
+     */
+    elasticsearchWorkerNumberOfShards?: pulumi.Input<number>;
     /**
      * Additional text added to the bottom of every email for legal/auditing/compliance reasons.
      */
@@ -1512,6 +1704,14 @@ export interface ApplicationSettingsState {
      * Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.
      */
     emailAuthorInBody?: pulumi.Input<boolean>;
+    /**
+     * Specifies whether users must confirm their email before sign in. Possible values are off, soft, and hard.
+     */
+    emailConfirmationSetting?: pulumi.Input<string>;
+    /**
+     * Show the external redirect page that warns you about user-generated content in GitLab Pages.
+     */
+    enableArtifactExternalRedirectWarningPage?: pulumi.Input<boolean>;
     /**
      * Enabled protocols for Git access. Allowed values are: ssh, http, and nil to allow both protocols.
      */
@@ -1564,6 +1764,10 @@ export interface ApplicationSettingsState {
      * URL to use for pipeline validation requests.
      */
     externalPipelineValidationServiceUrl?: pulumi.Input<string>;
+    /**
+     * Time period in minutes after which the user is unlocked when maximum number of failed sign-in attempts reached.
+     */
+    failedLoginAttemptsUnlockPeriodInMinutes?: pulumi.Input<number>;
     /**
      * The ID of a project to load custom file templates from.
      */
@@ -1581,7 +1785,11 @@ export interface ApplicationSettingsState {
      */
     geoStatusTimeout?: pulumi.Input<number>;
     /**
-     * List of usernames excluded from Git anti-abuse rate limits. Maximum: 100 usernames. Introduced in GitLab 15.2.
+     * List of user IDs that are emailed when the Git abuse rate limit is exceeded. Maximum: 100 user IDs. Introduced in GitLab 15.9. Self-managed, Ultimate only.
+     */
+    gitRateLimitUsersAlertlists?: pulumi.Input<pulumi.Input<number>[]>;
+    /**
+     * List of usernames excluded from Git anti-abuse rate limits. Maximum: 100 usernames. Introduced in GitLab 15.2. Self-managed, Ultimate only.
      */
     gitRateLimitUsersAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
     /**
@@ -1600,6 +1808,30 @@ export interface ApplicationSettingsState {
      * Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to 0 to disable timeouts.
      */
     gitalyTimeoutMedium?: pulumi.Input<number>;
+    /**
+     * Indicates whether the instance was provisioned for GitLab Dedicated.
+     */
+    gitlabDedicatedInstance?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether the instance was provisioned with the GitLab Environment Toolkit for Service Ping reporting.
+     */
+    gitlabEnvironmentToolkitInstance?: pulumi.Input<boolean>;
+    /**
+     * Maximum number of Git operations per minute a user can perform. Introduced in GitLab 16.2.
+     */
+    gitlabShellOperationLimit?: pulumi.Input<number>;
+    /**
+     * Enable Gitpod integration.
+     */
+    gitpodEnabled?: pulumi.Input<boolean>;
+    /**
+     * The Gitpod instance URL for integration.
+     */
+    gitpodUrl?: pulumi.Input<string>;
+    /**
+     * Comma-separated list of IP addresses and CIDRs always allowed for inbound traffic. For example, 1.1.1.1, 2.2.2.0/24.
+     */
+    globallyAllowedIps?: pulumi.Input<string>;
     /**
      * Enable Grafana.
      */
@@ -1696,6 +1928,10 @@ export interface ApplicationSettingsState {
      * If delete*inactive*projects is true, sets the time (in months) to wait before emailing maintainers that the project is scheduled be deleted because it is inactive. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
      */
     inactiveProjectsSendWarningEmailAfterMonths?: pulumi.Input<number>;
+    /**
+     * Whether or not optional metrics are enabled in Service Ping. Introduced in GitLab 16.10.
+     */
+    includeOptionalMetricsInServicePing?: pulumi.Input<boolean>;
     /**
      * Enable Invisible CAPTCHA spam detection during sign-up.
      */
@@ -1704,6 +1940,18 @@ export interface ApplicationSettingsState {
      * Max number of issue creation requests per minute per user.
      */
     issuesCreateLimit?: pulumi.Input<number>;
+    /**
+     * ID of the OAuth application used to authenticate with the GitLab for Jira Cloud app.
+     */
+    jiraConnectApplicationKey?: pulumi.Input<string>;
+    /**
+     * URL of the GitLab instance used as a proxy for the GitLab for Jira Cloud app.
+     */
+    jiraConnectProxyUrl?: pulumi.Input<string>;
+    /**
+     * Enable public key storage for the GitLab for Jira Cloud app.
+     */
+    jiraConnectPublicKeyStorageEnabled?: pulumi.Input<boolean>;
     /**
      * Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time.
      */
@@ -1712,6 +1960,10 @@ export interface ApplicationSettingsState {
      * Increase this value when any cached Markdown should be invalidated.
      */
     localMarkdownVersion?: pulumi.Input<number>;
+    /**
+     * Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. Introduced in GitLab 16.10. Self-managed, Premium and Ultimate only.
+     */
+    lockDuoFeaturesEnabled?: pulumi.Input<boolean>;
     /**
      * Enable Mailgun event receiver.
      */
@@ -1728,6 +1980,10 @@ export interface ApplicationSettingsState {
      * Message displayed when instance is in maintenance mode.
      */
     maintenanceModeMessage?: pulumi.Input<string>;
+    /**
+     * Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only.
+     */
+    mavenPackageRequestsForwarding?: pulumi.Input<boolean>;
     /**
      * Maximum artifacts size in MB.
      */
@@ -1736,14 +1992,26 @@ export interface ApplicationSettingsState {
      * Limit attachment size in MB.
      */
     maxAttachmentSize?: pulumi.Input<number>;
+    /**
+     * Maximum decompressed archive size in bytes.
+     */
+    maxDecompressedArchiveSize?: pulumi.Input<number>;
     /**
      * Maximum export size in MB. 0 for unlimited.
      */
     maxExportSize?: pulumi.Input<number>;
+    /**
+     * Maximum remote file size for imports from external object storages. Introduced in GitLab 16.3.
+     */
+    maxImportRemoteFileSize?: pulumi.Input<number>;
     /**
      * Maximum import size in MB. 0 for unlimited.
      */
     maxImportSize?: pulumi.Input<number>;
+    /**
+     * Maximum number of sign-in attempts before locking out the user.
+     */
+    maxLoginAttempts?: pulumi.Input<number>;
     /**
      * Maximum number of unique repositories a user can download in the specified time period before they are banned. Maximum: 10,000 repositories. Introduced in GitLab 15.1.
      */
@@ -1793,10 +2061,22 @@ export interface ApplicationSettingsState {
      * Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm.
      */
     npmPackageRequestsForwarding?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether to skip metadata URL validation for the NuGet package. Introduced in GitLab 17.0.
+     */
+    nugetSkipMetadataUrlValidation?: pulumi.Input<boolean>;
     /**
      * Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled.
      */
     outboundLocalRequestsWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * List of package registry metadata to sync. See the list of the available values (https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5). Self-managed, Ultimate only.
+     */
+    packageMetadataPurlTypes?: pulumi.Input<pulumi.Input<number>[]>;
+    /**
+     * Enable to allow anyone to pull from Package Registry visible and changeable.
+     */
+    packageRegistryAllowAnyoneToPullOption?: pulumi.Input<boolean>;
     /**
      * Number of workers assigned to the packages cleanup policies.
      */
@@ -1857,6 +2137,14 @@ export interface ApplicationSettingsState {
      * Enable project export.
      */
     projectExportEnabled?: pulumi.Input<boolean>;
+    /**
+     * Maximum authenticated requests to /project/:id/jobs per minute. Introduced in GitLab 16.5.
+     */
+    projectJobsApiRateLimit?: pulumi.Input<number>;
+    /**
+     * Introduced in GitLab 15.10. Max number of requests per 10 minutes per IP address for unauthenticated requests to the list all projects API. To disable throttling set to 0.
+     */
+    projectsApiRateLimitUnauthenticated?: pulumi.Input<number>;
     /**
      * Enable Prometheus metrics.
      */
@@ -1901,6 +2189,14 @@ export interface ApplicationSettingsState {
      * Maximum push size (MB).
      */
     receiveMaxInputSize?: pulumi.Input<number>;
+    /**
+     * Enable receptive mode for GitLab Agents for Kubernetes.
+     */
+    receptiveClusterAgentsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Remember me setting. Introduced in GitLab 16.0.
+     */
+    rememberMeEnabled?: pulumi.Input<boolean>;
     /**
      * GitLab periodically runs git fsck in all project and wiki repositories to look for silent disk corruption issues.
      */
@@ -1923,6 +2219,14 @@ export interface ApplicationSettingsState {
      * When enabled, any user that signs up for an account using the registration form is placed under a Pending approval state and has to be explicitly approved by an administrator.
      */
     requireAdminApprovalAfterUserSignup?: pulumi.Input<boolean>;
+    /**
+     * Allow administrators to require 2FA for all administrators on the instance.
+     */
+    requireAdminTwoFactorAuthentication?: pulumi.Input<boolean>;
+    /**
+     * When enabled, users must set an expiration date when creating a group or project access token, or a personal access token owned by a non-service account.
+     */
+    requirePersonalAccessTokenExpiry?: pulumi.Input<boolean>;
     /**
      * (If enabled, requires: two*factor*grace_period) Require all users to set up Two-factor authentication.
      */
@@ -1943,10 +2247,26 @@ export interface ApplicationSettingsState {
      * Max number of requests per minute for performing a search while unauthenticated. To disable throttling set to 0.
      */
     searchRateLimitUnauthenticated?: pulumi.Input<number>;
+    /**
+     * Maximum number of active merge request approval policies per security policy project. Maximum: 20
+     */
+    securityApprovalPoliciesLimit?: pulumi.Input<number>;
+    /**
+     * Whether to look up merge request approval policy approval groups globally or within project hierarchies.
+     */
+    securityPolicyGlobalGroupApproversEnabled?: pulumi.Input<boolean>;
+    /**
+     * Public security contact information. Introduced in GitLab 16.7.
+     */
+    securityTxtContent?: pulumi.Input<string>;
     /**
      * Send confirmation email on sign-up.
      */
     sendUserConfirmationEmail?: pulumi.Input<boolean>;
+    /**
+     * Flag to indicate if token expiry date can be optional for service account users
+     */
+    serviceAccessTokensExpirationEnforced?: pulumi.Input<boolean>;
     /**
      * Session duration in minutes. GitLab restart is required to apply changes.
      */
@@ -1983,6 +2303,14 @@ export interface ApplicationSettingsState {
      * Enable registration.
      */
     signupEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Silent admin exports.
+     */
+    silentAdminExportsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Silent mode.
+     */
+    silentModeEnabled?: pulumi.Input<boolean>;
     /**
      * (If enabled, requires: slack*app*id, slack*app*secret and slack*app*secret) Enable Slack app.
      */
@@ -2019,6 +2347,10 @@ export interface ApplicationSettingsState {
      * The Snowplow cookie domain. (for example, .gitlab.com)
      */
     snowplowCookieDomain?: pulumi.Input<string>;
+    /**
+     * The Snowplow collector for database events hostname. (for example, db-snowplow.trx.gitlab.net)
+     */
+    snowplowDatabaseCollectorHostname?: pulumi.Input<string>;
     /**
      * Enable snowplow tracking.
      */
@@ -2047,6 +2379,14 @@ export interface ApplicationSettingsState {
      * URL of the external Spamcheck service endpoint. Valid URI schemes are grpc or tls. Specifying tls forces communication to be encrypted.
      */
     spamCheckEndpointUrl?: pulumi.Input<string>;
+    /**
+     * Authentication token for the external storage linked in static*objects*external*storage*url.
+     */
+    staticObjectsExternalStorageAuthToken?: pulumi.Input<string>;
+    /**
+     * URL to an external storage for repository static objects.
+     */
+    staticObjectsExternalStorageUrl?: pulumi.Input<string>;
     /**
      * Enable pipeline suggestion banner.
      */
@@ -2139,6 +2479,10 @@ export interface ApplicationSettingsState {
      * Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication.
      */
     twoFactorGracePeriod?: pulumi.Input<number>;
+    /**
+     * Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if delete*unconfirmed*users is set to true. Must be 1 or greater. Introduced in GitLab 16.1. Self-managed, Premium and Ultimate only.
+     */
+    unconfirmedUsersDeleteAfterDays?: pulumi.Input<number>;
     /**
      * (If enabled, requires: unique*ips*limit*per*user and unique*ips*limit*time*window) Limit sign in from multiple IPs.
      */
@@ -2151,10 +2495,18 @@ export interface ApplicationSettingsState {
      * How many seconds an IP is counted towards the limit.
      */
     uniqueIpsLimitTimeWindow?: pulumi.Input<number>;
+    /**
+     * Fetch GitLab Runner release version data from GitLab.com.
+     */
+    updateRunnerVersionsEnabled?: pulumi.Input<boolean>;
     /**
      * Every week GitLab reports license usage back to GitLab, Inc.
      */
     usagePingEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enables ClickHouse as a data source for analytics reports. ClickHouse must be configured for this setting to take effect. Available on Premium and Ultimate only.
+     */
+    useClickhouseForAnalytics?: pulumi.Input<boolean>;
     /**
      * Send an email to users upon account deactivation.
      */
@@ -2167,6 +2519,10 @@ export interface ApplicationSettingsState {
      * Specify an email address regex pattern to identify default internal users.
      */
     userDefaultInternalRegex?: pulumi.Input<string>;
+    /**
+     * Newly created users have private profile by default. Introduced in GitLab 15.8.
+     */
+    userDefaultsToPrivateProfile?: pulumi.Input<boolean>;
     /**
      * Allow users to register any application to use GitLab as an OAuth provider.
      */
@@ -2175,6 +2531,10 @@ export interface ApplicationSettingsState {
      * When set to false disable the You won't be able to pull or push project code via SSH warning shown to users with no uploaded SSH key.
      */
     userShowAddSshKeyMessage?: pulumi.Input<boolean>;
+    /**
+     * List of types which are allowed to register a GitLab Runner. Can be [], ['group'], ['project'] or ['group', 'project'].
+     */
+    validRunnerRegistrars?: pulumi.Input<pulumi.Input<string>[]>;
     /**
      * Let GitLab inform you when an update is available.
      */
@@ -2184,7 +2544,7 @@ export interface ApplicationSettingsState {
      */
     webIdeClientsidePreviewEnabled?: pulumi.Input<boolean>;
     /**
-     * What’s new variant, possible values: all*tiers, current*tier, and disabled.
+     * What's new variant, possible values: all*tiers, current*tier, and disabled.
      */
     whatsNewVariant?: pulumi.Input<string>;
     /**
@@ -2564,6 +2924,10 @@ export interface ApplicationSettingsArgs {
      * Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations.
      */
     elasticsearchMaxBulkSizeMb?: pulumi.Input<number>;
+    /**
+     * Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. Premium and Ultimate only.
+     */
+    elasticsearchMaxCodeIndexingConcurrency?: pulumi.Input<number>;
     /**
      * The namespaces to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
      */
@@ -2576,6 +2940,10 @@ export interface ApplicationSettingsArgs {
      * The projects to index via Elasticsearch if elasticsearch*limit*indexing is enabled.
      */
     elasticsearchProjectIds?: pulumi.Input<pulumi.Input<number>[]>;
+    /**
+     * Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. Premium and Ultimate only.
+     */
+    elasticsearchRequeueWorkers?: pulumi.Input<boolean>;
     /**
      * Enable Elasticsearch search.
      */
@@ -2588,6 +2956,10 @@ export interface ApplicationSettingsArgs {
      * The username of your Elasticsearch instance.
      */
     elasticsearchUsername?: pulumi.Input<string>;
+    /**
+     * Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Premium and Ultimate only.
+     */
+    elasticsearchWorkerNumberOfShards?: pulumi.Input<number>;
     /**
      * Additional text added to the bottom of every email for legal/auditing/compliance reasons.
      */
@@ -2596,6 +2968,14 @@ export interface ApplicationSettingsArgs {
      * Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.
      */
     emailAuthorInBody?: pulumi.Input<boolean>;
+    /**
+     * Specifies whether users must confirm their email before sign in. Possible values are off, soft, and hard.
+     */
+    emailConfirmationSetting?: pulumi.Input<string>;
+    /**
+     * Show the external redirect page that warns you about user-generated content in GitLab Pages.
+     */
+    enableArtifactExternalRedirectWarningPage?: pulumi.Input<boolean>;
     /**
      * Enabled protocols for Git access. Allowed values are: ssh, http, and nil to allow both protocols.
      */
@@ -2648,6 +3028,10 @@ export interface ApplicationSettingsArgs {
      * URL to use for pipeline validation requests.
      */
     externalPipelineValidationServiceUrl?: pulumi.Input<string>;
+    /**
+     * Time period in minutes after which the user is unlocked when maximum number of failed sign-in attempts reached.
+     */
+    failedLoginAttemptsUnlockPeriodInMinutes?: pulumi.Input<number>;
     /**
      * The ID of a project to load custom file templates from.
      */
@@ -2665,7 +3049,11 @@ export interface ApplicationSettingsArgs {
      */
     geoStatusTimeout?: pulumi.Input<number>;
     /**
-     * List of usernames excluded from Git anti-abuse rate limits. Maximum: 100 usernames. Introduced in GitLab 15.2.
+     * List of user IDs that are emailed when the Git abuse rate limit is exceeded. Maximum: 100 user IDs. Introduced in GitLab 15.9. Self-managed, Ultimate only.
+     */
+    gitRateLimitUsersAlertlists?: pulumi.Input<pulumi.Input<number>[]>;
+    /**
+     * List of usernames excluded from Git anti-abuse rate limits. Maximum: 100 usernames. Introduced in GitLab 15.2. Self-managed, Ultimate only.
      */
     gitRateLimitUsersAllowlists?: pulumi.Input<pulumi.Input<string>[]>;
     /**
@@ -2684,6 +3072,22 @@ export interface ApplicationSettingsArgs {
      * Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to 0 to disable timeouts.
      */
     gitalyTimeoutMedium?: pulumi.Input<number>;
+    /**
+     * Maximum number of Git operations per minute a user can perform. Introduced in GitLab 16.2.
+     */
+    gitlabShellOperationLimit?: pulumi.Input<number>;
+    /**
+     * Enable Gitpod integration.
+     */
+    gitpodEnabled?: pulumi.Input<boolean>;
+    /**
+     * The Gitpod instance URL for integration.
+     */
+    gitpodUrl?: pulumi.Input<string>;
+    /**
+     * Comma-separated list of IP addresses and CIDRs always allowed for inbound traffic. For example, 1.1.1.1, 2.2.2.0/24.
+     */
+    globallyAllowedIps?: pulumi.Input<string>;
     /**
      * Enable Grafana.
      */
@@ -2780,6 +3184,10 @@ export interface ApplicationSettingsArgs {
      * If delete*inactive*projects is true, sets the time (in months) to wait before emailing maintainers that the project is scheduled be deleted because it is inactive. Introduced in GitLab 14.10. Became operational in GitLab 15.0.
      */
     inactiveProjectsSendWarningEmailAfterMonths?: pulumi.Input<number>;
+    /**
+     * Whether or not optional metrics are enabled in Service Ping. Introduced in GitLab 16.10.
+     */
+    includeOptionalMetricsInServicePing?: pulumi.Input<boolean>;
     /**
      * Enable Invisible CAPTCHA spam detection during sign-up.
      */
@@ -2788,6 +3196,18 @@ export interface ApplicationSettingsArgs {
      * Max number of issue creation requests per minute per user.
      */
     issuesCreateLimit?: pulumi.Input<number>;
+    /**
+     * ID of the OAuth application used to authenticate with the GitLab for Jira Cloud app.
+     */
+    jiraConnectApplicationKey?: pulumi.Input<string>;
+    /**
+     * URL of the GitLab instance used as a proxy for the GitLab for Jira Cloud app.
+     */
+    jiraConnectProxyUrl?: pulumi.Input<string>;
+    /**
+     * Enable public key storage for the GitLab for Jira Cloud app.
+     */
+    jiraConnectPublicKeyStorageEnabled?: pulumi.Input<boolean>;
     /**
      * Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time.
      */
@@ -2796,6 +3216,10 @@ export interface ApplicationSettingsArgs {
      * Increase this value when any cached Markdown should be invalidated.
      */
     localMarkdownVersion?: pulumi.Input<number>;
+    /**
+     * Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. Introduced in GitLab 16.10. Self-managed, Premium and Ultimate only.
+     */
+    lockDuoFeaturesEnabled?: pulumi.Input<boolean>;
     /**
      * Enable Mailgun event receiver.
      */
@@ -2812,6 +3236,10 @@ export interface ApplicationSettingsArgs {
      * Message displayed when instance is in maintenance mode.
      */
     maintenanceModeMessage?: pulumi.Input<string>;
+    /**
+     * Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only.
+     */
+    mavenPackageRequestsForwarding?: pulumi.Input<boolean>;
     /**
      * Maximum artifacts size in MB.
      */
@@ -2820,14 +3248,26 @@ export interface ApplicationSettingsArgs {
      * Limit attachment size in MB.
      */
     maxAttachmentSize?: pulumi.Input<number>;
+    /**
+     * Maximum decompressed archive size in bytes.
+     */
+    maxDecompressedArchiveSize?: pulumi.Input<number>;
     /**
      * Maximum export size in MB. 0 for unlimited.
      */
     maxExportSize?: pulumi.Input<number>;
+    /**
+     * Maximum remote file size for imports from external object storages. Introduced in GitLab 16.3.
+     */
+    maxImportRemoteFileSize?: pulumi.Input<number>;
     /**
      * Maximum import size in MB. 0 for unlimited.
      */
     maxImportSize?: pulumi.Input<number>;
+    /**
+     * Maximum number of sign-in attempts before locking out the user.
+     */
+    maxLoginAttempts?: pulumi.Input<number>;
     /**
      * Maximum number of unique repositories a user can download in the specified time period before they are banned. Maximum: 10,000 repositories. Introduced in GitLab 15.1.
      */
@@ -2877,10 +3317,22 @@ export interface ApplicationSettingsArgs {
      * Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm.
      */
     npmPackageRequestsForwarding?: pulumi.Input<boolean>;
+    /**
+     * Indicates whether to skip metadata URL validation for the NuGet package. Introduced in GitLab 17.0.
+     */
+    nugetSkipMetadataUrlValidation?: pulumi.Input<boolean>;
     /**
      * Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled.
      */
     outboundLocalRequestsWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * List of package registry metadata to sync. See the list of the available values (https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5). Self-managed, Ultimate only.
+     */
+    packageMetadataPurlTypes?: pulumi.Input<pulumi.Input<number>[]>;
+    /**
+     * Enable to allow anyone to pull from Package Registry visible and changeable.
+     */
+    packageRegistryAllowAnyoneToPullOption?: pulumi.Input<boolean>;
     /**
      * Number of workers assigned to the packages cleanup policies.
      */
@@ -2941,6 +3393,14 @@ export interface ApplicationSettingsArgs {
      * Enable project export.
      */
     projectExportEnabled?: pulumi.Input<boolean>;
+    /**
+     * Maximum authenticated requests to /project/:id/jobs per minute. Introduced in GitLab 16.5.
+     */
+    projectJobsApiRateLimit?: pulumi.Input<number>;
+    /**
+     * Introduced in GitLab 15.10. Max number of requests per 10 minutes per IP address for unauthenticated requests to the list all projects API. To disable throttling set to 0.
+     */
+    projectsApiRateLimitUnauthenticated?: pulumi.Input<number>;
     /**
      * Enable Prometheus metrics.
      */
@@ -2985,6 +3445,14 @@ export interface ApplicationSettingsArgs {
      * Maximum push size (MB).
      */
     receiveMaxInputSize?: pulumi.Input<number>;
+    /**
+     * Enable receptive mode for GitLab Agents for Kubernetes.
+     */
+    receptiveClusterAgentsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Remember me setting. Introduced in GitLab 16.0.
+     */
+    rememberMeEnabled?: pulumi.Input<boolean>;
     /**
      * GitLab periodically runs git fsck in all project and wiki repositories to look for silent disk corruption issues.
      */
@@ -3007,6 +3475,14 @@ export interface ApplicationSettingsArgs {
      * When enabled, any user that signs up for an account using the registration form is placed under a Pending approval state and has to be explicitly approved by an administrator.
      */
     requireAdminApprovalAfterUserSignup?: pulumi.Input<boolean>;
+    /**
+     * Allow administrators to require 2FA for all administrators on the instance.
+     */
+    requireAdminTwoFactorAuthentication?: pulumi.Input<boolean>;
+    /**
+     * When enabled, users must set an expiration date when creating a group or project access token, or a personal access token owned by a non-service account.
+     */
+    requirePersonalAccessTokenExpiry?: pulumi.Input<boolean>;
     /**
      * (If enabled, requires: two*factor*grace_period) Require all users to set up Two-factor authentication.
      */
@@ -3027,10 +3503,26 @@ export interface ApplicationSettingsArgs {
      * Max number of requests per minute for performing a search while unauthenticated. To disable throttling set to 0.
      */
     searchRateLimitUnauthenticated?: pulumi.Input<number>;
+    /**
+     * Maximum number of active merge request approval policies per security policy project. Maximum: 20
+     */
+    securityApprovalPoliciesLimit?: pulumi.Input<number>;
+    /**
+     * Whether to look up merge request approval policy approval groups globally or within project hierarchies.
+     */
+    securityPolicyGlobalGroupApproversEnabled?: pulumi.Input<boolean>;
+    /**
+     * Public security contact information. Introduced in GitLab 16.7.
+     */
+    securityTxtContent?: pulumi.Input<string>;
     /**
      * Send confirmation email on sign-up.
      */
     sendUserConfirmationEmail?: pulumi.Input<boolean>;
+    /**
+     * Flag to indicate if token expiry date can be optional for service account users
+     */
+    serviceAccessTokensExpirationEnforced?: pulumi.Input<boolean>;
     /**
      * Session duration in minutes. GitLab restart is required to apply changes.
      */
@@ -3067,6 +3559,14 @@ export interface ApplicationSettingsArgs {
      * Enable registration.
      */
     signupEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Silent admin exports.
+     */
+    silentAdminExportsEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enable Silent mode.
+     */
+    silentModeEnabled?: pulumi.Input<boolean>;
     /**
      * (If enabled, requires: slack*app*id, slack*app*secret and slack*app*secret) Enable Slack app.
      */
@@ -3103,6 +3603,10 @@ export interface ApplicationSettingsArgs {
      * The Snowplow cookie domain. (for example, .gitlab.com)
      */
     snowplowCookieDomain?: pulumi.Input<string>;
+    /**
+     * The Snowplow collector for database events hostname. (for example, db-snowplow.trx.gitlab.net)
+     */
+    snowplowDatabaseCollectorHostname?: pulumi.Input<string>;
     /**
      * Enable snowplow tracking.
      */
@@ -3131,6 +3635,14 @@ export interface ApplicationSettingsArgs {
      * URL of the external Spamcheck service endpoint. Valid URI schemes are grpc or tls. Specifying tls forces communication to be encrypted.
      */
     spamCheckEndpointUrl?: pulumi.Input<string>;
+    /**
+     * Authentication token for the external storage linked in static*objects*external*storage*url.
+     */
+    staticObjectsExternalStorageAuthToken?: pulumi.Input<string>;
+    /**
+     * URL to an external storage for repository static objects.
+     */
+    staticObjectsExternalStorageUrl?: pulumi.Input<string>;
     /**
      * Enable pipeline suggestion banner.
      */
@@ -3223,6 +3735,10 @@ export interface ApplicationSettingsArgs {
      * Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication.
      */
     twoFactorGracePeriod?: pulumi.Input<number>;
+    /**
+     * Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if delete*unconfirmed*users is set to true. Must be 1 or greater. Introduced in GitLab 16.1. Self-managed, Premium and Ultimate only.
+     */
+    unconfirmedUsersDeleteAfterDays?: pulumi.Input<number>;
     /**
      * (If enabled, requires: unique*ips*limit*per*user and unique*ips*limit*time*window) Limit sign in from multiple IPs.
      */
@@ -3235,10 +3751,18 @@ export interface ApplicationSettingsArgs {
      * How many seconds an IP is counted towards the limit.
      */
     uniqueIpsLimitTimeWindow?: pulumi.Input<number>;
+    /**
+     * Fetch GitLab Runner release version data from GitLab.com.
+     */
+    updateRunnerVersionsEnabled?: pulumi.Input<boolean>;
     /**
      * Every week GitLab reports license usage back to GitLab, Inc.
      */
     usagePingEnabled?: pulumi.Input<boolean>;
+    /**
+     * Enables ClickHouse as a data source for analytics reports. ClickHouse must be configured for this setting to take effect. Available on Premium and Ultimate only.
+     */
+    useClickhouseForAnalytics?: pulumi.Input<boolean>;
     /**
      * Send an email to users upon account deactivation.
      */
@@ -3251,6 +3775,10 @@ export interface ApplicationSettingsArgs {
      * Specify an email address regex pattern to identify default internal users.
      */
     userDefaultInternalRegex?: pulumi.Input<string>;
+    /**
+     * Newly created users have private profile by default. Introduced in GitLab 15.8.
+     */
+    userDefaultsToPrivateProfile?: pulumi.Input<boolean>;
     /**
      * Allow users to register any application to use GitLab as an OAuth provider.
      */
@@ -3259,6 +3787,10 @@ export interface ApplicationSettingsArgs {
      * When set to false disable the You won't be able to pull or push project code via SSH warning shown to users with no uploaded SSH key.
      */
     userShowAddSshKeyMessage?: pulumi.Input<boolean>;
+    /**
+     * List of types which are allowed to register a GitLab Runner. Can be [], ['group'], ['project'] or ['group', 'project'].
+     */
+    validRunnerRegistrars?: pulumi.Input<pulumi.Input<string>[]>;
     /**
      * Let GitLab inform you when an update is available.
      */
@@ -3268,7 +3800,7 @@ export interface ApplicationSettingsArgs {
      */
     webIdeClientsidePreviewEnabled?: pulumi.Input<boolean>;
     /**
-     * What’s new variant, possible values: all*tiers, current*tier, and disabled.
+     * What's new variant, possible values: all*tiers, current*tier, and disabled.
      */
     whatsNewVariant?: pulumi.Input<string>;
     /**