PyPI - pulumi-aiven - Versions diffs - 6.36.0a1741493223__py3-none-any.whl → 6.37.0a1741842447__py3-none-any.whl - Mend

pulumi-aiven 6.36.0a1741493223py3-none-any.whl → 6.37.0a1741842447py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pulumi-aiven might be problematic. Click here for more details.

Files changed (53) hide show

pulumi_aiven/_inputs.py +214 -3
pulumi_aiven/account_team_project.py +7 -7
pulumi_aiven/alloydbomni.py +7 -7
pulumi_aiven/cassandra.py +7 -7
pulumi_aiven/clickhouse.py +7 -7
pulumi_aiven/dragonfly.py +7 -7
pulumi_aiven/flink.py +7 -7
pulumi_aiven/get_account_team_project.py +1 -1
pulumi_aiven/get_alloydbomni.py +1 -1
pulumi_aiven/get_billing_group.py +21 -3
pulumi_aiven/get_cassanda.py +1 -1
pulumi_aiven/get_cassandra.py +1 -1
pulumi_aiven/get_clickhouse.py +1 -1
pulumi_aiven/get_dragonfly.py +1 -1
pulumi_aiven/get_flink.py +1 -1
pulumi_aiven/get_grafana.py +1 -1
pulumi_aiven/get_kafka.py +1 -1
pulumi_aiven/get_kafka_connect.py +1 -1
pulumi_aiven/get_kafka_mirror_maker.py +1 -1
pulumi_aiven/get_m3_aggregator.py +1 -1
pulumi_aiven/get_m3_db.py +1 -1
pulumi_aiven/get_my_sql.py +1 -1
pulumi_aiven/get_open_search.py +1 -1
pulumi_aiven/get_organization_application_user.py +1 -1
pulumi_aiven/get_pg.py +1 -1
pulumi_aiven/get_project_user.py +3 -3
pulumi_aiven/get_redis.py +1 -1
pulumi_aiven/get_thanos.py +1 -1
pulumi_aiven/get_valkey.py +1 -1
pulumi_aiven/grafana.py +7 -7
pulumi_aiven/influx_db.py +42 -42
pulumi_aiven/kafka.py +9 -9
pulumi_aiven/kafka_connect.py +7 -7
pulumi_aiven/kafka_mirror_maker.py +7 -7
pulumi_aiven/m3_aggregator.py +7 -7
pulumi_aiven/m3_db.py +7 -7
pulumi_aiven/my_sql.py +7 -7
pulumi_aiven/open_search.py +7 -7
pulumi_aiven/organization_application_user.py +13 -15
pulumi_aiven/organization_application_user_token.py +47 -0
pulumi_aiven/organization_group_project.py +9 -9
pulumi_aiven/organization_permission.py +16 -2
pulumi_aiven/outputs.py +277 -2
pulumi_aiven/pg.py +7 -7
pulumi_aiven/project_user.py +9 -9
pulumi_aiven/pulumi-plugin.json +1 -1
pulumi_aiven/redis.py +7 -7
pulumi_aiven/thanos.py +7 -7
pulumi_aiven/valkey.py +7 -7
{pulumi_aiven-6.36.0a1741493223.dist-info → pulumi_aiven-6.37.0a1741842447.dist-info}/METADATA +1 -1
{pulumi_aiven-6.36.0a1741493223.dist-info → pulumi_aiven-6.37.0a1741842447.dist-info}/RECORD +53 -53
{pulumi_aiven-6.36.0a1741493223.dist-info → pulumi_aiven-6.37.0a1741842447.dist-info}/WHEEL +1 -1
{pulumi_aiven-6.36.0a1741493223.dist-info → pulumi_aiven-6.37.0a1741842447.dist-info}/top_level.txt +0 -0

pulumi_aiven/my_sql.py CHANGED Viewed

@@ -43,7 +43,7 @@ class MySqlArgs:
         :param pulumi.Input[str] project: The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
         :param pulumi.Input[str] service_name: Specifies the actual name of the service. The name cannot be changed later without destroying and re-creating the service so name should be picked based on intended service usage rather than current attributes.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] maintenance_window_dow: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc.
         :param pulumi.Input[str] maintenance_window_time: Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format.
@@ -141,7 +141,7 @@ class MySqlArgs:
     @pulumi.getter(name="cloudName")
     def cloud_name(self) -> Optional[pulumi.Input[str]]:
         """
-        Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         """
         return pulumi.get(self, "cloud_name")
@@ -317,7 +317,7 @@ class _MySqlState:
         """
         Input properties used for looking up and filtering MySql resources.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[Sequence[pulumi.Input['MySqlComponentArgs']]] components: Service component information objects
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] disk_space_cap: The maximum disk space of the service, possible values depend on the service type, the cloud provider and the project.
@@ -424,7 +424,7 @@ class _MySqlState:
     @pulumi.getter(name="cloudName")
     def cloud_name(self) -> Optional[pulumi.Input[str]]:
         """
-        Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         """
         return pulumi.get(self, "cloud_name")
@@ -806,7 +806,7 @@ class MySql(pulumi.CustomResource):
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] maintenance_window_dow: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc.
         :param pulumi.Input[str] maintenance_window_time: Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format.
@@ -984,7 +984,7 @@ class MySql(pulumi.CustomResource):
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[Sequence[pulumi.Input[Union['MySqlComponentArgs', 'MySqlComponentArgsDict']]]] components: Service component information objects
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] disk_space_cap: The maximum disk space of the service, possible values depend on the service type, the cloud provider and the project.
@@ -1058,7 +1058,7 @@ class MySql(pulumi.CustomResource):
     @pulumi.getter(name="cloudName")
     def cloud_name(self) -> pulumi.Output[Optional[str]]:
         """
-        Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         """
         return pulumi.get(self, "cloud_name")

pulumi_aiven/open_search.py CHANGED Viewed

@@ -43,7 +43,7 @@ class OpenSearchArgs:
         :param pulumi.Input[str] project: The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
         :param pulumi.Input[str] service_name: Specifies the actual name of the service. The name cannot be changed later without destroying and re-creating the service so name should be picked based on intended service usage rather than current attributes.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] maintenance_window_dow: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc.
         :param pulumi.Input[str] maintenance_window_time: Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format.
@@ -141,7 +141,7 @@ class OpenSearchArgs:
     @pulumi.getter(name="cloudName")
     def cloud_name(self) -> Optional[pulumi.Input[str]]:
         """
-        Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         """
         return pulumi.get(self, "cloud_name")
@@ -317,7 +317,7 @@ class _OpenSearchState:
         """
         Input properties used for looking up and filtering OpenSearch resources.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[Sequence[pulumi.Input['OpenSearchComponentArgs']]] components: Service component information objects
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] disk_space_cap: The maximum disk space of the service, possible values depend on the service type, the cloud provider and the project.
@@ -424,7 +424,7 @@ class _OpenSearchState:
     @pulumi.getter(name="cloudName")
     def cloud_name(self) -> Optional[pulumi.Input[str]]:
         """
-        Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         """
         return pulumi.get(self, "cloud_name")
@@ -807,7 +807,7 @@ class OpenSearch(pulumi.CustomResource):
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] maintenance_window_dow: Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc.
         :param pulumi.Input[str] maintenance_window_time: Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format.
@@ -986,7 +986,7 @@ class OpenSearch(pulumi.CustomResource):
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] additional_disk_space: Add [disk storage](https://aiven.io/docs/platform/howto/add-storage-space) in increments of 30  GiB to scale your service. The maximum value depends on the service type and cloud provider. Removing additional storage causes the service nodes to go through a rolling restart and there might be a short downtime for services with no HA capabilities.
-        :param pulumi.Input[str] cloud_name: Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        :param pulumi.Input[str] cloud_name: The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         :param pulumi.Input[Sequence[pulumi.Input[Union['OpenSearchComponentArgs', 'OpenSearchComponentArgsDict']]]] components: Service component information objects
         :param pulumi.Input[str] disk_space: Service disk space. Possible values depend on the service type, the cloud provider and the project. Therefore, reducing will result in the service rebalancing.
         :param pulumi.Input[str] disk_space_cap: The maximum disk space of the service, possible values depend on the service type, the cloud provider and the project.
@@ -1060,7 +1060,7 @@ class OpenSearch(pulumi.CustomResource):
     @pulumi.getter(name="cloudName")
     def cloud_name(self) -> pulumi.Output[Optional[str]]:
         """
-        Defines where the cloud provider and region where the service is hosted in. This can be changed freely after service is created. Changing the value will trigger a potentially lengthy migration process for the service. Format is cloud provider name (`aws`, `azure`, `do` `google`, `upcloud`, etc.), dash, and the cloud provider specific region name. These are documented on each Cloud provider's own support articles, like [here for Google](https://cloud.google.com/compute/docs/regions-zones/) and [here for AWS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
+        The cloud provider and region the service is hosted in. The format is `provider-region`, for example: `google-europe-west1`. The [available cloud regions](https://aiven.io/docs/platform/reference/list_of_clouds) can differ per project and service. Changing this value [migrates the service to another cloud provider or region](https://aiven.io/docs/platform/howto/migrate-services-cloud-region). The migration runs in the background and includes a DNS update to redirect traffic to the new region. Most services experience no downtime, but some databases may have a brief interruption during DNS propagation.
         """
         return pulumi.get(self, "cloud_name")

pulumi_aiven/organization_application_user.py CHANGED Viewed

@@ -25,7 +25,7 @@ class OrganizationApplicationUserArgs:
         """
         The set of arguments for constructing a OrganizationApplicationUser resource.
         :param pulumi.Input[str] organization_id: The ID of the organization the application user belongs to.
-        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         :param pulumi.Input[str] name: Name of the application user.
         """
         pulumi.set(__self__, "organization_id", organization_id)
@@ -50,7 +50,7 @@ class OrganizationApplicationUserArgs:
     @pulumi.getter(name="isSuperAdmin")
     def is_super_admin(self) -> Optional[pulumi.Input[bool]]:
         """
-        Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         """
         return pulumi.get(self, "is_super_admin")
@@ -82,7 +82,7 @@ class _OrganizationApplicationUserState:
         """
         Input properties used for looking up and filtering OrganizationApplicationUser resources.
         :param pulumi.Input[str] email: An email address automatically generated by Aiven to help identify the application user. No notifications are sent to this email.
-        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         :param pulumi.Input[str] name: Name of the application user.
         :param pulumi.Input[str] organization_id: The ID of the organization the application user belongs to.
         :param pulumi.Input[str] user_id: The ID of the application user.
@@ -114,7 +114,7 @@ class _OrganizationApplicationUserState:
     @pulumi.getter(name="isSuperAdmin")
     def is_super_admin(self) -> Optional[pulumi.Input[bool]]:
         """
-        Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         """
         return pulumi.get(self, "is_super_admin")
@@ -170,11 +170,10 @@ class OrganizationApplicationUser(pulumi.CustomResource):
                  __props__=None):
         """
         Creates and manages an organization application user. [Application users](https://aiven.io/docs/platform/concepts/application-users) can be used for
-        programmatic access to the platform.
+        programmatic access to the platform using a token created with the `OrganizationApplicationUserToken` resource.
-        You give application users access to projects by adding them as members of a group using `OrganizationUserGroupMember`
-        and assigning the group to a project with `OrganizationGroupProject`. You can give an application user access to all
-        resources in your organization by setting `is_super_admin = true` .
+        You give application users access to projects using the `OrganizationPermission` resource. You can also add application users to
+        groups with access to projects using `OrganizationUserGroupMember`.
         ## Example Usage
@@ -195,7 +194,7 @@ class OrganizationApplicationUser(pulumi.CustomResource):
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         :param pulumi.Input[str] name: Name of the application user.
         :param pulumi.Input[str] organization_id: The ID of the organization the application user belongs to.
         """
@@ -207,11 +206,10 @@ class OrganizationApplicationUser(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
         Creates and manages an organization application user. [Application users](https://aiven.io/docs/platform/concepts/application-users) can be used for
-        programmatic access to the platform.
+        programmatic access to the platform using a token created with the `OrganizationApplicationUserToken` resource.
-        You give application users access to projects by adding them as members of a group using `OrganizationUserGroupMember`
-        and assigning the group to a project with `OrganizationGroupProject`. You can give an application user access to all
-        resources in your organization by setting `is_super_admin = true` .
+        You give application users access to projects using the `OrganizationPermission` resource. You can also add application users to
+        groups with access to projects using `OrganizationUserGroupMember`.
         ## Example Usage
@@ -287,7 +285,7 @@ class OrganizationApplicationUser(pulumi.CustomResource):
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] email: An email address automatically generated by Aiven to help identify the application user. No notifications are sent to this email.
-        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        :param pulumi.Input[bool] is_super_admin: Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         :param pulumi.Input[str] name: Name of the application user.
         :param pulumi.Input[str] organization_id: The ID of the organization the application user belongs to.
         :param pulumi.Input[str] user_id: The ID of the application user.
@@ -315,7 +313,7 @@ class OrganizationApplicationUser(pulumi.CustomResource):
     @pulumi.getter(name="isSuperAdmin")
     def is_super_admin(self) -> pulumi.Output[Optional[bool]]:
         """
-        Makes the application user a super admin. The super admin role has full access to an organization, its billing and settings, and all its organizational units, projects, and services.
+        Makes the application user a super admin. The super admin role has completely unrestricted access to all organization resources and settings. This role should be limited to as few users as possible. For daily administrative tasks, assign users the organization admin role instead using the `OrganizationPermission` resource.
         """
         return pulumi.get(self, "is_super_admin")

pulumi_aiven/organization_application_user_token.py CHANGED Viewed

@@ -23,6 +23,7 @@ class OrganizationApplicationUserTokenArgs:
                  user_id: pulumi.Input[str],
                  description: Optional[pulumi.Input[str]] = None,
                  extend_when_used: Optional[pulumi.Input[bool]] = None,
+                 ip_allowlists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  max_age_seconds: Optional[pulumi.Input[int]] = None,
                  scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
         """
@@ -31,6 +32,7 @@ class OrganizationApplicationUserTokenArgs:
         :param pulumi.Input[str] user_id: The ID of the application user the token is created for.
         :param pulumi.Input[str] description: Description of the token.
         :param pulumi.Input[bool] extend_when_used: Extends the token session duration when the token is used. Only applicable if a value is set for `max_age_seconds`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_allowlists: List of allowed IP ranges.
         :param pulumi.Input[int] max_age_seconds: The number of hours after which a token expires. If not set, it never expires.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: Limits access to specific resources by granting read or write privileges to them. For example: `billing:read`. Available scopes are: `authentication`, `billing`, `payments` for [payment methods](https://aiven.io/docs/platform/howto/list-billing), `privatelink`, `projects`, `services`, `static_ips`, and `user`.
         """
@@ -40,6 +42,8 @@ class OrganizationApplicationUserTokenArgs:
             pulumi.set(__self__, "description", description)
         if extend_when_used is not None:
             pulumi.set(__self__, "extend_when_used", extend_when_used)
+        if ip_allowlists is not None:
+            pulumi.set(__self__, "ip_allowlists", ip_allowlists)
         if max_age_seconds is not None:
             pulumi.set(__self__, "max_age_seconds", max_age_seconds)
         if scopes is not None:
@@ -93,6 +97,18 @@ class OrganizationApplicationUserTokenArgs:
     def extend_when_used(self, value: Optional[pulumi.Input[bool]]):
         pulumi.set(self, "extend_when_used", value)
+    @property
+    @pulumi.getter(name="ipAllowlists")
+    def ip_allowlists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        List of allowed IP ranges.
+        """
+        return pulumi.get(self, "ip_allowlists")
+    @ip_allowlists.setter
+    def ip_allowlists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "ip_allowlists", value)
     @property
     @pulumi.getter(name="maxAgeSeconds")
     def max_age_seconds(self) -> Optional[pulumi.Input[int]]:
@@ -128,6 +144,7 @@ class _OrganizationApplicationUserTokenState:
                  expiry_time: Optional[pulumi.Input[str]] = None,
                  extend_when_used: Optional[pulumi.Input[bool]] = None,
                  full_token: Optional[pulumi.Input[str]] = None,
+                 ip_allowlists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  last_ip: Optional[pulumi.Input[str]] = None,
                  last_used_time: Optional[pulumi.Input[str]] = None,
                  last_user_agent: Optional[pulumi.Input[str]] = None,
@@ -146,6 +163,7 @@ class _OrganizationApplicationUserTokenState:
         :param pulumi.Input[str] expiry_time: Timestamp when the access token will expire unless extended.
         :param pulumi.Input[bool] extend_when_used: Extends the token session duration when the token is used. Only applicable if a value is set for `max_age_seconds`.
         :param pulumi.Input[str] full_token: Full token.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_allowlists: List of allowed IP ranges.
         :param pulumi.Input[str] last_ip: IP address of the last request made with this token.
         :param pulumi.Input[str] last_used_time: Timestamp when the access token was last used.
         :param pulumi.Input[str] last_user_agent: User agent of the last request made with this token.
@@ -170,6 +188,8 @@ class _OrganizationApplicationUserTokenState:
             pulumi.set(__self__, "extend_when_used", extend_when_used)
         if full_token is not None:
             pulumi.set(__self__, "full_token", full_token)
+        if ip_allowlists is not None:
+            pulumi.set(__self__, "ip_allowlists", ip_allowlists)
         if last_ip is not None:
             pulumi.set(__self__, "last_ip", last_ip)
         if last_used_time is not None:
@@ -273,6 +293,18 @@ class _OrganizationApplicationUserTokenState:
     def full_token(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "full_token", value)
+    @property
+    @pulumi.getter(name="ipAllowlists")
+    def ip_allowlists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        List of allowed IP ranges.
+        """
+        return pulumi.get(self, "ip_allowlists")
+    @ip_allowlists.setter
+    def ip_allowlists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "ip_allowlists", value)
     @property
     @pulumi.getter(name="lastIp")
     def last_ip(self) -> Optional[pulumi.Input[str]]:
@@ -389,6 +421,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  description: Optional[pulumi.Input[str]] = None,
                  extend_when_used: Optional[pulumi.Input[bool]] = None,
+                 ip_allowlists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  max_age_seconds: Optional[pulumi.Input[int]] = None,
                  organization_id: Optional[pulumi.Input[str]] = None,
                  scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
@@ -422,6 +455,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] description: Description of the token.
         :param pulumi.Input[bool] extend_when_used: Extends the token session duration when the token is used. Only applicable if a value is set for `max_age_seconds`.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_allowlists: List of allowed IP ranges.
         :param pulumi.Input[int] max_age_seconds: The number of hours after which a token expires. If not set, it never expires.
         :param pulumi.Input[str] organization_id: The ID of the organization the application user belongs to.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: Limits access to specific resources by granting read or write privileges to them. For example: `billing:read`. Available scopes are: `authentication`, `billing`, `payments` for [payment methods](https://aiven.io/docs/platform/howto/list-billing), `privatelink`, `projects`, `services`, `static_ips`, and `user`.
@@ -474,6 +508,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  description: Optional[pulumi.Input[str]] = None,
                  extend_when_used: Optional[pulumi.Input[bool]] = None,
+                 ip_allowlists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  max_age_seconds: Optional[pulumi.Input[int]] = None,
                  organization_id: Optional[pulumi.Input[str]] = None,
                  scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
@@ -489,6 +524,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
             __props__.__dict__["description"] = description
             __props__.__dict__["extend_when_used"] = extend_when_used
+            __props__.__dict__["ip_allowlists"] = ip_allowlists
             __props__.__dict__["max_age_seconds"] = max_age_seconds
             if organization_id is None and not opts.urn:
                 raise TypeError("Missing required property 'organization_id'")
@@ -526,6 +562,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
             expiry_time: Optional[pulumi.Input[str]] = None,
             extend_when_used: Optional[pulumi.Input[bool]] = None,
             full_token: Optional[pulumi.Input[str]] = None,
+            ip_allowlists: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             last_ip: Optional[pulumi.Input[str]] = None,
             last_used_time: Optional[pulumi.Input[str]] = None,
             last_user_agent: Optional[pulumi.Input[str]] = None,
@@ -549,6 +586,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
         :param pulumi.Input[str] expiry_time: Timestamp when the access token will expire unless extended.
         :param pulumi.Input[bool] extend_when_used: Extends the token session duration when the token is used. Only applicable if a value is set for `max_age_seconds`.
         :param pulumi.Input[str] full_token: Full token.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_allowlists: List of allowed IP ranges.
         :param pulumi.Input[str] last_ip: IP address of the last request made with this token.
         :param pulumi.Input[str] last_used_time: Timestamp when the access token was last used.
         :param pulumi.Input[str] last_user_agent: User agent of the last request made with this token.
@@ -570,6 +608,7 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
         __props__.__dict__["expiry_time"] = expiry_time
         __props__.__dict__["extend_when_used"] = extend_when_used
         __props__.__dict__["full_token"] = full_token
+        __props__.__dict__["ip_allowlists"] = ip_allowlists
         __props__.__dict__["last_ip"] = last_ip
         __props__.__dict__["last_used_time"] = last_used_time
         __props__.__dict__["last_user_agent"] = last_user_agent
@@ -637,6 +676,14 @@ class OrganizationApplicationUserToken(pulumi.CustomResource):
         """
         return pulumi.get(self, "full_token")
+    @property
+    @pulumi.getter(name="ipAllowlists")
+    def ip_allowlists(self) -> pulumi.Output[Optional[Sequence[str]]]:
+        """
+        List of allowed IP ranges.
+        """
+        return pulumi.get(self, "ip_allowlists")
     @property
     @pulumi.getter(name="lastIp")
     def last_ip(self) -> pulumi.Output[str]:

pulumi_aiven/organization_group_project.py CHANGED Viewed

@@ -29,7 +29,7 @@ class OrganizationGroupProjectArgs:
         The set of arguments for constructing a OrganizationGroupProject resource.
         :param pulumi.Input[str] group_id: The ID of the user group.
         :param pulumi.Input[str] project: The project that the users in the group are members of.
-        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         pulumi.set(__self__, "group_id", group_id)
         pulumi.set(__self__, "project", project)
@@ -65,7 +65,7 @@ class OrganizationGroupProjectArgs:
     @pulumi.getter
     def role(self) -> pulumi.Input[str]:
         """
-        [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         return pulumi.get(self, "role")
@@ -94,7 +94,7 @@ class _OrganizationGroupProjectState:
         Input properties used for looking up and filtering OrganizationGroupProject resources.
         :param pulumi.Input[str] group_id: The ID of the user group.
         :param pulumi.Input[str] project: The project that the users in the group are members of.
-        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         if group_id is not None:
             pulumi.set(__self__, "group_id", group_id)
@@ -133,7 +133,7 @@ class _OrganizationGroupProjectState:
     @pulumi.getter
     def role(self) -> Optional[pulumi.Input[str]]:
         """
-        [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         return pulumi.get(self, "role")
@@ -166,7 +166,7 @@ class OrganizationGroupProject(pulumi.CustomResource):
         **This resource is deprecated.** Use `OrganizationPermission` and
         migrate existing OrganizationGroupProject resources
-        to the new resource.
+        to the new resource. **Do not use the OrganizationGroupProject and OrganizationPermission resources together**.
         ## Example Usage
@@ -201,7 +201,7 @@ class OrganizationGroupProject(pulumi.CustomResource):
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] group_id: The ID of the user group.
         :param pulumi.Input[str] project: The project that the users in the group are members of.
-        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         ...
     @overload
@@ -214,7 +214,7 @@ class OrganizationGroupProject(pulumi.CustomResource):
         **This resource is deprecated.** Use `OrganizationPermission` and
         migrate existing OrganizationGroupProject resources
-        to the new resource.
+        to the new resource. **Do not use the OrganizationGroupProject and OrganizationPermission resources together**.
         ## Example Usage
@@ -306,7 +306,7 @@ class OrganizationGroupProject(pulumi.CustomResource):
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[str] group_id: The ID of the user group.
         :param pulumi.Input[str] project: The project that the users in the group are members of.
-        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        :param pulumi.Input[str] role: [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -338,7 +338,7 @@ class OrganizationGroupProject(pulumi.CustomResource):
     @pulumi.getter
     def role(self) -> pulumi.Output[str]:
         """
-        [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
+        [Project-level role](https://aiven.io/docs/platform/reference/project-member-privileges) assigned to all users in the group. The possible values are `admin`, `developer`, `operator`, `organization:app_users:write`, `organization:audit_logs:read`, `organization:billing:read`, `organization:billing:write`, `organization:domains:write`, `organization:groups:write`, `organization:idps:write`, `organization:networking:read`, `organization:networking:write`, `organization:projects:write`, `organization:users:write`, `project:audit_logs:read`, `project:integrations:read`, `project:integrations:write`, `project:networking:read`, `project:networking:write`, `project:permissions:read`, `project:services:read`, `project:services:write`, `read_only`, `role:organization:admin`, `role:services:maintenance`, `role:services:recover`, `service:configuration:write`, `service:data:write`, `service:logs:read`, `service:secrets:read` and `service:users:write`.
         """
         return pulumi.get(self, "role")

pulumi_aiven/organization_permission.py CHANGED Viewed

@@ -169,7 +169,14 @@ class OrganizationPermission(pulumi.CustomResource):
                  resource_type: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
-        Grants [roles and permissions](https://aiven.io/docs/platform/concepts/permissions) to a principal for a resource. Permissions can be granted at the organization, organizational unit, and project level. Unit-level permissions aren't shown in the Aiven Console.
+        Grants [roles and permissions](https://aiven.io/docs/platform/concepts/permissions)
+        to a principal for a resource. Permissions can be granted at the organization, organizational unit, and project level.
+        Unit-level permissions aren't shown in the Aiven Console.
+        To assign permissions to multiple users and groups on the same combination of organization ID, resource ID and resource type, don't use multiple `OrganizationPermission` resources.
+        Instead, use multiple permission blocks as in the example usage.
+        **Do not use the `ProjectUser` or `OrganizationGroupProject` resources with this resource**.
         ## Example Usage
@@ -247,7 +254,14 @@ class OrganizationPermission(pulumi.CustomResource):
                  args: OrganizationPermissionArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        Grants [roles and permissions](https://aiven.io/docs/platform/concepts/permissions) to a principal for a resource. Permissions can be granted at the organization, organizational unit, and project level. Unit-level permissions aren't shown in the Aiven Console.
+        Grants [roles and permissions](https://aiven.io/docs/platform/concepts/permissions)
+        to a principal for a resource. Permissions can be granted at the organization, organizational unit, and project level.
+        Unit-level permissions aren't shown in the Aiven Console.
+        To assign permissions to multiple users and groups on the same combination of organization ID, resource ID and resource type, don't use multiple `OrganizationPermission` resources.
+        Instead, use multiple permission blocks as in the example usage.
+        **Do not use the `ProjectUser` or `OrganizationGroupProject` resources with this resource**.
         ## Example Usage

pulumi-aiven 6.36.0a1741493223__py3-none-any.whl → 6.37.0a1741842447__py3-none-any.whl

Potentially problematic release.

pulumi-aiven 6.36.0a1741493223py3-none-any.whl → 6.37.0a1741842447py3-none-any.whl