PyPI - pulumi-alicloud - Versions diffs - 3.76.0a1743571220__py3-none-any.whl → 3.77.0a1744262757__py3-none-any.whl - Mend

pulumi-alicloud 3.76.0a1743571220py3-none-any.whl → 3.77.0a1744262757py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pulumi-alicloud might be problematic. Click here for more details.

Files changed (237) hide show

pulumi_alicloud/__init__.py +271 -4
pulumi_alicloud/_inputs.py +20 -0
pulumi_alicloud/actiontrail/global_events_storage_region.py +2 -2
pulumi_alicloud/adb/db_cluster_lake_version.py +458 -49
pulumi_alicloud/alb/load_balancer_access_log_config_attachment.py +2 -2
pulumi_alicloud/alb/server_group.py +2 -2
pulumi_alicloud/alikafka/sasl_acl.py +7 -7
pulumi_alicloud/apigateway/_inputs.py +134 -0
pulumi_alicloud/apigateway/group.py +117 -5
pulumi_alicloud/apigateway/instance.py +148 -7
pulumi_alicloud/apigateway/outputs.py +107 -0
pulumi_alicloud/arms/alert_contact.py +2 -2
pulumi_alicloud/arms/alert_contact_group.py +2 -2
pulumi_alicloud/arms/get_prometheus.py +2 -6
pulumi_alicloud/arms/grafana_workspace.py +511 -69
pulumi_alicloud/arms/outputs.py +18 -18
pulumi_alicloud/arms/prometheus_alert_rule.py +2 -2
pulumi_alicloud/arms/prometheus_monitoring.py +2 -2
pulumi_alicloud/cdn/domain_new.py +2 -2
pulumi_alicloud/cen/_inputs.py +6 -3
pulumi_alicloud/cen/get_transit_router_vpn_attachments.py +131 -19
pulumi_alicloud/cen/instance.py +101 -59
pulumi_alicloud/cen/inter_region_traffic_qos_policy.py +126 -81
pulumi_alicloud/cen/inter_region_traffic_qos_queue.py +93 -47
pulumi_alicloud/cen/outputs.py +69 -26
pulumi_alicloud/cen/transit_route_table_aggregation.py +171 -55
pulumi_alicloud/cen/transit_router.py +127 -53
pulumi_alicloud/cen/transit_router_cidr.py +53 -35
pulumi_alicloud/cen/transit_router_ecr_attachment.py +2 -2
pulumi_alicloud/cen/transit_router_peer_attachment.py +360 -143
pulumi_alicloud/cen/transit_router_route_table_association.py +33 -43
pulumi_alicloud/cen/transit_router_vpn_attachment.py +438 -109
pulumi_alicloud/clickhouse/db_cluster.py +179 -6
pulumi_alicloud/clickhouseenterprisedbcluster/__init__.py +14 -0
pulumi_alicloud/clickhouseenterprisedbcluster/_inputs.py +167 -0
pulumi_alicloud/clickhouseenterprisedbcluster/account.py +554 -0
pulumi_alicloud/clickhouseenterprisedbcluster/backup_policy.py +407 -0
pulumi_alicloud/clickhouseenterprisedbcluster/click_house_enterprise_db_cluster.py +641 -0
pulumi_alicloud/clickhouseenterprisedbcluster/outputs.py +147 -0
pulumi_alicloud/clickhouseenterprisedbcluster/public_endpoint.py +364 -0
pulumi_alicloud/clickhouseenterprisedbcluster/security_ip.py +357 -0
pulumi_alicloud/cloudsso/scim_server_credential.py +178 -11
pulumi_alicloud/config/outputs.py +12 -0
pulumi_alicloud/cs/__init__.py +1 -0
pulumi_alicloud/cs/get_kubernetes_node_pools.py +147 -0
pulumi_alicloud/cs/managed_kubernetes.py +127 -24
pulumi_alicloud/cs/node_pool.py +42 -42
pulumi_alicloud/cs/outputs.py +1782 -4
pulumi_alicloud/databasefilesystem/service_linked_role.py +2 -2
pulumi_alicloud/dataworks/data_source.py +2 -2
pulumi_alicloud/dataworks/data_source_shared_rule.py +2 -2
pulumi_alicloud/dataworks/di_alarm_rule.py +2 -2
pulumi_alicloud/dataworks/di_job.py +2 -2
pulumi_alicloud/dataworks/dw_resource_group.py +2 -2
pulumi_alicloud/dataworks/network.py +2 -2
pulumi_alicloud/dataworks/project.py +2 -2
pulumi_alicloud/dataworks/project_member.py +2 -2
pulumi_alicloud/dbs/backup_plan.py +2 -2
pulumi_alicloud/ddos/bgp_policy.py +2 -2
pulumi_alicloud/eais/__init__.py +2 -0
pulumi_alicloud/eais/_inputs.py +75 -0
pulumi_alicloud/eais/client_instance_attachment.py +408 -0
pulumi_alicloud/eais/instance.py +365 -118
pulumi_alicloud/eais/outputs.py +32 -0
pulumi_alicloud/ebs/disk_replica_group.py +512 -30
pulumi_alicloud/ebs/disk_replica_pair.py +443 -113
pulumi_alicloud/ebs/enterprise_snapshot_policy.py +2 -2
pulumi_alicloud/ebs/enterprise_snapshot_policy_attachment.py +2 -2
pulumi_alicloud/ecp/instance.py +2 -2
pulumi_alicloud/ecp/key_pair.py +4 -4
pulumi_alicloud/ecs/_inputs.py +33 -0
pulumi_alicloud/ecs/disk.py +1 -1
pulumi_alicloud/ecs/ecs_disk.py +1 -1
pulumi_alicloud/ecs/ecs_launch_template.py +23 -23
pulumi_alicloud/ecs/instance.py +1 -1
pulumi_alicloud/ecs/outputs.py +26 -2
pulumi_alicloud/eflo/__init__.py +5 -0
pulumi_alicloud/eflo/_inputs.py +1717 -0
pulumi_alicloud/eflo/cluster.py +935 -0
pulumi_alicloud/eflo/invocation.py +1114 -0
pulumi_alicloud/eflo/node.py +1013 -0
pulumi_alicloud/eflo/node_group.py +1101 -0
pulumi_alicloud/eflo/outputs.py +1366 -0
pulumi_alicloud/ens/eip_instance_attachment.py +2 -2
pulumi_alicloud/ens/image.py +81 -34
pulumi_alicloud/esa/__init__.py +4 -0
pulumi_alicloud/esa/_inputs.py +640 -18
pulumi_alicloud/esa/cache_reserve_instance.py +522 -0
pulumi_alicloud/esa/cache_rule.py +193 -179
pulumi_alicloud/esa/certificate.py +99 -92
pulumi_alicloud/esa/compression_rule.py +42 -28
pulumi_alicloud/esa/edge_container_app.py +972 -0
pulumi_alicloud/esa/edge_container_app_record.py +376 -0
pulumi_alicloud/esa/http_request_header_modification_rule.py +56 -42
pulumi_alicloud/esa/http_response_header_modification_rule.py +35 -56
pulumi_alicloud/esa/https_application_configuration.py +42 -28
pulumi_alicloud/esa/https_basic_configuration.py +56 -42
pulumi_alicloud/esa/image_transform.py +42 -28
pulumi_alicloud/esa/kv_namespace.py +11 -11
pulumi_alicloud/esa/list.py +28 -28
pulumi_alicloud/esa/network_optimization.py +56 -126
pulumi_alicloud/esa/origin_pool.py +19 -19
pulumi_alicloud/esa/origin_rule.py +67 -39
pulumi_alicloud/esa/outputs.py +536 -12
pulumi_alicloud/esa/page.py +28 -49
pulumi_alicloud/esa/rate_plan_instance.py +86 -159
pulumi_alicloud/esa/redirect_rule.py +42 -28
pulumi_alicloud/esa/rewrite_url_rule.py +49 -63
pulumi_alicloud/esa/site.py +67 -123
pulumi_alicloud/esa/site_delivery_task.py +841 -0
pulumi_alicloud/esa/waiting_room.py +269 -319
pulumi_alicloud/esa/waiting_room_event.py +291 -305
pulumi_alicloud/esa/waiting_room_rule.py +46 -53
pulumi_alicloud/ess/_inputs.py +155 -0
pulumi_alicloud/ess/outputs.py +128 -0
pulumi_alicloud/ess/scaling_group.py +237 -2
pulumi_alicloud/ess/scaling_rule.py +143 -2
pulumi_alicloud/expressconnect/router_grant_association.py +2 -2
pulumi_alicloud/expressconnect/virtual_border_router.py +4 -4
pulumi_alicloud/gpdb/hadoop_data_source.py +2 -2
pulumi_alicloud/gpdb/jdbc_data_source.py +2 -2
pulumi_alicloud/gpdb/remote_adb_data_source.py +6 -6
pulumi_alicloud/gpdb/streaming_data_source.py +2 -2
pulumi_alicloud/gpdb/streaming_job.py +2 -2
pulumi_alicloud/ims/oidc_provider.py +24 -13
pulumi_alicloud/kvstore/account.py +9 -9
pulumi_alicloud/kvstore/connection.py +2 -2
pulumi_alicloud/kvstore/get_instance_classes.py +2 -2
pulumi_alicloud/kvstore/get_instance_engines.py +2 -2
pulumi_alicloud/kvstore/instance.py +7 -7
pulumi_alicloud/kvstore/outputs.py +2 -2
pulumi_alicloud/live/caster.py +2 -2
pulumi_alicloud/maxcompute/__init__.py +1 -0
pulumi_alicloud/maxcompute/_inputs.py +232 -3
pulumi_alicloud/maxcompute/outputs.py +183 -2
pulumi_alicloud/maxcompute/project.py +2 -2
pulumi_alicloud/maxcompute/quota.py +438 -0
pulumi_alicloud/nas/mount_target.py +149 -54
pulumi_alicloud/nlb/__init__.py +1 -0
pulumi_alicloud/nlb/_inputs.py +43 -6
pulumi_alicloud/nlb/load_balancer.py +212 -24
pulumi_alicloud/nlb/load_balancer_zone_shifted_attachment.py +397 -0
pulumi_alicloud/nlb/outputs.py +30 -4
pulumi_alicloud/nlb/server_group_server_attachment.py +118 -65
pulumi_alicloud/oss/__init__.py +1 -0
pulumi_alicloud/oss/_inputs.py +20 -0
pulumi_alicloud/oss/access_point.py +2 -2
pulumi_alicloud/oss/bucket_cname.py +2 -2
pulumi_alicloud/oss/bucket_cors.py +2 -2
pulumi_alicloud/oss/bucket_style.py +402 -0
pulumi_alicloud/oss/bucket_website.py +2 -2
pulumi_alicloud/oss/outputs.py +14 -0
pulumi_alicloud/pai/service.py +59 -67
pulumi_alicloud/polardb/cluster.py +75 -28
pulumi_alicloud/privatelink/vpc_endpoint_zone.py +1 -1
pulumi_alicloud/pulumi-plugin.json +1 -1
pulumi_alicloud/ram/__init__.py +3 -0
pulumi_alicloud/ram/_inputs.py +9 -9
pulumi_alicloud/ram/access_key.py +77 -31
pulumi_alicloud/ram/account_alias.py +18 -45
pulumi_alicloud/ram/get_system_policys.py +189 -0
pulumi_alicloud/ram/group.py +156 -35
pulumi_alicloud/ram/group_policy_attachment.py +51 -29
pulumi_alicloud/ram/login_profile.py +92 -38
pulumi_alicloud/ram/outputs.py +91 -6
pulumi_alicloud/ram/password_policy.py +779 -0
pulumi_alicloud/ram/policy.py +199 -88
pulumi_alicloud/ram/role_policy_attachment.py +51 -29
pulumi_alicloud/ram/saml_provider.py +44 -37
pulumi_alicloud/ram/user_group_attachment.py +273 -0
pulumi_alicloud/ram/user_policy_attachment.py +49 -27
pulumi_alicloud/rds/__init__.py +1 -0
pulumi_alicloud/rds/custom_disk.py +1053 -0
pulumi_alicloud/rds/instance.py +110 -14
pulumi_alicloud/redis/tair_instance.py +14 -14
pulumi_alicloud/resourcemanager/__init__.py +1 -0
pulumi_alicloud/resourcemanager/_inputs.py +53 -0
pulumi_alicloud/resourcemanager/auto_grouping_rule.py +796 -0
pulumi_alicloud/resourcemanager/outputs.py +50 -0
pulumi_alicloud/resourcemanager/shared_resource.py +7 -0
pulumi_alicloud/rocketmq/__init__.py +1 -1
pulumi_alicloud/rocketmq/_inputs.py +146 -4
pulumi_alicloud/rocketmq/account.py +452 -0
pulumi_alicloud/rocketmq/acl.py +473 -47
pulumi_alicloud/rocketmq/client_user.py +8 -2
pulumi_alicloud/rocketmq/consumer_group.py +121 -24
pulumi_alicloud/rocketmq/dnat_entry.py +8 -2
pulumi_alicloud/rocketmq/outputs.py +113 -4
pulumi_alicloud/rocketmq/qos.py +8 -2
pulumi_alicloud/rocketmq/qos_car.py +10 -4
pulumi_alicloud/rocketmq/qos_policy.py +6 -0
pulumi_alicloud/rocketmq/rocket_mq_instance.py +136 -7
pulumi_alicloud/rocketmq/rocket_mq_topic.py +121 -24
pulumi_alicloud/rocketmq/snat_entry.py +8 -2
pulumi_alicloud/sag/__init__.py +8 -0
pulumi_alicloud/sag/acl.py +200 -0
pulumi_alicloud/{rocketmq → sag}/acl_rule.py +7 -7
pulumi_alicloud/sag/client_user.py +560 -0
pulumi_alicloud/sag/dnat_entry.py +512 -0
pulumi_alicloud/sag/get_acls.py +2 -2
pulumi_alicloud/sag/qos.py +202 -0
pulumi_alicloud/sag/qos_car.py +654 -0
pulumi_alicloud/sag/qos_policy.py +659 -0
pulumi_alicloud/sag/snat_entry.py +313 -0
pulumi_alicloud/securitycenter/group.py +2 -2
pulumi_alicloud/selectdb/db_instance.py +60 -11
pulumi_alicloud/slb/server_group_server_attachment.py +101 -111
pulumi_alicloud/sls/oss_export_sink.py +2 -2
pulumi_alicloud/threatdetection/__init__.py +3 -0
pulumi_alicloud/threatdetection/anti_brute_force_rule.py +41 -65
pulumi_alicloud/threatdetection/asset_bind.py +209 -0
pulumi_alicloud/threatdetection/asset_selection_config.py +258 -0
pulumi_alicloud/threatdetection/instance.py +271 -54
pulumi_alicloud/threatdetection/log_meta.py +351 -0
pulumi_alicloud/vpc/__init__.py +1 -0
pulumi_alicloud/vpc/_inputs.py +281 -0
pulumi_alicloud/vpc/gateway_endpoint.py +85 -27
pulumi_alicloud/vpc/get_ipam_ipam_pool_allocations.py +2 -2
pulumi_alicloud/vpc/get_ipam_ipam_pool_cidrs.py +2 -2
pulumi_alicloud/vpc/get_ipam_ipam_pools.py +2 -2
pulumi_alicloud/vpc/get_ipam_ipam_scopes.py +2 -2
pulumi_alicloud/vpc/get_ipam_ipams.py +2 -2
pulumi_alicloud/vpc/ipv6_address.py +85 -5
pulumi_alicloud/vpc/outputs.py +232 -0
pulumi_alicloud/vpc/peer_connection.py +84 -42
pulumi_alicloud/vpc/peer_connection_accepter.py +7 -21
pulumi_alicloud/vpc/route_table.py +100 -45
pulumi_alicloud/vpc/vpc_route_entry.py +724 -0
pulumi_alicloud/vpn/_inputs.py +716 -71
pulumi_alicloud/vpn/gateway_vpn_attachment.py +622 -128
pulumi_alicloud/vpn/get_gateway_vpn_attachments.py +20 -63
pulumi_alicloud/vpn/ipsec_server.py +2 -2
pulumi_alicloud/vpn/outputs.py +1963 -998
{pulumi_alicloud-3.76.0a1743571220.dist-info → pulumi_alicloud-3.77.0a1744262757.dist-info}/METADATA +1 -1
{pulumi_alicloud-3.76.0a1743571220.dist-info → pulumi_alicloud-3.77.0a1744262757.dist-info}/RECORD +237 -197
{pulumi_alicloud-3.76.0a1743571220.dist-info → pulumi_alicloud-3.77.0a1744262757.dist-info}/WHEEL +0 -0
{pulumi_alicloud-3.76.0a1743571220.dist-info → pulumi_alicloud-3.77.0a1744262757.dist-info}/top_level.txt +0 -0

pulumi_alicloud/cs/managed_kubernetes.py CHANGED Viewed

@@ -59,7 +59,8 @@ class ManagedKubernetesArgs:
                  user_ca: Optional[pulumi.Input[str]] = None,
                  version: Optional[pulumi.Input[str]] = None,
                  vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
-                 worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
+                 worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 zone_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
         """
         The set of arguments for constructing a ManagedKubernetes resource.
         :param pulumi.Input[Sequence[pulumi.Input['ManagedKubernetesAddonArgs']]] addons: The addon you want to install in cluster. See `addons` below. Only works for **Create** Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.
@@ -97,11 +98,19 @@ class ManagedKubernetesArgs:
         :param pulumi.Input[str] proxy_mode: Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.
         :param pulumi.Input[str] resource_group_id: The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
         :param pulumi.Input[str] security_group_id: The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+               * > **NOTE:** Please take of note before updating the `security_group_id`:
+               * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+               * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         :param pulumi.Input[str] service_account_issuer: The issuer of the Service Account token for [Service Account Token Volume Projection](https://www.alibabacloud.com/help/doc-detail/160384.htm), corresponds to the `iss` field in the token payload. Set this to `"https://kubernetes.default.svc"` to enable the Token Volume Projection feature (requires specifying `api_audiences` as well). From cluster version 1.22, Service Account Token Volume Projection will be enabled by default.
         :param pulumi.Input[str] service_cidr: The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
-        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true.
+        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See `tags` below.
-        :param pulumi.Input[str] timezone: When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        :param pulumi.Input[str] timezone: Cluster timezone, works for control plane and Worker nodes.
+               * > **NOTE:** Please take of note before updating the `timezone`:
+               * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+               * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         :param pulumi.Input[str] user_ca: The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
         :param pulumi.Input[str] version: Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK. Do not specify if cluster auto upgrade is enabled, see cluster_auto_upgrade for more information.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] vswitch_ids: The vSwitches of the control plane.
@@ -110,7 +119,8 @@ class ManagedKubernetesArgs:
                * The control plane restarts during the change process. Exercise caution when you perform this operation.
                * Ensure that all security groups of the cluster, including the security groups of the control plane, all node pools, and container network, are allowed to access the CIDR blocks of the new vSwitches. This ensures that the nodes and containers can connect to the API server.
                * If the new vSwitches of the control plane are configured with an ACL, ensure that the ACL allows communication between the new vSwitches and CIDR blocks such as those of the cluster nodes and the container network.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] zone_ids: The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
         """
         if addons is not None:
             pulumi.set(__self__, "addons", addons)
@@ -196,6 +206,8 @@ class ManagedKubernetesArgs:
             pulumi.log.warn("""worker_vswitch_ids is deprecated: Field 'worker_vswitch_ids' has been deprecated from provider version 1.241.0. Please use 'vswitch_ids' to managed control plane vswtiches""")
         if worker_vswitch_ids is not None:
             pulumi.set(__self__, "worker_vswitch_ids", worker_vswitch_ids)
+        if zone_ids is not None:
+            pulumi.set(__self__, "zone_ids", zone_ids)
     @property
     @pulumi.getter
@@ -552,6 +564,10 @@ class ManagedKubernetesArgs:
     def security_group_id(self) -> Optional[pulumi.Input[str]]:
         """
         The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+        * > **NOTE:** Please take of note before updating the `security_group_id`:
+        * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+        * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+        * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         """
         return pulumi.get(self, "security_group_id")
@@ -587,7 +603,7 @@ class ManagedKubernetesArgs:
     @pulumi.getter(name="slbInternetEnabled")
     def slb_internet_enabled(self) -> Optional[pulumi.Input[bool]]:
         """
-        Whether to create internet load balancer for API Server. Default to true.
+        Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         """
         return pulumi.get(self, "slb_internet_enabled")
@@ -611,7 +627,11 @@ class ManagedKubernetesArgs:
     @pulumi.getter
     def timezone(self) -> Optional[pulumi.Input[str]]:
         """
-        When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        Cluster timezone, works for control plane and Worker nodes.
+        * > **NOTE:** Please take of note before updating the `timezone`:
+        * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+        * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+        * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         """
         return pulumi.get(self, "timezone")
@@ -665,7 +685,7 @@ class ManagedKubernetesArgs:
     @_utilities.deprecated("""Field 'worker_vswitch_ids' has been deprecated from provider version 1.241.0. Please use 'vswitch_ids' to managed control plane vswtiches""")
     def worker_vswitch_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
         """
         return pulumi.get(self, "worker_vswitch_ids")
@@ -673,6 +693,18 @@ class ManagedKubernetesArgs:
     def worker_vswitch_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
         pulumi.set(self, "worker_vswitch_ids", value)
+    @property
+    @pulumi.getter(name="zoneIds")
+    def zone_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
+        """
+        return pulumi.get(self, "zone_ids")
+    @zone_ids.setter
+    def zone_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "zone_ids", value)
 @pulumi.input_type
 class _ManagedKubernetesState:
@@ -724,7 +756,8 @@ class _ManagedKubernetesState:
                  vpc_id: Optional[pulumi.Input[str]] = None,
                  vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  worker_ram_role_name: Optional[pulumi.Input[str]] = None,
-                 worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
+                 worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 zone_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
         """
         Input properties used for looking up and filtering ManagedKubernetes resources.
         :param pulumi.Input[Sequence[pulumi.Input['ManagedKubernetesAddonArgs']]] addons: The addon you want to install in cluster. See `addons` below. Only works for **Create** Operation, use resource cs_kubernetes_addon to manage addons if cluster is created.
@@ -766,14 +799,22 @@ class _ManagedKubernetesState:
         :param pulumi.Input[str] resource_group_id: The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
         :param pulumi.Input['ManagedKubernetesRrsaMetadataArgs'] rrsa_metadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
         :param pulumi.Input[str] security_group_id: The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+               * > **NOTE:** Please take of note before updating the `security_group_id`:
+               * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+               * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         :param pulumi.Input[str] service_account_issuer: The issuer of the Service Account token for [Service Account Token Volume Projection](https://www.alibabacloud.com/help/doc-detail/160384.htm), corresponds to the `iss` field in the token payload. Set this to `"https://kubernetes.default.svc"` to enable the Token Volume Projection feature (requires specifying `api_audiences` as well). From cluster version 1.22, Service Account Token Volume Projection will be enabled by default.
         :param pulumi.Input[str] service_cidr: The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
         :param pulumi.Input[str] slb_id: The ID of APIServer load balancer.
         :param pulumi.Input[str] slb_internet: The public ip of load balancer.
-        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true.
+        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         :param pulumi.Input[str] slb_intranet: The ID of private load balancer where the current cluster master node is located.
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See `tags` below.
-        :param pulumi.Input[str] timezone: When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        :param pulumi.Input[str] timezone: Cluster timezone, works for control plane and Worker nodes.
+               * > **NOTE:** Please take of note before updating the `timezone`:
+               * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+               * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         :param pulumi.Input[str] user_ca: The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
         :param pulumi.Input[str] version: Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK. Do not specify if cluster auto upgrade is enabled, see cluster_auto_upgrade for more information.
         :param pulumi.Input[str] vpc_id: The ID of VPC where the current cluster is located.
@@ -784,7 +825,8 @@ class _ManagedKubernetesState:
                * Ensure that all security groups of the cluster, including the security groups of the control plane, all node pools, and container network, are allowed to access the CIDR blocks of the new vSwitches. This ensures that the nodes and containers can connect to the API server.
                * If the new vSwitches of the control plane are configured with an ACL, ensure that the ACL allows communication between the new vSwitches and CIDR blocks such as those of the cluster nodes and the container network.
         :param pulumi.Input[str] worker_ram_role_name: The RamRole Name attached to worker node.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] zone_ids: The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
         """
         if addons is not None:
             pulumi.set(__self__, "addons", addons)
@@ -888,6 +930,8 @@ class _ManagedKubernetesState:
             pulumi.log.warn("""worker_vswitch_ids is deprecated: Field 'worker_vswitch_ids' has been deprecated from provider version 1.241.0. Please use 'vswitch_ids' to managed control plane vswtiches""")
         if worker_vswitch_ids is not None:
             pulumi.set(__self__, "worker_vswitch_ids", worker_vswitch_ids)
+        if zone_ids is not None:
+            pulumi.set(__self__, "zone_ids", zone_ids)
     @property
     @pulumi.getter
@@ -1292,6 +1336,10 @@ class _ManagedKubernetesState:
     def security_group_id(self) -> Optional[pulumi.Input[str]]:
         """
         The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+        * > **NOTE:** Please take of note before updating the `security_group_id`:
+        * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+        * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+        * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         """
         return pulumi.get(self, "security_group_id")
@@ -1351,7 +1399,7 @@ class _ManagedKubernetesState:
     @pulumi.getter(name="slbInternetEnabled")
     def slb_internet_enabled(self) -> Optional[pulumi.Input[bool]]:
         """
-        Whether to create internet load balancer for API Server. Default to true.
+        Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         """
         return pulumi.get(self, "slb_internet_enabled")
@@ -1387,7 +1435,11 @@ class _ManagedKubernetesState:
     @pulumi.getter
     def timezone(self) -> Optional[pulumi.Input[str]]:
         """
-        When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        Cluster timezone, works for control plane and Worker nodes.
+        * > **NOTE:** Please take of note before updating the `timezone`:
+        * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+        * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+        * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         """
         return pulumi.get(self, "timezone")
@@ -1465,7 +1517,7 @@ class _ManagedKubernetesState:
     @_utilities.deprecated("""Field 'worker_vswitch_ids' has been deprecated from provider version 1.241.0. Please use 'vswitch_ids' to managed control plane vswtiches""")
     def worker_vswitch_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
         """
         return pulumi.get(self, "worker_vswitch_ids")
@@ -1473,6 +1525,18 @@ class _ManagedKubernetesState:
     def worker_vswitch_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
         pulumi.set(self, "worker_vswitch_ids", value)
+    @property
+    @pulumi.getter(name="zoneIds")
+    def zone_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
+        """
+        return pulumi.get(self, "zone_ids")
+    @zone_ids.setter
+    def zone_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "zone_ids", value)
 class ManagedKubernetes(pulumi.CustomResource):
     @overload
@@ -1518,6 +1582,7 @@ class ManagedKubernetes(pulumi.CustomResource):
                  version: Optional[pulumi.Input[str]] = None,
                  vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 zone_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  __props__=None):
         """
         This resource will help you to manage a ManagedKubernetes Cluster in Alibaba Cloud Kubernetes Service.
@@ -1597,11 +1662,19 @@ class ManagedKubernetes(pulumi.CustomResource):
         :param pulumi.Input[str] proxy_mode: Proxy mode is option of kube-proxy. options: iptables|ipvs. default: ipvs.
         :param pulumi.Input[str] resource_group_id: The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
         :param pulumi.Input[str] security_group_id: The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+               * > **NOTE:** Please take of note before updating the `security_group_id`:
+               * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+               * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         :param pulumi.Input[str] service_account_issuer: The issuer of the Service Account token for [Service Account Token Volume Projection](https://www.alibabacloud.com/help/doc-detail/160384.htm), corresponds to the `iss` field in the token payload. Set this to `"https://kubernetes.default.svc"` to enable the Token Volume Projection feature (requires specifying `api_audiences` as well). From cluster version 1.22, Service Account Token Volume Projection will be enabled by default.
         :param pulumi.Input[str] service_cidr: The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
-        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true.
+        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See `tags` below.
-        :param pulumi.Input[str] timezone: When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        :param pulumi.Input[str] timezone: Cluster timezone, works for control plane and Worker nodes.
+               * > **NOTE:** Please take of note before updating the `timezone`:
+               * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+               * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         :param pulumi.Input[str] user_ca: The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
         :param pulumi.Input[str] version: Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK. Do not specify if cluster auto upgrade is enabled, see cluster_auto_upgrade for more information.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] vswitch_ids: The vSwitches of the control plane.
@@ -1610,7 +1683,8 @@ class ManagedKubernetes(pulumi.CustomResource):
                * The control plane restarts during the change process. Exercise caution when you perform this operation.
                * Ensure that all security groups of the cluster, including the security groups of the control plane, all node pools, and container network, are allowed to access the CIDR blocks of the new vSwitches. This ensures that the nodes and containers can connect to the API server.
                * If the new vSwitches of the control plane are configured with an ACL, ensure that the ACL allows communication between the new vSwitches and CIDR blocks such as those of the cluster nodes and the container network.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] zone_ids: The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
         """
         ...
     @overload
@@ -1713,6 +1787,7 @@ class ManagedKubernetes(pulumi.CustomResource):
                  version: Optional[pulumi.Input[str]] = None,
                  vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 zone_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -1761,6 +1836,7 @@ class ManagedKubernetes(pulumi.CustomResource):
             __props__.__dict__["version"] = version
             __props__.__dict__["vswitch_ids"] = vswitch_ids
             __props__.__dict__["worker_vswitch_ids"] = worker_vswitch_ids
+            __props__.__dict__["zone_ids"] = zone_ids
             __props__.__dict__["certificate_authority"] = None
             __props__.__dict__["connections"] = None
             __props__.__dict__["nat_gateway_id"] = None
@@ -1827,7 +1903,8 @@ class ManagedKubernetes(pulumi.CustomResource):
             vpc_id: Optional[pulumi.Input[str]] = None,
             vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             worker_ram_role_name: Optional[pulumi.Input[str]] = None,
-            worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None) -> 'ManagedKubernetes':
+            worker_vswitch_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+            zone_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None) -> 'ManagedKubernetes':
         """
         Get an existing ManagedKubernetes resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -1874,14 +1951,22 @@ class ManagedKubernetes(pulumi.CustomResource):
         :param pulumi.Input[str] resource_group_id: The ID of the resource group,by default these cloud resources are automatically assigned to the default resource group.
         :param pulumi.Input[Union['ManagedKubernetesRrsaMetadataArgs', 'ManagedKubernetesRrsaMetadataArgsDict']] rrsa_metadata: (Optional, Available since v1.185.0) Nested attribute containing RRSA related data for your cluster.
         :param pulumi.Input[str] security_group_id: The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+               * > **NOTE:** Please take of note before updating the `security_group_id`:
+               * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+               * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         :param pulumi.Input[str] service_account_issuer: The issuer of the Service Account token for [Service Account Token Volume Projection](https://www.alibabacloud.com/help/doc-detail/160384.htm), corresponds to the `iss` field in the token payload. Set this to `"https://kubernetes.default.svc"` to enable the Token Volume Projection feature (requires specifying `api_audiences` as well). From cluster version 1.22, Service Account Token Volume Projection will be enabled by default.
         :param pulumi.Input[str] service_cidr: The CIDR block for the service network. It cannot be duplicated with the VPC CIDR and CIDR used by Kubernetes cluster in VPC, cannot be modified after creation.
         :param pulumi.Input[str] slb_id: The ID of APIServer load balancer.
         :param pulumi.Input[str] slb_internet: The public ip of load balancer.
-        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true.
+        :param pulumi.Input[bool] slb_internet_enabled: Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         :param pulumi.Input[str] slb_intranet: The ID of private load balancer where the current cluster master node is located.
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags: Default nil, A map of tags assigned to the kubernetes cluster and work nodes. See `tags` below.
-        :param pulumi.Input[str] timezone: When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        :param pulumi.Input[str] timezone: Cluster timezone, works for control plane and Worker nodes.
+               * > **NOTE:** Please take of note before updating the `timezone`:
+               * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+               * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+               * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         :param pulumi.Input[str] user_ca: The path of customized CA cert, you can use this CA to sign client certs to connect your cluster.
         :param pulumi.Input[str] version: Desired Kubernetes version. If you do not specify a value, the latest available version at resource creation is used and no upgrades will occur except you set a higher version number. The value must be configured and increased to upgrade the version when desired. Downgrades are not supported by ACK. Do not specify if cluster auto upgrade is enabled, see cluster_auto_upgrade for more information.
         :param pulumi.Input[str] vpc_id: The ID of VPC where the current cluster is located.
@@ -1892,7 +1977,8 @@ class ManagedKubernetes(pulumi.CustomResource):
                * Ensure that all security groups of the cluster, including the security groups of the control plane, all node pools, and container network, are allowed to access the CIDR blocks of the new vSwitches. This ensures that the nodes and containers can connect to the API server.
                * If the new vSwitches of the control plane are configured with an ACL, ensure that the ACL allows communication between the new vSwitches and CIDR blocks such as those of the cluster nodes and the container network.
         :param pulumi.Input[str] worker_ram_role_name: The RamRole Name attached to worker node.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] worker_vswitch_ids: The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] zone_ids: The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -1946,6 +2032,7 @@ class ManagedKubernetes(pulumi.CustomResource):
         __props__.__dict__["vswitch_ids"] = vswitch_ids
         __props__.__dict__["worker_ram_role_name"] = worker_ram_role_name
         __props__.__dict__["worker_vswitch_ids"] = worker_vswitch_ids
+        __props__.__dict__["zone_ids"] = zone_ids
         return ManagedKubernetes(resource_name, opts=opts, __props__=__props__)
     @property
@@ -2219,6 +2306,10 @@ class ManagedKubernetes(pulumi.CustomResource):
     def security_group_id(self) -> pulumi.Output[str]:
         """
         The ID of the security group to which the ECS instances in the cluster belong. If it is not specified, a new Security group will be built.
+        * > **NOTE:** Please take of note before updating the `security_group_id`:
+        * If block rules are configured in the security group, ensure the security group rules allow traffic for protocols and ports required by the cluster. For recommended security group rules, see [Configure and manage security groups for an ACK cluster](https://www.alibabacloud.com/help/en/ack/ack-managed-and-ack-dedicated/user-guide/configure-security-group-rules-to-enforce-access-control-on-ack-clusters).
+        * During security group updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+        * After updating the control plane security group, the Elastic Network Interfaces (ENIs) used by the control plane and managed components will automatically join the new security group.
         """
         return pulumi.get(self, "security_group_id")
@@ -2258,7 +2349,7 @@ class ManagedKubernetes(pulumi.CustomResource):
     @pulumi.getter(name="slbInternetEnabled")
     def slb_internet_enabled(self) -> pulumi.Output[Optional[bool]]:
         """
-        Whether to create internet load balancer for API Server. Default to true.
+        Whether to create internet load balancer for API Server. Default to true. Only works for **Create** Operation.
         """
         return pulumi.get(self, "slb_internet_enabled")
@@ -2282,7 +2373,11 @@ class ManagedKubernetes(pulumi.CustomResource):
     @pulumi.getter
     def timezone(self) -> pulumi.Output[Optional[str]]:
         """
-        When you create a cluster, set the time zones for the Master and Worker nodes. You can only change the managed node time zone if you create a cluster. Once the cluster is created, you can only change the time zone of the Worker node.
+        Cluster timezone, works for control plane and Worker nodes.
+        * > **NOTE:** Please take of note before updating the `timezone`:
+        * After modifying the timezone, cluster inspection configurations will adopt the new timezone.
+        * During timezone updates, the cluster control plane and managed components (e.g., terway-controlplane) will restart briefly. Perform this operation during off-peak hours.
+        * After updating the timezone: Newly scaled-out nodes will automatically apply the new timezone. Existing nodes remain unaffected. Reset the node to apply changes to existing nodes.
         """
         return pulumi.get(self, "timezone")
@@ -2336,7 +2431,15 @@ class ManagedKubernetes(pulumi.CustomResource):
     @_utilities.deprecated("""Field 'worker_vswitch_ids' has been deprecated from provider version 1.241.0. Please use 'vswitch_ids' to managed control plane vswtiches""")
     def worker_vswitch_ids(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        The vswitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vswtiches, which supports modifying control plane vswtiches.
+        The vSwitches used by control plane. Modification after creation will not take effect. Please use `vswitch_ids` to managed control plane vSwitches, which supports modifying control plane vSwitches.
         """
         return pulumi.get(self, "worker_vswitch_ids")
+    @property
+    @pulumi.getter(name="zoneIds")
+    def zone_ids(self) -> pulumi.Output[Optional[Sequence[str]]]:
+        """
+        The IDs of the zone in which the cluster control plane is deployed. ACK automatically creates a VPC in the region and vSwitches in the specified zones. Only works for **Create** Operation. Do not specify this with `vswitch_ids` together.
+        """
+        return pulumi.get(self, "zone_ids")

pulumi-alicloud 3.76.0a1743571220__py3-none-any.whl → 3.77.0a1744262757__py3-none-any.whl

Potentially problematic release.

pulumi-alicloud 3.76.0a1743571220py3-none-any.whl → 3.77.0a1744262757py3-none-any.whl