pulumi-gcp 7.0.0rc0__py3-none-any.whl → 7.1.0__py3-none-any.whl

Sign up to get free protection for your applications and to get access to all the features.
Files changed (678) hide show
  1. pulumi_gcp/__init__.py +118 -0
  2. pulumi_gcp/accesscontextmanager/_inputs.py +546 -71
  3. pulumi_gcp/accesscontextmanager/access_level.py +18 -2
  4. pulumi_gcp/accesscontextmanager/access_level_condition.py +57 -3
  5. pulumi_gcp/accesscontextmanager/access_levels.py +18 -2
  6. pulumi_gcp/accesscontextmanager/access_policy.py +18 -2
  7. pulumi_gcp/accesscontextmanager/authorized_orgs_desc.py +18 -2
  8. pulumi_gcp/accesscontextmanager/egress_policy.py +18 -2
  9. pulumi_gcp/accesscontextmanager/gcp_user_access_binding.py +18 -2
  10. pulumi_gcp/accesscontextmanager/ingress_policy.py +18 -2
  11. pulumi_gcp/accesscontextmanager/outputs.py +643 -71
  12. pulumi_gcp/accesscontextmanager/service_perimeter.py +18 -2
  13. pulumi_gcp/accesscontextmanager/service_perimeter_egress_policy.py +18 -2
  14. pulumi_gcp/accesscontextmanager/service_perimeter_ingress_policy.py +18 -2
  15. pulumi_gcp/accesscontextmanager/service_perimeter_resource.py +18 -2
  16. pulumi_gcp/accesscontextmanager/service_perimeters.py +18 -2
  17. pulumi_gcp/activedirectory/domain.py +22 -10
  18. pulumi_gcp/activedirectory/domain_trust.py +18 -2
  19. pulumi_gcp/activedirectory/peering.py +4 -8
  20. pulumi_gcp/alloydb/__init__.py +1 -0
  21. pulumi_gcp/alloydb/_inputs.py +93 -0
  22. pulumi_gcp/alloydb/backup.py +22 -10
  23. pulumi_gcp/alloydb/cluster.py +283 -11
  24. pulumi_gcp/alloydb/instance.py +241 -40
  25. pulumi_gcp/alloydb/outputs.py +130 -0
  26. pulumi_gcp/alloydb/user.py +609 -0
  27. pulumi_gcp/apigateway/api.py +22 -10
  28. pulumi_gcp/apigateway/api_config.py +22 -10
  29. pulumi_gcp/apigateway/gateway.py +22 -10
  30. pulumi_gcp/apigee/addons_config.py +18 -2
  31. pulumi_gcp/apigee/endpoint_attachment.py +18 -2
  32. pulumi_gcp/apigee/env_group.py +18 -2
  33. pulumi_gcp/apigee/env_group_attachment.py +18 -2
  34. pulumi_gcp/apigee/env_keystore.py +18 -2
  35. pulumi_gcp/apigee/env_references.py +18 -2
  36. pulumi_gcp/apigee/environment.py +96 -5
  37. pulumi_gcp/apigee/flowhook.py +18 -2
  38. pulumi_gcp/apigee/instance.py +18 -2
  39. pulumi_gcp/apigee/instance_attachment.py +18 -2
  40. pulumi_gcp/apigee/keystores_aliases_key_cert_file.py +18 -2
  41. pulumi_gcp/apigee/keystores_aliases_pkcs12.py +18 -2
  42. pulumi_gcp/apigee/keystores_aliases_self_signed_cert.py +18 -2
  43. pulumi_gcp/apigee/nat_address.py +18 -2
  44. pulumi_gcp/apigee/organization.py +18 -2
  45. pulumi_gcp/apigee/sharedflow.py +18 -2
  46. pulumi_gcp/apigee/sharedflow_deployment.py +18 -2
  47. pulumi_gcp/apigee/sync_authorization.py +18 -2
  48. pulumi_gcp/apigee/target_server.py +18 -2
  49. pulumi_gcp/appengine/application.py +20 -4
  50. pulumi_gcp/appengine/application_url_dispatch_rules.py +18 -2
  51. pulumi_gcp/appengine/domain_mapping.py +18 -2
  52. pulumi_gcp/appengine/engine_split_traffic.py +18 -2
  53. pulumi_gcp/appengine/firewall_rule.py +18 -2
  54. pulumi_gcp/appengine/flexible_app_version.py +18 -2
  55. pulumi_gcp/appengine/service_network_settings.py +18 -2
  56. pulumi_gcp/appengine/standard_app_version.py +18 -2
  57. pulumi_gcp/artifactregistry/_inputs.py +4 -4
  58. pulumi_gcp/artifactregistry/outputs.py +4 -4
  59. pulumi_gcp/artifactregistry/repository.py +24 -12
  60. pulumi_gcp/artifactregistry/vpcsc_config.py +18 -2
  61. pulumi_gcp/assuredworkloads/_inputs.py +178 -4
  62. pulumi_gcp/assuredworkloads/outputs.py +217 -5
  63. pulumi_gcp/assuredworkloads/workload.py +474 -63
  64. pulumi_gcp/backupdisasterrecovery/__init__.py +1 -0
  65. pulumi_gcp/backupdisasterrecovery/get_management_server.py +152 -0
  66. pulumi_gcp/backupdisasterrecovery/management_server.py +18 -2
  67. pulumi_gcp/backupdisasterrecovery/outputs.py +40 -0
  68. pulumi_gcp/beyondcorp/app_connection.py +22 -10
  69. pulumi_gcp/beyondcorp/app_connector.py +22 -10
  70. pulumi_gcp/beyondcorp/app_gateway.py +22 -10
  71. pulumi_gcp/biglake/catalog.py +18 -2
  72. pulumi_gcp/biglake/database.py +18 -2
  73. pulumi_gcp/biglake/table.py +18 -2
  74. pulumi_gcp/bigquery/__init__.py +1 -0
  75. pulumi_gcp/bigquery/_inputs.py +94 -8
  76. pulumi_gcp/bigquery/app_profile.py +18 -2
  77. pulumi_gcp/bigquery/bi_reservation.py +18 -2
  78. pulumi_gcp/bigquery/capacity_commitment.py +25 -9
  79. pulumi_gcp/bigquery/connection.py +56 -2
  80. pulumi_gcp/bigquery/data_transfer_config.py +18 -2
  81. pulumi_gcp/bigquery/dataset.py +22 -10
  82. pulumi_gcp/bigquery/dataset_iam_binding.py +10 -38
  83. pulumi_gcp/bigquery/dataset_iam_member.py +10 -38
  84. pulumi_gcp/bigquery/dataset_iam_policy.py +10 -38
  85. pulumi_gcp/bigquery/get_dataset.py +315 -0
  86. pulumi_gcp/bigquery/job.py +26 -10
  87. pulumi_gcp/bigquery/outputs.py +275 -9
  88. pulumi_gcp/bigquery/reservation.py +18 -2
  89. pulumi_gcp/bigquery/reservation_assignment.py +18 -2
  90. pulumi_gcp/bigquery/routine.py +18 -2
  91. pulumi_gcp/bigquery/table.py +171 -17
  92. pulumi_gcp/bigqueryanalyticshub/data_exchange.py +18 -2
  93. pulumi_gcp/bigqueryanalyticshub/listing.py +18 -2
  94. pulumi_gcp/bigquerydatapolicy/data_policy.py +18 -2
  95. pulumi_gcp/bigtable/instance.py +30 -10
  96. pulumi_gcp/bigtable/instance_iam_binding.py +12 -20
  97. pulumi_gcp/bigtable/instance_iam_member.py +12 -20
  98. pulumi_gcp/bigtable/instance_iam_policy.py +12 -20
  99. pulumi_gcp/bigtable/table.py +18 -6
  100. pulumi_gcp/bigtable/table_iam_binding.py +12 -20
  101. pulumi_gcp/bigtable/table_iam_member.py +12 -20
  102. pulumi_gcp/bigtable/table_iam_policy.py +12 -20
  103. pulumi_gcp/billing/account_iam_binding.py +12 -20
  104. pulumi_gcp/billing/account_iam_member.py +12 -20
  105. pulumi_gcp/billing/account_iam_policy.py +12 -20
  106. pulumi_gcp/billing/budget.py +18 -2
  107. pulumi_gcp/billing/project_info.py +18 -2
  108. pulumi_gcp/billing/sub_account.py +18 -2
  109. pulumi_gcp/binaryauthorization/attestor.py +18 -2
  110. pulumi_gcp/binaryauthorization/policy.py +18 -2
  111. pulumi_gcp/certificateauthority/authority.py +22 -10
  112. pulumi_gcp/certificateauthority/ca_pool.py +22 -10
  113. pulumi_gcp/certificateauthority/certificate.py +22 -10
  114. pulumi_gcp/certificateauthority/certificate_template.py +22 -10
  115. pulumi_gcp/certificatemanager/certificate.py +223 -31
  116. pulumi_gcp/certificatemanager/certificate_issuance_config.py +22 -10
  117. pulumi_gcp/certificatemanager/certificate_map.py +22 -10
  118. pulumi_gcp/certificatemanager/certificate_map_entry.py +22 -10
  119. pulumi_gcp/certificatemanager/dns_authorization.py +22 -10
  120. pulumi_gcp/certificatemanager/trust_config.py +22 -10
  121. pulumi_gcp/cloudasset/folder_feed.py +18 -2
  122. pulumi_gcp/cloudasset/organization_feed.py +18 -2
  123. pulumi_gcp/cloudasset/project_feed.py +18 -2
  124. pulumi_gcp/cloudbuild/bitbucket_server_config.py +18 -2
  125. pulumi_gcp/cloudbuild/trigger.py +18 -2
  126. pulumi_gcp/cloudbuild/worker_pool.py +18 -2
  127. pulumi_gcp/cloudbuildv2/connection.py +18 -2
  128. pulumi_gcp/cloudbuildv2/repository.py +18 -2
  129. pulumi_gcp/clouddeploy/delivery_pipeline.py +22 -10
  130. pulumi_gcp/clouddeploy/target.py +22 -10
  131. pulumi_gcp/cloudfunctions/function.py +26 -14
  132. pulumi_gcp/cloudfunctions/get_function.py +3 -0
  133. pulumi_gcp/cloudfunctionsv2/function.py +22 -10
  134. pulumi_gcp/cloudidentity/__init__.py +1 -0
  135. pulumi_gcp/cloudidentity/_inputs.py +119 -0
  136. pulumi_gcp/cloudidentity/get_group_lookup.py +128 -0
  137. pulumi_gcp/cloudidentity/group.py +50 -2
  138. pulumi_gcp/cloudidentity/group_membership.py +18 -2
  139. pulumi_gcp/cloudidentity/outputs.py +156 -0
  140. pulumi_gcp/cloudids/endpoint.py +18 -2
  141. pulumi_gcp/cloudrun/_inputs.py +12 -0
  142. pulumi_gcp/cloudrun/domain_mapping.py +18 -2
  143. pulumi_gcp/cloudrun/outputs.py +12 -0
  144. pulumi_gcp/cloudrun/service.py +18 -2
  145. pulumi_gcp/cloudrunv2/__init__.py +2 -0
  146. pulumi_gcp/cloudrunv2/get_job.py +394 -0
  147. pulumi_gcp/cloudrunv2/get_service.py +454 -0
  148. pulumi_gcp/cloudrunv2/job.py +40 -27
  149. pulumi_gcp/cloudrunv2/outputs.py +1687 -0
  150. pulumi_gcp/cloudrunv2/service.py +40 -27
  151. pulumi_gcp/cloudscheduler/job.py +18 -2
  152. pulumi_gcp/cloudtasks/queue.py +18 -2
  153. pulumi_gcp/composer/_inputs.py +17 -0
  154. pulumi_gcp/composer/environment.py +68 -5
  155. pulumi_gcp/composer/get_environment.py +13 -3
  156. pulumi_gcp/composer/outputs.py +26 -0
  157. pulumi_gcp/compute/__init__.py +2 -0
  158. pulumi_gcp/compute/_inputs.py +158 -4
  159. pulumi_gcp/compute/address.py +38 -18
  160. pulumi_gcp/compute/attached_disk.py +18 -2
  161. pulumi_gcp/compute/autoscaler.py +18 -2
  162. pulumi_gcp/compute/backend_bucket.py +18 -2
  163. pulumi_gcp/compute/backend_service.py +32 -16
  164. pulumi_gcp/compute/disk.py +22 -10
  165. pulumi_gcp/compute/disk_resource_policy_attachment.py +18 -2
  166. pulumi_gcp/compute/external_vpn_gateway.py +22 -10
  167. pulumi_gcp/compute/firewall.py +18 -2
  168. pulumi_gcp/compute/firewall_policy_association.py +18 -2
  169. pulumi_gcp/compute/firewall_policy_rule.py +18 -2
  170. pulumi_gcp/compute/forwarding_rule.py +377 -276
  171. pulumi_gcp/compute/get_disk.py +3 -0
  172. pulumi_gcp/compute/get_forwarding_rule.py +11 -1
  173. pulumi_gcp/compute/get_image.py +3 -0
  174. pulumi_gcp/compute/get_network.py +14 -1
  175. pulumi_gcp/compute/get_networks.py +130 -0
  176. pulumi_gcp/compute/get_subnetwork.py +14 -1
  177. pulumi_gcp/compute/global_address.py +18 -2
  178. pulumi_gcp/compute/global_forwarding_rule.py +127 -108
  179. pulumi_gcp/compute/global_network_endpoint.py +18 -2
  180. pulumi_gcp/compute/global_network_endpoint_group.py +18 -2
  181. pulumi_gcp/compute/ha_vpn_gateway.py +18 -2
  182. pulumi_gcp/compute/health_check.py +18 -2
  183. pulumi_gcp/compute/http_health_check.py +18 -2
  184. pulumi_gcp/compute/https_health_check.py +18 -2
  185. pulumi_gcp/compute/image.py +22 -10
  186. pulumi_gcp/compute/instance.py +44 -36
  187. pulumi_gcp/compute/instance_group.py +24 -8
  188. pulumi_gcp/compute/instance_group_manager.py +26 -10
  189. pulumi_gcp/compute/instance_group_named_port.py +18 -2
  190. pulumi_gcp/compute/instance_settings.py +387 -0
  191. pulumi_gcp/compute/instance_template.py +29 -21
  192. pulumi_gcp/compute/interconnect_attachment.py +18 -2
  193. pulumi_gcp/compute/machine_image.py +18 -2
  194. pulumi_gcp/compute/managed_ssl_certificate.py +18 -2
  195. pulumi_gcp/compute/manged_ssl_certificate.py +18 -2
  196. pulumi_gcp/compute/network.py +18 -2
  197. pulumi_gcp/compute/network_attachment.py +156 -2
  198. pulumi_gcp/compute/network_edge_security_service.py +18 -2
  199. pulumi_gcp/compute/network_endpoint.py +18 -2
  200. pulumi_gcp/compute/network_endpoint_group.py +32 -16
  201. pulumi_gcp/compute/network_endpoint_list.py +18 -2
  202. pulumi_gcp/compute/network_firewall_policy.py +18 -2
  203. pulumi_gcp/compute/network_firewall_policy_association.py +18 -2
  204. pulumi_gcp/compute/network_firewall_policy_rule.py +18 -2
  205. pulumi_gcp/compute/network_peering.py +20 -4
  206. pulumi_gcp/compute/network_peering_routes_config.py +18 -2
  207. pulumi_gcp/compute/node_group.py +129 -2
  208. pulumi_gcp/compute/node_template.py +18 -2
  209. pulumi_gcp/compute/organization_security_policy.py +18 -2
  210. pulumi_gcp/compute/organization_security_policy_association.py +18 -2
  211. pulumi_gcp/compute/organization_security_policy_rule.py +18 -2
  212. pulumi_gcp/compute/outputs.py +230 -7
  213. pulumi_gcp/compute/packet_mirroring.py +18 -2
  214. pulumi_gcp/compute/per_instance_config.py +18 -2
  215. pulumi_gcp/compute/project_default_network_tier.py +20 -4
  216. pulumi_gcp/compute/project_metadata.py +20 -4
  217. pulumi_gcp/compute/project_metadata_item.py +20 -4
  218. pulumi_gcp/compute/public_advertised_prefix.py +18 -2
  219. pulumi_gcp/compute/public_delegated_prefix.py +18 -2
  220. pulumi_gcp/compute/region_autoscaler.py +18 -2
  221. pulumi_gcp/compute/region_backend_service.py +18 -2
  222. pulumi_gcp/compute/region_commitment.py +18 -2
  223. pulumi_gcp/compute/region_disk.py +22 -10
  224. pulumi_gcp/compute/region_disk_resource_policy_attachment.py +18 -2
  225. pulumi_gcp/compute/region_health_check.py +18 -2
  226. pulumi_gcp/compute/region_instance_group_manager.py +20 -4
  227. pulumi_gcp/compute/region_instance_template.py +29 -21
  228. pulumi_gcp/compute/region_network_endpoint_group.py +18 -2
  229. pulumi_gcp/compute/region_network_firewall_policy.py +18 -2
  230. pulumi_gcp/compute/region_network_firewall_policy_association.py +18 -2
  231. pulumi_gcp/compute/region_network_firewall_policy_rule.py +18 -2
  232. pulumi_gcp/compute/region_per_instance_config.py +18 -2
  233. pulumi_gcp/compute/region_security_policy.py +18 -2
  234. pulumi_gcp/compute/region_security_policy_rule.py +18 -2
  235. pulumi_gcp/compute/region_ssl_certificate.py +18 -2
  236. pulumi_gcp/compute/region_ssl_policy.py +18 -2
  237. pulumi_gcp/compute/region_target_http_proxy.py +18 -2
  238. pulumi_gcp/compute/region_target_https_proxy.py +18 -2
  239. pulumi_gcp/compute/region_target_tcp_proxy.py +18 -2
  240. pulumi_gcp/compute/region_url_map.py +18 -2
  241. pulumi_gcp/compute/reservation.py +18 -2
  242. pulumi_gcp/compute/resource_policy.py +18 -2
  243. pulumi_gcp/compute/route.py +18 -2
  244. pulumi_gcp/compute/router.py +18 -2
  245. pulumi_gcp/compute/router_interface.py +22 -6
  246. pulumi_gcp/compute/router_nat.py +18 -2
  247. pulumi_gcp/compute/router_peer.py +18 -2
  248. pulumi_gcp/compute/security_policy.py +52 -4
  249. pulumi_gcp/compute/security_scan_config.py +18 -2
  250. pulumi_gcp/compute/service_attachment.py +18 -2
  251. pulumi_gcp/compute/shared_vpc_host_project.py +20 -4
  252. pulumi_gcp/compute/shared_vpc_service_project.py +20 -4
  253. pulumi_gcp/compute/snapshot.py +22 -10
  254. pulumi_gcp/compute/ssl_certificate.py +18 -2
  255. pulumi_gcp/compute/ssl_policy.py +18 -2
  256. pulumi_gcp/compute/subnetwork.py +109 -2
  257. pulumi_gcp/compute/target_grpc_proxy.py +18 -2
  258. pulumi_gcp/compute/target_http_proxy.py +18 -2
  259. pulumi_gcp/compute/target_https_proxy.py +181 -16
  260. pulumi_gcp/compute/target_instance.py +18 -2
  261. pulumi_gcp/compute/target_pool.py +18 -2
  262. pulumi_gcp/compute/target_ssl_proxy.py +18 -2
  263. pulumi_gcp/compute/target_tcp_proxy.py +18 -2
  264. pulumi_gcp/compute/url_map.py +18 -2
  265. pulumi_gcp/compute/vpn_gateway.py +18 -2
  266. pulumi_gcp/compute/vpn_tunnel.py +18 -2
  267. pulumi_gcp/config/vars.py +12 -0
  268. pulumi_gcp/container/_inputs.py +299 -54
  269. pulumi_gcp/container/attached_cluster.py +18 -2
  270. pulumi_gcp/container/aws_cluster.py +24 -2
  271. pulumi_gcp/container/aws_node_pool.py +18 -2
  272. pulumi_gcp/container/azure_client.py +18 -2
  273. pulumi_gcp/container/azure_cluster.py +24 -2
  274. pulumi_gcp/container/azure_node_pool.py +18 -2
  275. pulumi_gcp/container/cluster.py +92 -29
  276. pulumi_gcp/container/get_cluster.py +11 -1
  277. pulumi_gcp/container/node_pool.py +22 -6
  278. pulumi_gcp/container/outputs.py +384 -52
  279. pulumi_gcp/containeranalysis/note.py +18 -2
  280. pulumi_gcp/containeranalysis/occurence.py +18 -2
  281. pulumi_gcp/databasemigrationservice/__init__.py +1 -0
  282. pulumi_gcp/databasemigrationservice/_inputs.py +465 -0
  283. pulumi_gcp/databasemigrationservice/connection_profile.py +122 -12
  284. pulumi_gcp/databasemigrationservice/outputs.py +466 -0
  285. pulumi_gcp/databasemigrationservice/private_connection.py +672 -0
  286. pulumi_gcp/datacatalog/entry.py +18 -2
  287. pulumi_gcp/datacatalog/entry_group.py +18 -2
  288. pulumi_gcp/datacatalog/policy_tag.py +18 -2
  289. pulumi_gcp/datacatalog/tag.py +18 -2
  290. pulumi_gcp/datacatalog/tag_template.py +18 -2
  291. pulumi_gcp/datacatalog/taxonomy.py +18 -2
  292. pulumi_gcp/dataflow/job.py +24 -12
  293. pulumi_gcp/dataflow/pipeline.py +18 -2
  294. pulumi_gcp/dataform/_inputs.py +78 -21
  295. pulumi_gcp/dataform/outputs.py +86 -20
  296. pulumi_gcp/dataform/repository.py +140 -9
  297. pulumi_gcp/dataform/repository_release_config.py +18 -2
  298. pulumi_gcp/dataform/repository_workflow_config.py +20 -4
  299. pulumi_gcp/datafusion/instance.py +22 -10
  300. pulumi_gcp/dataloss/prevention_deidentify_template.py +18 -2
  301. pulumi_gcp/dataloss/prevention_inspect_template.py +18 -2
  302. pulumi_gcp/dataloss/prevention_job_trigger.py +18 -2
  303. pulumi_gcp/dataloss/prevention_stored_info_type.py +18 -2
  304. pulumi_gcp/dataplex/asset.py +22 -10
  305. pulumi_gcp/dataplex/datascan.py +22 -10
  306. pulumi_gcp/dataplex/lake.py +22 -10
  307. pulumi_gcp/dataplex/task.py +22 -10
  308. pulumi_gcp/dataplex/zone.py +22 -10
  309. pulumi_gcp/dataproc/_inputs.py +148 -0
  310. pulumi_gcp/dataproc/autoscaling_policy.py +18 -2
  311. pulumi_gcp/dataproc/cluster.py +2 -2
  312. pulumi_gcp/dataproc/cluster_iam_binding.py +12 -20
  313. pulumi_gcp/dataproc/cluster_iam_member.py +12 -20
  314. pulumi_gcp/dataproc/cluster_iam_policy.py +12 -20
  315. pulumi_gcp/dataproc/job.py +20 -8
  316. pulumi_gcp/dataproc/job_iam_binding.py +12 -20
  317. pulumi_gcp/dataproc/job_iam_member.py +12 -20
  318. pulumi_gcp/dataproc/job_iam_policy.py +12 -20
  319. pulumi_gcp/dataproc/metastore_federation.py +22 -10
  320. pulumi_gcp/dataproc/metastore_service.py +22 -10
  321. pulumi_gcp/dataproc/outputs.py +175 -0
  322. pulumi_gcp/dataproc/workflow_template.py +18 -2
  323. pulumi_gcp/datastore/data_store_index.py +18 -2
  324. pulumi_gcp/datastream/connection_profile.py +22 -10
  325. pulumi_gcp/datastream/private_connection.py +22 -10
  326. pulumi_gcp/datastream/stream.py +22 -10
  327. pulumi_gcp/deploymentmanager/deployment.py +18 -2
  328. pulumi_gcp/diagflow/_inputs.py +626 -4
  329. pulumi_gcp/diagflow/agent.py +18 -2
  330. pulumi_gcp/diagflow/cx_agent.py +288 -21
  331. pulumi_gcp/diagflow/cx_entity_type.py +18 -2
  332. pulumi_gcp/diagflow/cx_environment.py +18 -2
  333. pulumi_gcp/diagflow/cx_flow.py +309 -4
  334. pulumi_gcp/diagflow/cx_intent.py +165 -10
  335. pulumi_gcp/diagflow/cx_page.py +109 -4
  336. pulumi_gcp/diagflow/cx_security_settings.py +18 -2
  337. pulumi_gcp/diagflow/cx_test_case.py +18 -2
  338. pulumi_gcp/diagflow/cx_version.py +18 -2
  339. pulumi_gcp/diagflow/cx_webhook.py +18 -2
  340. pulumi_gcp/diagflow/entity_type.py +18 -2
  341. pulumi_gcp/diagflow/fulfillment.py +18 -2
  342. pulumi_gcp/diagflow/intent.py +18 -2
  343. pulumi_gcp/diagflow/outputs.py +722 -5
  344. pulumi_gcp/dns/get_keys.py +16 -2
  345. pulumi_gcp/dns/managed_zone.py +22 -10
  346. pulumi_gcp/dns/policy.py +18 -2
  347. pulumi_gcp/dns/record_set.py +24 -8
  348. pulumi_gcp/dns/response_policy.py +18 -2
  349. pulumi_gcp/dns/response_policy_rule.py +18 -2
  350. pulumi_gcp/edgecontainer/__init__.py +12 -0
  351. pulumi_gcp/edgecontainer/_inputs.py +1171 -0
  352. pulumi_gcp/edgecontainer/cluster.py +1539 -0
  353. pulumi_gcp/edgecontainer/node_pool.py +1062 -0
  354. pulumi_gcp/edgecontainer/outputs.py +1204 -0
  355. pulumi_gcp/edgecontainer/vpn_connection.py +918 -0
  356. pulumi_gcp/edgenetwork/network.py +18 -2
  357. pulumi_gcp/edgenetwork/subnet.py +18 -2
  358. pulumi_gcp/essentialcontacts/contact.py +18 -2
  359. pulumi_gcp/essentialcontacts/document_ai_processor.py +18 -2
  360. pulumi_gcp/essentialcontacts/document_ai_processor_default_version.py +18 -2
  361. pulumi_gcp/essentialcontacts/document_ai_warehouse_document_schema.py +18 -2
  362. pulumi_gcp/eventarc/channel.py +18 -2
  363. pulumi_gcp/eventarc/google_channel_config.py +18 -2
  364. pulumi_gcp/eventarc/trigger.py +22 -10
  365. pulumi_gcp/filestore/backup.py +22 -10
  366. pulumi_gcp/filestore/instance.py +22 -10
  367. pulumi_gcp/filestore/snapshot.py +22 -10
  368. pulumi_gcp/firebase/__init__.py +1 -0
  369. pulumi_gcp/firebase/_inputs.py +878 -0
  370. pulumi_gcp/firebase/android_app.py +18 -2
  371. pulumi_gcp/firebase/apple_app.py +18 -2
  372. pulumi_gcp/firebase/database_instance.py +18 -2
  373. pulumi_gcp/firebase/extensions_instance.py +18 -2
  374. pulumi_gcp/firebase/hosting_channel.py +22 -10
  375. pulumi_gcp/firebase/hosting_custom_domain.py +1274 -0
  376. pulumi_gcp/firebase/hosting_release.py +18 -2
  377. pulumi_gcp/firebase/hosting_site.py +18 -2
  378. pulumi_gcp/firebase/hosting_version.py +18 -2
  379. pulumi_gcp/firebase/outputs.py +905 -0
  380. pulumi_gcp/firebase/project.py +18 -2
  381. pulumi_gcp/firebase/storage_bucket.py +18 -2
  382. pulumi_gcp/firebase/web_app.py +18 -2
  383. pulumi_gcp/firebaserules/release.py +18 -2
  384. pulumi_gcp/firebaserules/ruleset.py +18 -2
  385. pulumi_gcp/firestore/__init__.py +1 -0
  386. pulumi_gcp/firestore/_inputs.py +35 -2
  387. pulumi_gcp/firestore/backup_schedule.py +547 -0
  388. pulumi_gcp/firestore/database.py +24 -4
  389. pulumi_gcp/firestore/document.py +22 -2
  390. pulumi_gcp/firestore/field.py +27 -13
  391. pulumi_gcp/firestore/index.py +140 -21
  392. pulumi_gcp/firestore/outputs.py +31 -2
  393. pulumi_gcp/folder/access_approval_settings.py +18 -2
  394. pulumi_gcp/folder/iam_audit_config.py +10 -58
  395. pulumi_gcp/folder/iam_member.py +10 -58
  396. pulumi_gcp/folder/iam_policy.py +10 -58
  397. pulumi_gcp/folder/organization_policy.py +22 -6
  398. pulumi_gcp/gkebackup/backup_plan.py +22 -10
  399. pulumi_gcp/gkebackup/restore_plan.py +22 -10
  400. pulumi_gcp/gkebackup/restore_plan_iam_binding.py +18 -2
  401. pulumi_gcp/gkebackup/restore_plan_iam_member.py +18 -2
  402. pulumi_gcp/gkebackup/restore_plan_iam_policy.py +18 -2
  403. pulumi_gcp/gkehub/__init__.py +1 -0
  404. pulumi_gcp/gkehub/_inputs.py +431 -0
  405. pulumi_gcp/gkehub/feature.py +76 -10
  406. pulumi_gcp/gkehub/feature_membership.py +22 -2
  407. pulumi_gcp/gkehub/fleet.py +432 -0
  408. pulumi_gcp/gkehub/get_membership_iam_policy.py +24 -3
  409. pulumi_gcp/gkehub/membership.py +120 -16
  410. pulumi_gcp/gkehub/membership_binding.py +22 -10
  411. pulumi_gcp/gkehub/membership_iam_binding.py +67 -0
  412. pulumi_gcp/gkehub/membership_iam_member.py +67 -0
  413. pulumi_gcp/gkehub/membership_iam_policy.py +67 -0
  414. pulumi_gcp/gkehub/membership_rbac_role_binding.py +18 -2
  415. pulumi_gcp/gkehub/namespace.py +22 -10
  416. pulumi_gcp/gkehub/outputs.py +432 -1
  417. pulumi_gcp/gkehub/scope.py +22 -10
  418. pulumi_gcp/gkehub/scope_rbac_role_binding.py +22 -10
  419. pulumi_gcp/gkeonprem/_inputs.py +17 -31
  420. pulumi_gcp/gkeonprem/bare_metal_admin_cluster.py +148 -132
  421. pulumi_gcp/gkeonprem/bare_metal_cluster.py +260 -246
  422. pulumi_gcp/gkeonprem/bare_metal_node_pool.py +30 -18
  423. pulumi_gcp/gkeonprem/outputs.py +17 -31
  424. pulumi_gcp/gkeonprem/v_mware_cluster.py +287 -230
  425. pulumi_gcp/gkeonprem/v_mware_node_pool.py +30 -18
  426. pulumi_gcp/healthcare/consent_store.py +22 -10
  427. pulumi_gcp/healthcare/dataset.py +18 -2
  428. pulumi_gcp/healthcare/dataset_iam_binding.py +10 -38
  429. pulumi_gcp/healthcare/dataset_iam_member.py +10 -38
  430. pulumi_gcp/healthcare/dataset_iam_policy.py +10 -38
  431. pulumi_gcp/healthcare/dicom_store.py +22 -10
  432. pulumi_gcp/healthcare/dicom_store_iam_binding.py +10 -30
  433. pulumi_gcp/healthcare/dicom_store_iam_member.py +10 -30
  434. pulumi_gcp/healthcare/dicom_store_iam_policy.py +10 -30
  435. pulumi_gcp/healthcare/fhir_store.py +22 -10
  436. pulumi_gcp/healthcare/fhir_store_iam_binding.py +10 -30
  437. pulumi_gcp/healthcare/fhir_store_iam_member.py +10 -30
  438. pulumi_gcp/healthcare/fhir_store_iam_policy.py +10 -30
  439. pulumi_gcp/healthcare/hl7_store.py +22 -10
  440. pulumi_gcp/healthcare/hl7_store_iam_binding.py +10 -30
  441. pulumi_gcp/healthcare/hl7_store_iam_member.py +10 -30
  442. pulumi_gcp/healthcare/hl7_store_iam_policy.py +10 -30
  443. pulumi_gcp/iam/_inputs.py +20 -0
  444. pulumi_gcp/iam/access_boundary_policy.py +18 -2
  445. pulumi_gcp/iam/deny_policy.py +18 -2
  446. pulumi_gcp/iam/outputs.py +20 -0
  447. pulumi_gcp/iam/workforce_pool.py +18 -2
  448. pulumi_gcp/iam/workforce_pool_provider.py +18 -2
  449. pulumi_gcp/iam/workload_identity_pool.py +18 -2
  450. pulumi_gcp/iam/workload_identity_pool_provider.py +18 -2
  451. pulumi_gcp/iap/brand.py +18 -2
  452. pulumi_gcp/iap/client.py +18 -2
  453. pulumi_gcp/identityplatform/_inputs.py +92 -0
  454. pulumi_gcp/identityplatform/config.py +91 -5
  455. pulumi_gcp/identityplatform/default_supported_idp_config.py +18 -2
  456. pulumi_gcp/identityplatform/inbound_saml_config.py +18 -2
  457. pulumi_gcp/identityplatform/oauth_idp_config.py +18 -2
  458. pulumi_gcp/identityplatform/outputs.py +129 -0
  459. pulumi_gcp/identityplatform/project_default_config.py +18 -2
  460. pulumi_gcp/identityplatform/tenant.py +18 -2
  461. pulumi_gcp/identityplatform/tenant_default_supported_idp_config.py +18 -2
  462. pulumi_gcp/identityplatform/tenant_inbound_saml_config.py +18 -2
  463. pulumi_gcp/identityplatform/tenant_oauth_idp_config.py +18 -2
  464. pulumi_gcp/integrationconnectors/__init__.py +10 -0
  465. pulumi_gcp/integrationconnectors/_inputs.py +2518 -0
  466. pulumi_gcp/integrationconnectors/connection.py +1921 -0
  467. pulumi_gcp/integrationconnectors/outputs.py +2780 -0
  468. pulumi_gcp/kms/crypto_key.py +22 -10
  469. pulumi_gcp/kms/crypto_key_iam_binding.py +10 -30
  470. pulumi_gcp/kms/crypto_key_iam_member.py +10 -30
  471. pulumi_gcp/kms/crypto_key_iam_policy.py +10 -30
  472. pulumi_gcp/kms/crypto_key_version.py +18 -2
  473. pulumi_gcp/kms/key_ring.py +18 -2
  474. pulumi_gcp/kms/key_ring_iam_binding.py +10 -30
  475. pulumi_gcp/kms/key_ring_iam_member.py +10 -30
  476. pulumi_gcp/kms/key_ring_iam_policy.py +10 -30
  477. pulumi_gcp/kms/key_ring_import_job.py +18 -2
  478. pulumi_gcp/logging/_inputs.py +160 -0
  479. pulumi_gcp/logging/billing_account_bucket_config.py +61 -26
  480. pulumi_gcp/logging/billing_account_exclusion.py +20 -4
  481. pulumi_gcp/logging/billing_account_sink.py +20 -4
  482. pulumi_gcp/logging/folder_bucket_config.py +75 -4
  483. pulumi_gcp/logging/folder_exclusion.py +20 -4
  484. pulumi_gcp/logging/folder_sink.py +20 -4
  485. pulumi_gcp/logging/linked_dataset.py +18 -2
  486. pulumi_gcp/logging/log_view.py +18 -2
  487. pulumi_gcp/logging/metric.py +18 -2
  488. pulumi_gcp/logging/organization_bucket_config.py +75 -4
  489. pulumi_gcp/logging/organization_exclusion.py +20 -4
  490. pulumi_gcp/logging/organization_sink.py +20 -4
  491. pulumi_gcp/logging/outputs.py +196 -0
  492. pulumi_gcp/logging/project_bucket_config.py +59 -134
  493. pulumi_gcp/logging/project_exclusion.py +20 -4
  494. pulumi_gcp/logging/project_sink.py +95 -18
  495. pulumi_gcp/looker/instance.py +18 -2
  496. pulumi_gcp/memcache/instance.py +22 -10
  497. pulumi_gcp/ml/engine_model.py +22 -10
  498. pulumi_gcp/monitoring/_inputs.py +127 -13
  499. pulumi_gcp/monitoring/alert_policy.py +64 -2
  500. pulumi_gcp/monitoring/custom_service.py +18 -2
  501. pulumi_gcp/monitoring/dashboard.py +18 -2
  502. pulumi_gcp/monitoring/generic_service.py +18 -2
  503. pulumi_gcp/monitoring/group.py +18 -2
  504. pulumi_gcp/monitoring/metric_descriptor.py +18 -2
  505. pulumi_gcp/monitoring/monitored_project.py +18 -2
  506. pulumi_gcp/monitoring/notification_channel.py +18 -2
  507. pulumi_gcp/monitoring/outputs.py +158 -13
  508. pulumi_gcp/monitoring/slo.py +18 -2
  509. pulumi_gcp/monitoring/uptime_check_config.py +92 -9
  510. pulumi_gcp/networkconnectivity/__init__.py +1 -0
  511. pulumi_gcp/networkconnectivity/_inputs.py +185 -0
  512. pulumi_gcp/networkconnectivity/hub.py +22 -10
  513. pulumi_gcp/networkconnectivity/outputs.py +189 -0
  514. pulumi_gcp/networkconnectivity/policy_based_route.py +1003 -0
  515. pulumi_gcp/networkconnectivity/service_connection_policy.py +22 -10
  516. pulumi_gcp/networkconnectivity/spoke.py +22 -10
  517. pulumi_gcp/networkmanagement/connectivity_test.py +22 -10
  518. pulumi_gcp/networksecurity/address_group.py +22 -10
  519. pulumi_gcp/networksecurity/authorization_policy.py +22 -10
  520. pulumi_gcp/networksecurity/client_tls_policy.py +22 -10
  521. pulumi_gcp/networksecurity/gateway_security_policy.py +18 -2
  522. pulumi_gcp/networksecurity/gateway_security_policy_rule.py +18 -2
  523. pulumi_gcp/networksecurity/server_tls_policy.py +92 -10
  524. pulumi_gcp/networksecurity/tls_inspection_policy.py +18 -2
  525. pulumi_gcp/networksecurity/url_list.py +18 -2
  526. pulumi_gcp/networkservices/edge_cache_keyset.py +22 -10
  527. pulumi_gcp/networkservices/edge_cache_origin.py +22 -10
  528. pulumi_gcp/networkservices/edge_cache_service.py +22 -10
  529. pulumi_gcp/networkservices/endpoint_policy.py +22 -10
  530. pulumi_gcp/networkservices/gateway.py +22 -10
  531. pulumi_gcp/networkservices/grpc_route.py +22 -10
  532. pulumi_gcp/networkservices/http_route.py +22 -10
  533. pulumi_gcp/networkservices/mesh.py +22 -10
  534. pulumi_gcp/networkservices/service_binding.py +22 -10
  535. pulumi_gcp/networkservices/tcp_route.py +22 -10
  536. pulumi_gcp/networkservices/tls_route.py +18 -2
  537. pulumi_gcp/notebooks/environment.py +18 -2
  538. pulumi_gcp/notebooks/instance.py +22 -10
  539. pulumi_gcp/notebooks/location.py +18 -2
  540. pulumi_gcp/notebooks/runtime.py +18 -2
  541. pulumi_gcp/organizations/access_approval_settings.py +18 -2
  542. pulumi_gcp/organizations/folder.py +22 -6
  543. pulumi_gcp/organizations/iam_member.py +10 -58
  544. pulumi_gcp/organizations/iam_policy.py +10 -58
  545. pulumi_gcp/organizations/policy.py +22 -4
  546. pulumi_gcp/organizations/project.py +24 -12
  547. pulumi_gcp/orgpolicy/custom_constraint.py +50 -22
  548. pulumi_gcp/orgpolicy/policy.py +18 -2
  549. pulumi_gcp/osconfig/guest_policies.py +18 -2
  550. pulumi_gcp/osconfig/os_policy_assignment.py +18 -2
  551. pulumi_gcp/osconfig/patch_deployment.py +18 -2
  552. pulumi_gcp/oslogin/ssh_public_key.py +18 -2
  553. pulumi_gcp/projects/access_approval_settings.py +18 -2
  554. pulumi_gcp/projects/api_key.py +18 -2
  555. pulumi_gcp/projects/iam_audit_config.py +10 -58
  556. pulumi_gcp/projects/iam_binding.py +10 -58
  557. pulumi_gcp/projects/iam_custom_role.py +18 -2
  558. pulumi_gcp/projects/iam_member.py +10 -58
  559. pulumi_gcp/projects/iam_policy.py +10 -58
  560. pulumi_gcp/projects/organization_policy.py +24 -8
  561. pulumi_gcp/projects/service.py +22 -4
  562. pulumi_gcp/projects/usage_export_bucket.py +20 -4
  563. pulumi_gcp/provider.py +60 -0
  564. pulumi_gcp/pubsub/__init__.py +4 -0
  565. pulumi_gcp/pubsub/_inputs.py +80 -0
  566. pulumi_gcp/pubsub/get_schema_iam_policy.py +147 -0
  567. pulumi_gcp/pubsub/lite_reservation.py +18 -2
  568. pulumi_gcp/pubsub/lite_subscription.py +18 -2
  569. pulumi_gcp/pubsub/lite_topic.py +18 -2
  570. pulumi_gcp/pubsub/outputs.py +56 -0
  571. pulumi_gcp/pubsub/schema.py +18 -2
  572. pulumi_gcp/pubsub/schema_iam_binding.py +601 -0
  573. pulumi_gcp/pubsub/schema_iam_member.py +601 -0
  574. pulumi_gcp/pubsub/schema_iam_policy.py +523 -0
  575. pulumi_gcp/pubsub/subscription.py +22 -10
  576. pulumi_gcp/pubsub/subscription_iam_binding.py +12 -20
  577. pulumi_gcp/pubsub/subscription_iam_member.py +12 -20
  578. pulumi_gcp/pubsub/subscription_iam_policy.py +12 -20
  579. pulumi_gcp/pubsub/topic.py +36 -17
  580. pulumi_gcp/recaptcha/enterprise_key.py +22 -10
  581. pulumi_gcp/redis/cluster.py +42 -18
  582. pulumi_gcp/redis/instance.py +22 -58
  583. pulumi_gcp/resourcemanager/lien.py +18 -2
  584. pulumi_gcp/runtimeconfig/config.py +26 -6
  585. pulumi_gcp/runtimeconfig/variable.py +26 -6
  586. pulumi_gcp/secretmanager/__init__.py +1 -0
  587. pulumi_gcp/secretmanager/get_secrets.py +133 -0
  588. pulumi_gcp/secretmanager/outputs.py +354 -0
  589. pulumi_gcp/secretmanager/secret.py +36 -10
  590. pulumi_gcp/secretmanager/secret_version.py +18 -2
  591. pulumi_gcp/securitycenter/folder_custom_module.py +18 -2
  592. pulumi_gcp/securitycenter/instance_iam_binding.py +18 -2
  593. pulumi_gcp/securitycenter/instance_iam_member.py +18 -2
  594. pulumi_gcp/securitycenter/instance_iam_policy.py +18 -2
  595. pulumi_gcp/securitycenter/mute_config.py +18 -2
  596. pulumi_gcp/securitycenter/notification_config.py +18 -2
  597. pulumi_gcp/securitycenter/organization_custom_module.py +18 -2
  598. pulumi_gcp/securitycenter/project_custom_module.py +18 -2
  599. pulumi_gcp/securitycenter/source.py +18 -2
  600. pulumi_gcp/securitycenter/source_iam_binding.py +18 -2
  601. pulumi_gcp/securitycenter/source_iam_member.py +18 -2
  602. pulumi_gcp/securitycenter/source_iam_policy.py +18 -2
  603. pulumi_gcp/serviceaccount/account.py +20 -4
  604. pulumi_gcp/serviceaccount/iam_binding.py +2 -30
  605. pulumi_gcp/serviceaccount/iam_member.py +2 -30
  606. pulumi_gcp/serviceaccount/iam_policy.py +2 -30
  607. pulumi_gcp/servicedirectory/endpoint.py +18 -2
  608. pulumi_gcp/servicedirectory/namespace.py +22 -10
  609. pulumi_gcp/servicedirectory/service.py +18 -2
  610. pulumi_gcp/servicenetworking/connection.py +22 -6
  611. pulumi_gcp/servicenetworking/peered_dns_domain.py +18 -6
  612. pulumi_gcp/serviceusage/consumer_quota_override.py +18 -2
  613. pulumi_gcp/sourcerepo/repository.py +18 -2
  614. pulumi_gcp/spanner/_inputs.py +142 -0
  615. pulumi_gcp/spanner/database.py +18 -2
  616. pulumi_gcp/spanner/database_iam_binding.py +10 -26
  617. pulumi_gcp/spanner/database_iam_member.py +10 -26
  618. pulumi_gcp/spanner/database_iam_policy.py +10 -26
  619. pulumi_gcp/spanner/get_instance.py +12 -1
  620. pulumi_gcp/spanner/instance.py +99 -10
  621. pulumi_gcp/spanner/instance_iam_binding.py +10 -26
  622. pulumi_gcp/spanner/instance_iam_member.py +10 -26
  623. pulumi_gcp/spanner/instance_iam_policy.py +10 -26
  624. pulumi_gcp/spanner/outputs.py +236 -0
  625. pulumi_gcp/sql/_inputs.py +27 -7
  626. pulumi_gcp/sql/database.py +18 -2
  627. pulumi_gcp/sql/database_instance.py +24 -8
  628. pulumi_gcp/sql/outputs.py +41 -9
  629. pulumi_gcp/sql/source_representation_instance.py +25 -9
  630. pulumi_gcp/sql/user.py +38 -8
  631. pulumi_gcp/storage/_inputs.py +59 -1
  632. pulumi_gcp/storage/bucket.py +69 -6
  633. pulumi_gcp/storage/bucket_access_control.py +18 -2
  634. pulumi_gcp/storage/bucket_object.py +47 -0
  635. pulumi_gcp/storage/default_object_access_control.py +18 -2
  636. pulumi_gcp/storage/get_bucket.py +11 -1
  637. pulumi_gcp/storage/get_bucket_object.py +11 -1
  638. pulumi_gcp/storage/get_bucket_object_content.py +11 -1
  639. pulumi_gcp/storage/hmac_key.py +18 -2
  640. pulumi_gcp/storage/insights_report_config.py +18 -2
  641. pulumi_gcp/storage/notification.py +20 -4
  642. pulumi_gcp/storage/object_access_control.py +18 -2
  643. pulumi_gcp/storage/outputs.py +129 -2
  644. pulumi_gcp/storage/transfer_agent_pool.py +18 -2
  645. pulumi_gcp/storage/transfer_job.py +20 -4
  646. pulumi_gcp/tags/location_tag_binding.py +35 -19
  647. pulumi_gcp/tags/tag_binding.py +18 -2
  648. pulumi_gcp/tags/tag_key.py +18 -2
  649. pulumi_gcp/tags/tag_value.py +18 -2
  650. pulumi_gcp/tpu/_inputs.py +450 -0
  651. pulumi_gcp/tpu/node.py +22 -10
  652. pulumi_gcp/tpu/outputs.py +477 -0
  653. pulumi_gcp/tpu/v2_vm.py +906 -38
  654. pulumi_gcp/vertex/_inputs.py +39 -0
  655. pulumi_gcp/vertex/ai_dataset.py +4 -8
  656. pulumi_gcp/vertex/ai_endpoint.py +22 -10
  657. pulumi_gcp/vertex/ai_feature_store.py +22 -10
  658. pulumi_gcp/vertex/ai_feature_store_entity_type.py +22 -10
  659. pulumi_gcp/vertex/ai_feature_store_entity_type_feature.py +22 -10
  660. pulumi_gcp/vertex/ai_index.py +22 -10
  661. pulumi_gcp/vertex/ai_index_endpoint.py +116 -10
  662. pulumi_gcp/vertex/ai_metadata_store.py +18 -2
  663. pulumi_gcp/vertex/ai_tensorboard.py +22 -10
  664. pulumi_gcp/vertex/outputs.py +50 -0
  665. pulumi_gcp/vmwareengine/cluster.py +18 -2
  666. pulumi_gcp/vmwareengine/network.py +18 -2
  667. pulumi_gcp/vmwareengine/private_cloud.py +18 -2
  668. pulumi_gcp/vpcaccess/connector.py +18 -2
  669. pulumi_gcp/workflows/workflow.py +159 -11
  670. pulumi_gcp/workstations/_inputs.py +23 -0
  671. pulumi_gcp/workstations/outputs.py +19 -0
  672. pulumi_gcp/workstations/workstation.py +22 -10
  673. pulumi_gcp/workstations/workstation_cluster.py +142 -10
  674. pulumi_gcp/workstations/workstation_config.py +24 -12
  675. {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/METADATA +1 -1
  676. {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/RECORD +678 -650
  677. {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/WHEEL +0 -0
  678. {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/top_level.txt +0 -0
@@ -16,19 +16,22 @@ __all__ = ['WorkloadArgs', 'Workload']
16
16
  @pulumi.input_type
17
17
  class WorkloadArgs:
18
18
  def __init__(__self__, *,
19
- billing_account: pulumi.Input[str],
20
19
  compliance_regime: pulumi.Input[str],
21
20
  display_name: pulumi.Input[str],
22
21
  location: pulumi.Input[str],
23
22
  organization: pulumi.Input[str],
23
+ billing_account: Optional[pulumi.Input[str]] = None,
24
+ enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
24
25
  kms_settings: Optional[pulumi.Input['WorkloadKmsSettingsArgs']] = None,
25
26
  labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
27
+ partner: Optional[pulumi.Input[str]] = None,
28
+ partner_permissions: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']] = None,
26
29
  provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
27
- resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]] = None):
30
+ resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]] = None,
31
+ violation_notifications_enabled: Optional[pulumi.Input[bool]] = None):
28
32
  """
29
33
  The set of arguments for constructing a Workload resource.
30
- :param pulumi.Input[str] billing_account: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
31
- :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
34
+ :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
32
35
  :param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
33
36
  :param pulumi.Input[str] location: The location for the resource
34
37
  :param pulumi.Input[str] organization: The organization for the resource
@@ -36,45 +39,47 @@ class WorkloadArgs:
36
39
 
37
40
 
38
41
  - - -
39
- :param pulumi.Input['WorkloadKmsSettingsArgs'] kms_settings: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
42
+ :param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
43
+ :param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
44
+ :param pulumi.Input['WorkloadKmsSettingsArgs'] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
40
45
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
41
46
 
42
47
  **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
43
48
  Please refer to the field `effective_labels` for all of the labels present on the resource.
44
- :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
49
+ :param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
50
+ :param pulumi.Input['WorkloadPartnerPermissionsArgs'] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
51
+ :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
45
52
  :param pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
53
+ :param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
46
54
  """
47
- pulumi.set(__self__, "billing_account", billing_account)
48
55
  pulumi.set(__self__, "compliance_regime", compliance_regime)
49
56
  pulumi.set(__self__, "display_name", display_name)
50
57
  pulumi.set(__self__, "location", location)
51
58
  pulumi.set(__self__, "organization", organization)
59
+ if billing_account is not None:
60
+ pulumi.set(__self__, "billing_account", billing_account)
61
+ if enable_sovereign_controls is not None:
62
+ pulumi.set(__self__, "enable_sovereign_controls", enable_sovereign_controls)
52
63
  if kms_settings is not None:
53
64
  pulumi.set(__self__, "kms_settings", kms_settings)
54
65
  if labels is not None:
55
66
  pulumi.set(__self__, "labels", labels)
67
+ if partner is not None:
68
+ pulumi.set(__self__, "partner", partner)
69
+ if partner_permissions is not None:
70
+ pulumi.set(__self__, "partner_permissions", partner_permissions)
56
71
  if provisioned_resources_parent is not None:
57
72
  pulumi.set(__self__, "provisioned_resources_parent", provisioned_resources_parent)
58
73
  if resource_settings is not None:
59
74
  pulumi.set(__self__, "resource_settings", resource_settings)
60
-
61
- @property
62
- @pulumi.getter(name="billingAccount")
63
- def billing_account(self) -> pulumi.Input[str]:
64
- """
65
- Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
66
- """
67
- return pulumi.get(self, "billing_account")
68
-
69
- @billing_account.setter
70
- def billing_account(self, value: pulumi.Input[str]):
71
- pulumi.set(self, "billing_account", value)
75
+ if violation_notifications_enabled is not None:
76
+ pulumi.set(__self__, "violation_notifications_enabled", violation_notifications_enabled)
72
77
 
73
78
  @property
74
79
  @pulumi.getter(name="complianceRegime")
75
80
  def compliance_regime(self) -> pulumi.Input[str]:
76
81
  """
77
- Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
82
+ Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
78
83
  """
79
84
  return pulumi.get(self, "compliance_regime")
80
85
 
@@ -122,11 +127,35 @@ class WorkloadArgs:
122
127
  def organization(self, value: pulumi.Input[str]):
123
128
  pulumi.set(self, "organization", value)
124
129
 
130
+ @property
131
+ @pulumi.getter(name="billingAccount")
132
+ def billing_account(self) -> Optional[pulumi.Input[str]]:
133
+ """
134
+ Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
135
+ """
136
+ return pulumi.get(self, "billing_account")
137
+
138
+ @billing_account.setter
139
+ def billing_account(self, value: Optional[pulumi.Input[str]]):
140
+ pulumi.set(self, "billing_account", value)
141
+
142
+ @property
143
+ @pulumi.getter(name="enableSovereignControls")
144
+ def enable_sovereign_controls(self) -> Optional[pulumi.Input[bool]]:
145
+ """
146
+ Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
147
+ """
148
+ return pulumi.get(self, "enable_sovereign_controls")
149
+
150
+ @enable_sovereign_controls.setter
151
+ def enable_sovereign_controls(self, value: Optional[pulumi.Input[bool]]):
152
+ pulumi.set(self, "enable_sovereign_controls", value)
153
+
125
154
  @property
126
155
  @pulumi.getter(name="kmsSettings")
127
156
  def kms_settings(self) -> Optional[pulumi.Input['WorkloadKmsSettingsArgs']]:
128
157
  """
129
- Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
158
+ **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
130
159
  """
131
160
  return pulumi.get(self, "kms_settings")
132
161
 
@@ -149,11 +178,35 @@ class WorkloadArgs:
149
178
  def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
150
179
  pulumi.set(self, "labels", value)
151
180
 
181
+ @property
182
+ @pulumi.getter
183
+ def partner(self) -> Optional[pulumi.Input[str]]:
184
+ """
185
+ Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
186
+ """
187
+ return pulumi.get(self, "partner")
188
+
189
+ @partner.setter
190
+ def partner(self, value: Optional[pulumi.Input[str]]):
191
+ pulumi.set(self, "partner", value)
192
+
193
+ @property
194
+ @pulumi.getter(name="partnerPermissions")
195
+ def partner_permissions(self) -> Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]:
196
+ """
197
+ Optional. Permissions granted to the AW Partner SA account for the customer workload
198
+ """
199
+ return pulumi.get(self, "partner_permissions")
200
+
201
+ @partner_permissions.setter
202
+ def partner_permissions(self, value: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]):
203
+ pulumi.set(self, "partner_permissions", value)
204
+
152
205
  @property
153
206
  @pulumi.getter(name="provisionedResourcesParent")
154
207
  def provisioned_resources_parent(self) -> Optional[pulumi.Input[str]]:
155
208
  """
156
- Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
209
+ Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
157
210
  """
158
211
  return pulumi.get(self, "provisioned_resources_parent")
159
212
 
@@ -173,33 +226,58 @@ class WorkloadArgs:
173
226
  def resource_settings(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]]):
174
227
  pulumi.set(self, "resource_settings", value)
175
228
 
229
+ @property
230
+ @pulumi.getter(name="violationNotificationsEnabled")
231
+ def violation_notifications_enabled(self) -> Optional[pulumi.Input[bool]]:
232
+ """
233
+ Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
234
+ """
235
+ return pulumi.get(self, "violation_notifications_enabled")
236
+
237
+ @violation_notifications_enabled.setter
238
+ def violation_notifications_enabled(self, value: Optional[pulumi.Input[bool]]):
239
+ pulumi.set(self, "violation_notifications_enabled", value)
240
+
176
241
 
177
242
  @pulumi.input_type
178
243
  class _WorkloadState:
179
244
  def __init__(__self__, *,
180
245
  billing_account: Optional[pulumi.Input[str]] = None,
181
246
  compliance_regime: Optional[pulumi.Input[str]] = None,
247
+ compliance_statuses: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]]] = None,
248
+ compliant_but_disallowed_services: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
182
249
  create_time: Optional[pulumi.Input[str]] = None,
183
250
  display_name: Optional[pulumi.Input[str]] = None,
184
251
  effective_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
252
+ ekm_provisioning_responses: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]]] = None,
253
+ enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
254
+ kaj_enrollment_state: Optional[pulumi.Input[str]] = None,
185
255
  kms_settings: Optional[pulumi.Input['WorkloadKmsSettingsArgs']] = None,
186
256
  labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
187
257
  location: Optional[pulumi.Input[str]] = None,
188
258
  name: Optional[pulumi.Input[str]] = None,
189
259
  organization: Optional[pulumi.Input[str]] = None,
260
+ partner: Optional[pulumi.Input[str]] = None,
261
+ partner_permissions: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']] = None,
190
262
  provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
191
263
  pulumi_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
192
264
  resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]] = None,
193
- resources: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]]] = None):
265
+ resources: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]]] = None,
266
+ saa_enrollment_responses: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]]] = None,
267
+ violation_notifications_enabled: Optional[pulumi.Input[bool]] = None):
194
268
  """
195
269
  Input properties used for looking up and filtering Workload resources.
196
- :param pulumi.Input[str] billing_account: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
197
- :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
270
+ :param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
271
+ :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
272
+ :param pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]] compliance_statuses: Output only. Count of active Violations in the Workload.
273
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] compliant_but_disallowed_services: Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
198
274
  :param pulumi.Input[str] create_time: Output only. Immutable. The Workload creation timestamp.
199
275
  :param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
200
- :param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other
201
- clients and services.
202
- :param pulumi.Input['WorkloadKmsSettingsArgs'] kms_settings: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
276
+ :param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
277
+ :param pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]] ekm_provisioning_responses: Optional. Represents the Ekm Provisioning State of the given workload.
278
+ :param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
279
+ :param pulumi.Input[str] kaj_enrollment_state: Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
280
+ :param pulumi.Input['WorkloadKmsSettingsArgs'] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
203
281
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
204
282
 
205
283
  **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
@@ -211,21 +289,35 @@ class _WorkloadState:
211
289
 
212
290
 
213
291
  - - -
214
- :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
292
+ :param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
293
+ :param pulumi.Input['WorkloadPartnerPermissionsArgs'] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
294
+ :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
215
295
  :param pulumi.Input[Mapping[str, Any]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider.
216
296
  :param pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
217
297
  :param pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]] resources: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.
298
+ :param pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]] saa_enrollment_responses: Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
299
+ :param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
218
300
  """
219
301
  if billing_account is not None:
220
302
  pulumi.set(__self__, "billing_account", billing_account)
221
303
  if compliance_regime is not None:
222
304
  pulumi.set(__self__, "compliance_regime", compliance_regime)
305
+ if compliance_statuses is not None:
306
+ pulumi.set(__self__, "compliance_statuses", compliance_statuses)
307
+ if compliant_but_disallowed_services is not None:
308
+ pulumi.set(__self__, "compliant_but_disallowed_services", compliant_but_disallowed_services)
223
309
  if create_time is not None:
224
310
  pulumi.set(__self__, "create_time", create_time)
225
311
  if display_name is not None:
226
312
  pulumi.set(__self__, "display_name", display_name)
227
313
  if effective_labels is not None:
228
314
  pulumi.set(__self__, "effective_labels", effective_labels)
315
+ if ekm_provisioning_responses is not None:
316
+ pulumi.set(__self__, "ekm_provisioning_responses", ekm_provisioning_responses)
317
+ if enable_sovereign_controls is not None:
318
+ pulumi.set(__self__, "enable_sovereign_controls", enable_sovereign_controls)
319
+ if kaj_enrollment_state is not None:
320
+ pulumi.set(__self__, "kaj_enrollment_state", kaj_enrollment_state)
229
321
  if kms_settings is not None:
230
322
  pulumi.set(__self__, "kms_settings", kms_settings)
231
323
  if labels is not None:
@@ -236,6 +328,10 @@ class _WorkloadState:
236
328
  pulumi.set(__self__, "name", name)
237
329
  if organization is not None:
238
330
  pulumi.set(__self__, "organization", organization)
331
+ if partner is not None:
332
+ pulumi.set(__self__, "partner", partner)
333
+ if partner_permissions is not None:
334
+ pulumi.set(__self__, "partner_permissions", partner_permissions)
239
335
  if provisioned_resources_parent is not None:
240
336
  pulumi.set(__self__, "provisioned_resources_parent", provisioned_resources_parent)
241
337
  if pulumi_labels is not None:
@@ -244,12 +340,16 @@ class _WorkloadState:
244
340
  pulumi.set(__self__, "resource_settings", resource_settings)
245
341
  if resources is not None:
246
342
  pulumi.set(__self__, "resources", resources)
343
+ if saa_enrollment_responses is not None:
344
+ pulumi.set(__self__, "saa_enrollment_responses", saa_enrollment_responses)
345
+ if violation_notifications_enabled is not None:
346
+ pulumi.set(__self__, "violation_notifications_enabled", violation_notifications_enabled)
247
347
 
248
348
  @property
249
349
  @pulumi.getter(name="billingAccount")
250
350
  def billing_account(self) -> Optional[pulumi.Input[str]]:
251
351
  """
252
- Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
352
+ Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
253
353
  """
254
354
  return pulumi.get(self, "billing_account")
255
355
 
@@ -261,7 +361,7 @@ class _WorkloadState:
261
361
  @pulumi.getter(name="complianceRegime")
262
362
  def compliance_regime(self) -> Optional[pulumi.Input[str]]:
263
363
  """
264
- Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
364
+ Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
265
365
  """
266
366
  return pulumi.get(self, "compliance_regime")
267
367
 
@@ -269,6 +369,30 @@ class _WorkloadState:
269
369
  def compliance_regime(self, value: Optional[pulumi.Input[str]]):
270
370
  pulumi.set(self, "compliance_regime", value)
271
371
 
372
+ @property
373
+ @pulumi.getter(name="complianceStatuses")
374
+ def compliance_statuses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]]]:
375
+ """
376
+ Output only. Count of active Violations in the Workload.
377
+ """
378
+ return pulumi.get(self, "compliance_statuses")
379
+
380
+ @compliance_statuses.setter
381
+ def compliance_statuses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]]]):
382
+ pulumi.set(self, "compliance_statuses", value)
383
+
384
+ @property
385
+ @pulumi.getter(name="compliantButDisallowedServices")
386
+ def compliant_but_disallowed_services(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
387
+ """
388
+ Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
389
+ """
390
+ return pulumi.get(self, "compliant_but_disallowed_services")
391
+
392
+ @compliant_but_disallowed_services.setter
393
+ def compliant_but_disallowed_services(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
394
+ pulumi.set(self, "compliant_but_disallowed_services", value)
395
+
272
396
  @property
273
397
  @pulumi.getter(name="createTime")
274
398
  def create_time(self) -> Optional[pulumi.Input[str]]:
@@ -297,8 +421,7 @@ class _WorkloadState:
297
421
  @pulumi.getter(name="effectiveLabels")
298
422
  def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
299
423
  """
300
- All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other
301
- clients and services.
424
+ All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
302
425
  """
303
426
  return pulumi.get(self, "effective_labels")
304
427
 
@@ -306,11 +429,47 @@ class _WorkloadState:
306
429
  def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
307
430
  pulumi.set(self, "effective_labels", value)
308
431
 
432
+ @property
433
+ @pulumi.getter(name="ekmProvisioningResponses")
434
+ def ekm_provisioning_responses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]]]:
435
+ """
436
+ Optional. Represents the Ekm Provisioning State of the given workload.
437
+ """
438
+ return pulumi.get(self, "ekm_provisioning_responses")
439
+
440
+ @ekm_provisioning_responses.setter
441
+ def ekm_provisioning_responses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]]]):
442
+ pulumi.set(self, "ekm_provisioning_responses", value)
443
+
444
+ @property
445
+ @pulumi.getter(name="enableSovereignControls")
446
+ def enable_sovereign_controls(self) -> Optional[pulumi.Input[bool]]:
447
+ """
448
+ Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
449
+ """
450
+ return pulumi.get(self, "enable_sovereign_controls")
451
+
452
+ @enable_sovereign_controls.setter
453
+ def enable_sovereign_controls(self, value: Optional[pulumi.Input[bool]]):
454
+ pulumi.set(self, "enable_sovereign_controls", value)
455
+
456
+ @property
457
+ @pulumi.getter(name="kajEnrollmentState")
458
+ def kaj_enrollment_state(self) -> Optional[pulumi.Input[str]]:
459
+ """
460
+ Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
461
+ """
462
+ return pulumi.get(self, "kaj_enrollment_state")
463
+
464
+ @kaj_enrollment_state.setter
465
+ def kaj_enrollment_state(self, value: Optional[pulumi.Input[str]]):
466
+ pulumi.set(self, "kaj_enrollment_state", value)
467
+
309
468
  @property
310
469
  @pulumi.getter(name="kmsSettings")
311
470
  def kms_settings(self) -> Optional[pulumi.Input['WorkloadKmsSettingsArgs']]:
312
471
  """
313
- Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
472
+ **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
314
473
  """
315
474
  return pulumi.get(self, "kms_settings")
316
475
 
@@ -373,11 +532,35 @@ class _WorkloadState:
373
532
  def organization(self, value: Optional[pulumi.Input[str]]):
374
533
  pulumi.set(self, "organization", value)
375
534
 
535
+ @property
536
+ @pulumi.getter
537
+ def partner(self) -> Optional[pulumi.Input[str]]:
538
+ """
539
+ Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
540
+ """
541
+ return pulumi.get(self, "partner")
542
+
543
+ @partner.setter
544
+ def partner(self, value: Optional[pulumi.Input[str]]):
545
+ pulumi.set(self, "partner", value)
546
+
547
+ @property
548
+ @pulumi.getter(name="partnerPermissions")
549
+ def partner_permissions(self) -> Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]:
550
+ """
551
+ Optional. Permissions granted to the AW Partner SA account for the customer workload
552
+ """
553
+ return pulumi.get(self, "partner_permissions")
554
+
555
+ @partner_permissions.setter
556
+ def partner_permissions(self, value: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]):
557
+ pulumi.set(self, "partner_permissions", value)
558
+
376
559
  @property
377
560
  @pulumi.getter(name="provisionedResourcesParent")
378
561
  def provisioned_resources_parent(self) -> Optional[pulumi.Input[str]]:
379
562
  """
380
- Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
563
+ Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
381
564
  """
382
565
  return pulumi.get(self, "provisioned_resources_parent")
383
566
 
@@ -421,6 +604,30 @@ class _WorkloadState:
421
604
  def resources(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]]]):
422
605
  pulumi.set(self, "resources", value)
423
606
 
607
+ @property
608
+ @pulumi.getter(name="saaEnrollmentResponses")
609
+ def saa_enrollment_responses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]]]:
610
+ """
611
+ Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
612
+ """
613
+ return pulumi.get(self, "saa_enrollment_responses")
614
+
615
+ @saa_enrollment_responses.setter
616
+ def saa_enrollment_responses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]]]):
617
+ pulumi.set(self, "saa_enrollment_responses", value)
618
+
619
+ @property
620
+ @pulumi.getter(name="violationNotificationsEnabled")
621
+ def violation_notifications_enabled(self) -> Optional[pulumi.Input[bool]]:
622
+ """
623
+ Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
624
+ """
625
+ return pulumi.get(self, "violation_notifications_enabled")
626
+
627
+ @violation_notifications_enabled.setter
628
+ def violation_notifications_enabled(self, value: Optional[pulumi.Input[bool]]):
629
+ pulumi.set(self, "violation_notifications_enabled", value)
630
+
424
631
 
425
632
  class Workload(pulumi.CustomResource):
426
633
  @overload
@@ -430,12 +637,16 @@ class Workload(pulumi.CustomResource):
430
637
  billing_account: Optional[pulumi.Input[str]] = None,
431
638
  compliance_regime: Optional[pulumi.Input[str]] = None,
432
639
  display_name: Optional[pulumi.Input[str]] = None,
640
+ enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
433
641
  kms_settings: Optional[pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']]] = None,
434
642
  labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
435
643
  location: Optional[pulumi.Input[str]] = None,
436
644
  organization: Optional[pulumi.Input[str]] = None,
645
+ partner: Optional[pulumi.Input[str]] = None,
646
+ partner_permissions: Optional[pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']]] = None,
437
647
  provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
438
648
  resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]]] = None,
649
+ violation_notifications_enabled: Optional[pulumi.Input[bool]] = None,
439
650
  __props__=None):
440
651
  """
441
652
  The AssuredWorkloads Workload resource
@@ -450,7 +661,7 @@ class Workload(pulumi.CustomResource):
450
661
  primary = gcp.assuredworkloads.Workload("primary",
451
662
  billing_account="billingAccounts/000000-0000000-0000000-000000",
452
663
  compliance_regime="FEDRAMP_MODERATE",
453
- display_name="Workload Example",
664
+ display_name="{{display}}",
454
665
  kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
455
666
  next_rotation_time="9999-10-02T15:01:23Z",
456
667
  rotation_period="10368000s",
@@ -463,7 +674,39 @@ class Workload(pulumi.CustomResource):
463
674
  provisioned_resources_parent="folders/519620126891",
464
675
  resource_settings=[
465
676
  gcp.assuredworkloads.WorkloadResourceSettingArgs(
466
- resource_type="CONSUMER_PROJECT",
677
+ display_name="folder-display-name",
678
+ resource_type="CONSUMER_FOLDER",
679
+ ),
680
+ gcp.assuredworkloads.WorkloadResourceSettingArgs(
681
+ resource_type="ENCRYPTION_KEYS_PROJECT",
682
+ ),
683
+ gcp.assuredworkloads.WorkloadResourceSettingArgs(
684
+ resource_id="ring",
685
+ resource_type="KEYRING",
686
+ ),
687
+ ],
688
+ violation_notifications_enabled=True)
689
+ ```
690
+ ### Sovereign_controls_workload
691
+ A Sovereign Controls test of the assuredworkloads api
692
+ ```python
693
+ import pulumi
694
+ import pulumi_gcp as gcp
695
+
696
+ primary = gcp.assuredworkloads.Workload("primary",
697
+ compliance_regime="EU_REGIONS_AND_SUPPORT",
698
+ display_name="display",
699
+ location="europe-west9",
700
+ organization="123456789",
701
+ billing_account="billingAccounts/000000-0000000-0000000-000000",
702
+ enable_sovereign_controls=True,
703
+ kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
704
+ next_rotation_time="9999-10-02T15:01:23Z",
705
+ rotation_period="10368000s",
706
+ ),
707
+ resource_settings=[
708
+ gcp.assuredworkloads.WorkloadResourceSettingArgs(
709
+ resource_type="CONSUMER_FOLDER",
467
710
  ),
468
711
  gcp.assuredworkloads.WorkloadResourceSettingArgs(
469
712
  resource_type="ENCRYPTION_KEYS_PROJECT",
@@ -472,12 +715,24 @@ class Workload(pulumi.CustomResource):
472
715
  resource_id="ring",
473
716
  resource_type="KEYRING",
474
717
  ),
475
- ])
718
+ ],
719
+ labels={
720
+ "label-one": "value-one",
721
+ },
722
+ opts=pulumi.ResourceOptions(provider=google_beta))
476
723
  ```
477
724
 
478
725
  ## Import
479
726
 
480
- Workload can be imported using any of these accepted formats
727
+ Workload can be imported using any of these accepted formats* `organizations/{{organization}}/locations/{{location}}/workloads/{{name}}` * `{{organization}}/{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Workload using one of the formats above. For exampletf import {
728
+
729
+ id = "organizations/{{organization}}/locations/{{location}}/workloads/{{name}}"
730
+
731
+ to = google_assured_workloads_workload.default }
732
+
733
+ ```sh
734
+ $ pulumi import gcp:assuredworkloads/workload:Workload When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Workload can be imported using one of the formats above. For example
735
+ ```
481
736
 
482
737
  ```sh
483
738
  $ pulumi import gcp:assuredworkloads/workload:Workload default organizations/{{organization}}/locations/{{location}}/workloads/{{name}}
@@ -489,10 +744,11 @@ class Workload(pulumi.CustomResource):
489
744
 
490
745
  :param str resource_name: The name of the resource.
491
746
  :param pulumi.ResourceOptions opts: Options for the resource.
492
- :param pulumi.Input[str] billing_account: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
493
- :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
747
+ :param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
748
+ :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
494
749
  :param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
495
- :param pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']] kms_settings: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
750
+ :param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
751
+ :param pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
496
752
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
497
753
 
498
754
  **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
@@ -503,8 +759,11 @@ class Workload(pulumi.CustomResource):
503
759
 
504
760
 
505
761
  - - -
506
- :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
762
+ :param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
763
+ :param pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
764
+ :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
507
765
  :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
766
+ :param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
508
767
  """
509
768
  ...
510
769
  @overload
@@ -525,7 +784,7 @@ class Workload(pulumi.CustomResource):
525
784
  primary = gcp.assuredworkloads.Workload("primary",
526
785
  billing_account="billingAccounts/000000-0000000-0000000-000000",
527
786
  compliance_regime="FEDRAMP_MODERATE",
528
- display_name="Workload Example",
787
+ display_name="{{display}}",
529
788
  kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
530
789
  next_rotation_time="9999-10-02T15:01:23Z",
531
790
  rotation_period="10368000s",
@@ -538,7 +797,39 @@ class Workload(pulumi.CustomResource):
538
797
  provisioned_resources_parent="folders/519620126891",
539
798
  resource_settings=[
540
799
  gcp.assuredworkloads.WorkloadResourceSettingArgs(
541
- resource_type="CONSUMER_PROJECT",
800
+ display_name="folder-display-name",
801
+ resource_type="CONSUMER_FOLDER",
802
+ ),
803
+ gcp.assuredworkloads.WorkloadResourceSettingArgs(
804
+ resource_type="ENCRYPTION_KEYS_PROJECT",
805
+ ),
806
+ gcp.assuredworkloads.WorkloadResourceSettingArgs(
807
+ resource_id="ring",
808
+ resource_type="KEYRING",
809
+ ),
810
+ ],
811
+ violation_notifications_enabled=True)
812
+ ```
813
+ ### Sovereign_controls_workload
814
+ A Sovereign Controls test of the assuredworkloads api
815
+ ```python
816
+ import pulumi
817
+ import pulumi_gcp as gcp
818
+
819
+ primary = gcp.assuredworkloads.Workload("primary",
820
+ compliance_regime="EU_REGIONS_AND_SUPPORT",
821
+ display_name="display",
822
+ location="europe-west9",
823
+ organization="123456789",
824
+ billing_account="billingAccounts/000000-0000000-0000000-000000",
825
+ enable_sovereign_controls=True,
826
+ kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
827
+ next_rotation_time="9999-10-02T15:01:23Z",
828
+ rotation_period="10368000s",
829
+ ),
830
+ resource_settings=[
831
+ gcp.assuredworkloads.WorkloadResourceSettingArgs(
832
+ resource_type="CONSUMER_FOLDER",
542
833
  ),
543
834
  gcp.assuredworkloads.WorkloadResourceSettingArgs(
544
835
  resource_type="ENCRYPTION_KEYS_PROJECT",
@@ -547,12 +838,24 @@ class Workload(pulumi.CustomResource):
547
838
  resource_id="ring",
548
839
  resource_type="KEYRING",
549
840
  ),
550
- ])
841
+ ],
842
+ labels={
843
+ "label-one": "value-one",
844
+ },
845
+ opts=pulumi.ResourceOptions(provider=google_beta))
551
846
  ```
552
847
 
553
848
  ## Import
554
849
 
555
- Workload can be imported using any of these accepted formats
850
+ Workload can be imported using any of these accepted formats* `organizations/{{organization}}/locations/{{location}}/workloads/{{name}}` * `{{organization}}/{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Workload using one of the formats above. For exampletf import {
851
+
852
+ id = "organizations/{{organization}}/locations/{{location}}/workloads/{{name}}"
853
+
854
+ to = google_assured_workloads_workload.default }
855
+
856
+ ```sh
857
+ $ pulumi import gcp:assuredworkloads/workload:Workload When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Workload can be imported using one of the formats above. For example
858
+ ```
556
859
 
557
860
  ```sh
558
861
  $ pulumi import gcp:assuredworkloads/workload:Workload default organizations/{{organization}}/locations/{{location}}/workloads/{{name}}
@@ -580,12 +883,16 @@ class Workload(pulumi.CustomResource):
580
883
  billing_account: Optional[pulumi.Input[str]] = None,
581
884
  compliance_regime: Optional[pulumi.Input[str]] = None,
582
885
  display_name: Optional[pulumi.Input[str]] = None,
886
+ enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
583
887
  kms_settings: Optional[pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']]] = None,
584
888
  labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
585
889
  location: Optional[pulumi.Input[str]] = None,
586
890
  organization: Optional[pulumi.Input[str]] = None,
891
+ partner: Optional[pulumi.Input[str]] = None,
892
+ partner_permissions: Optional[pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']]] = None,
587
893
  provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
588
894
  resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]]] = None,
895
+ violation_notifications_enabled: Optional[pulumi.Input[bool]] = None,
589
896
  __props__=None):
590
897
  opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
591
898
  if not isinstance(opts, pulumi.ResourceOptions):
@@ -595,8 +902,6 @@ class Workload(pulumi.CustomResource):
595
902
  raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
596
903
  __props__ = WorkloadArgs.__new__(WorkloadArgs)
597
904
 
598
- if billing_account is None and not opts.urn:
599
- raise TypeError("Missing required property 'billing_account'")
600
905
  __props__.__dict__["billing_account"] = billing_account
601
906
  if compliance_regime is None and not opts.urn:
602
907
  raise TypeError("Missing required property 'compliance_regime'")
@@ -604,6 +909,7 @@ class Workload(pulumi.CustomResource):
604
909
  if display_name is None and not opts.urn:
605
910
  raise TypeError("Missing required property 'display_name'")
606
911
  __props__.__dict__["display_name"] = display_name
912
+ __props__.__dict__["enable_sovereign_controls"] = enable_sovereign_controls
607
913
  __props__.__dict__["kms_settings"] = kms_settings
608
914
  __props__.__dict__["labels"] = labels
609
915
  if location is None and not opts.urn:
@@ -612,13 +918,21 @@ class Workload(pulumi.CustomResource):
612
918
  if organization is None and not opts.urn:
613
919
  raise TypeError("Missing required property 'organization'")
614
920
  __props__.__dict__["organization"] = organization
921
+ __props__.__dict__["partner"] = partner
922
+ __props__.__dict__["partner_permissions"] = partner_permissions
615
923
  __props__.__dict__["provisioned_resources_parent"] = provisioned_resources_parent
616
924
  __props__.__dict__["resource_settings"] = resource_settings
925
+ __props__.__dict__["violation_notifications_enabled"] = violation_notifications_enabled
926
+ __props__.__dict__["compliance_statuses"] = None
927
+ __props__.__dict__["compliant_but_disallowed_services"] = None
617
928
  __props__.__dict__["create_time"] = None
618
929
  __props__.__dict__["effective_labels"] = None
930
+ __props__.__dict__["ekm_provisioning_responses"] = None
931
+ __props__.__dict__["kaj_enrollment_state"] = None
619
932
  __props__.__dict__["name"] = None
620
933
  __props__.__dict__["pulumi_labels"] = None
621
934
  __props__.__dict__["resources"] = None
935
+ __props__.__dict__["saa_enrollment_responses"] = None
622
936
  secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"])
623
937
  opts = pulumi.ResourceOptions.merge(opts, secret_opts)
624
938
  super(Workload, __self__).__init__(
@@ -633,18 +947,27 @@ class Workload(pulumi.CustomResource):
633
947
  opts: Optional[pulumi.ResourceOptions] = None,
634
948
  billing_account: Optional[pulumi.Input[str]] = None,
635
949
  compliance_regime: Optional[pulumi.Input[str]] = None,
950
+ compliance_statuses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadComplianceStatusArgs']]]]] = None,
951
+ compliant_but_disallowed_services: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
636
952
  create_time: Optional[pulumi.Input[str]] = None,
637
953
  display_name: Optional[pulumi.Input[str]] = None,
638
954
  effective_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
955
+ ekm_provisioning_responses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadEkmProvisioningResponseArgs']]]]] = None,
956
+ enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
957
+ kaj_enrollment_state: Optional[pulumi.Input[str]] = None,
639
958
  kms_settings: Optional[pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']]] = None,
640
959
  labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
641
960
  location: Optional[pulumi.Input[str]] = None,
642
961
  name: Optional[pulumi.Input[str]] = None,
643
962
  organization: Optional[pulumi.Input[str]] = None,
963
+ partner: Optional[pulumi.Input[str]] = None,
964
+ partner_permissions: Optional[pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']]] = None,
644
965
  provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
645
966
  pulumi_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
646
967
  resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]]] = None,
647
- resources: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceArgs']]]]] = None) -> 'Workload':
968
+ resources: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceArgs']]]]] = None,
969
+ saa_enrollment_responses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadSaaEnrollmentResponseArgs']]]]] = None,
970
+ violation_notifications_enabled: Optional[pulumi.Input[bool]] = None) -> 'Workload':
648
971
  """
649
972
  Get an existing Workload resource's state with the given name, id, and optional extra
650
973
  properties used to qualify the lookup.
@@ -652,13 +975,17 @@ class Workload(pulumi.CustomResource):
652
975
  :param str resource_name: The unique name of the resulting resource.
653
976
  :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
654
977
  :param pulumi.ResourceOptions opts: Options for the resource.
655
- :param pulumi.Input[str] billing_account: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
656
- :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
978
+ :param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
979
+ :param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
980
+ :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadComplianceStatusArgs']]]] compliance_statuses: Output only. Count of active Violations in the Workload.
981
+ :param pulumi.Input[Sequence[pulumi.Input[str]]] compliant_but_disallowed_services: Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
657
982
  :param pulumi.Input[str] create_time: Output only. Immutable. The Workload creation timestamp.
658
983
  :param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
659
- :param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other
660
- clients and services.
661
- :param pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']] kms_settings: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
984
+ :param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
985
+ :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadEkmProvisioningResponseArgs']]]] ekm_provisioning_responses: Optional. Represents the Ekm Provisioning State of the given workload.
986
+ :param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
987
+ :param pulumi.Input[str] kaj_enrollment_state: Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
988
+ :param pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
662
989
  :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
663
990
 
664
991
  **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
@@ -670,10 +997,14 @@ class Workload(pulumi.CustomResource):
670
997
 
671
998
 
672
999
  - - -
673
- :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
1000
+ :param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
1001
+ :param pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
1002
+ :param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
674
1003
  :param pulumi.Input[Mapping[str, Any]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider.
675
1004
  :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
676
1005
  :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceArgs']]]] resources: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.
1006
+ :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadSaaEnrollmentResponseArgs']]]] saa_enrollment_responses: Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
1007
+ :param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
677
1008
  """
678
1009
  opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
679
1010
 
@@ -681,25 +1012,34 @@ class Workload(pulumi.CustomResource):
681
1012
 
682
1013
  __props__.__dict__["billing_account"] = billing_account
683
1014
  __props__.__dict__["compliance_regime"] = compliance_regime
1015
+ __props__.__dict__["compliance_statuses"] = compliance_statuses
1016
+ __props__.__dict__["compliant_but_disallowed_services"] = compliant_but_disallowed_services
684
1017
  __props__.__dict__["create_time"] = create_time
685
1018
  __props__.__dict__["display_name"] = display_name
686
1019
  __props__.__dict__["effective_labels"] = effective_labels
1020
+ __props__.__dict__["ekm_provisioning_responses"] = ekm_provisioning_responses
1021
+ __props__.__dict__["enable_sovereign_controls"] = enable_sovereign_controls
1022
+ __props__.__dict__["kaj_enrollment_state"] = kaj_enrollment_state
687
1023
  __props__.__dict__["kms_settings"] = kms_settings
688
1024
  __props__.__dict__["labels"] = labels
689
1025
  __props__.__dict__["location"] = location
690
1026
  __props__.__dict__["name"] = name
691
1027
  __props__.__dict__["organization"] = organization
1028
+ __props__.__dict__["partner"] = partner
1029
+ __props__.__dict__["partner_permissions"] = partner_permissions
692
1030
  __props__.__dict__["provisioned_resources_parent"] = provisioned_resources_parent
693
1031
  __props__.__dict__["pulumi_labels"] = pulumi_labels
694
1032
  __props__.__dict__["resource_settings"] = resource_settings
695
1033
  __props__.__dict__["resources"] = resources
1034
+ __props__.__dict__["saa_enrollment_responses"] = saa_enrollment_responses
1035
+ __props__.__dict__["violation_notifications_enabled"] = violation_notifications_enabled
696
1036
  return Workload(resource_name, opts=opts, __props__=__props__)
697
1037
 
698
1038
  @property
699
1039
  @pulumi.getter(name="billingAccount")
700
- def billing_account(self) -> pulumi.Output[str]:
1040
+ def billing_account(self) -> pulumi.Output[Optional[str]]:
701
1041
  """
702
- Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
1042
+ Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
703
1043
  """
704
1044
  return pulumi.get(self, "billing_account")
705
1045
 
@@ -707,10 +1047,26 @@ class Workload(pulumi.CustomResource):
707
1047
  @pulumi.getter(name="complianceRegime")
708
1048
  def compliance_regime(self) -> pulumi.Output[str]:
709
1049
  """
710
- Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
1050
+ Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
711
1051
  """
712
1052
  return pulumi.get(self, "compliance_regime")
713
1053
 
1054
+ @property
1055
+ @pulumi.getter(name="complianceStatuses")
1056
+ def compliance_statuses(self) -> pulumi.Output[Sequence['outputs.WorkloadComplianceStatus']]:
1057
+ """
1058
+ Output only. Count of active Violations in the Workload.
1059
+ """
1060
+ return pulumi.get(self, "compliance_statuses")
1061
+
1062
+ @property
1063
+ @pulumi.getter(name="compliantButDisallowedServices")
1064
+ def compliant_but_disallowed_services(self) -> pulumi.Output[Sequence[str]]:
1065
+ """
1066
+ Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
1067
+ """
1068
+ return pulumi.get(self, "compliant_but_disallowed_services")
1069
+
714
1070
  @property
715
1071
  @pulumi.getter(name="createTime")
716
1072
  def create_time(self) -> pulumi.Output[str]:
@@ -731,16 +1087,39 @@ class Workload(pulumi.CustomResource):
731
1087
  @pulumi.getter(name="effectiveLabels")
732
1088
  def effective_labels(self) -> pulumi.Output[Mapping[str, Any]]:
733
1089
  """
734
- All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other
735
- clients and services.
1090
+ All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
736
1091
  """
737
1092
  return pulumi.get(self, "effective_labels")
738
1093
 
1094
+ @property
1095
+ @pulumi.getter(name="ekmProvisioningResponses")
1096
+ def ekm_provisioning_responses(self) -> pulumi.Output[Sequence['outputs.WorkloadEkmProvisioningResponse']]:
1097
+ """
1098
+ Optional. Represents the Ekm Provisioning State of the given workload.
1099
+ """
1100
+ return pulumi.get(self, "ekm_provisioning_responses")
1101
+
1102
+ @property
1103
+ @pulumi.getter(name="enableSovereignControls")
1104
+ def enable_sovereign_controls(self) -> pulumi.Output[bool]:
1105
+ """
1106
+ Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
1107
+ """
1108
+ return pulumi.get(self, "enable_sovereign_controls")
1109
+
1110
+ @property
1111
+ @pulumi.getter(name="kajEnrollmentState")
1112
+ def kaj_enrollment_state(self) -> pulumi.Output[str]:
1113
+ """
1114
+ Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
1115
+ """
1116
+ return pulumi.get(self, "kaj_enrollment_state")
1117
+
739
1118
  @property
740
1119
  @pulumi.getter(name="kmsSettings")
741
1120
  def kms_settings(self) -> pulumi.Output[Optional['outputs.WorkloadKmsSettings']]:
742
1121
  """
743
- Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
1122
+ **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
744
1123
  """
745
1124
  return pulumi.get(self, "kms_settings")
746
1125
 
@@ -783,11 +1162,27 @@ class Workload(pulumi.CustomResource):
783
1162
  """
784
1163
  return pulumi.get(self, "organization")
785
1164
 
1165
+ @property
1166
+ @pulumi.getter
1167
+ def partner(self) -> pulumi.Output[Optional[str]]:
1168
+ """
1169
+ Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
1170
+ """
1171
+ return pulumi.get(self, "partner")
1172
+
1173
+ @property
1174
+ @pulumi.getter(name="partnerPermissions")
1175
+ def partner_permissions(self) -> pulumi.Output[Optional['outputs.WorkloadPartnerPermissions']]:
1176
+ """
1177
+ Optional. Permissions granted to the AW Partner SA account for the customer workload
1178
+ """
1179
+ return pulumi.get(self, "partner_permissions")
1180
+
786
1181
  @property
787
1182
  @pulumi.getter(name="provisionedResourcesParent")
788
1183
  def provisioned_resources_parent(self) -> pulumi.Output[Optional[str]]:
789
1184
  """
790
- Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
1185
+ Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
791
1186
  """
792
1187
  return pulumi.get(self, "provisioned_resources_parent")
793
1188
 
@@ -815,3 +1210,19 @@ class Workload(pulumi.CustomResource):
815
1210
  """
816
1211
  return pulumi.get(self, "resources")
817
1212
 
1213
+ @property
1214
+ @pulumi.getter(name="saaEnrollmentResponses")
1215
+ def saa_enrollment_responses(self) -> pulumi.Output[Sequence['outputs.WorkloadSaaEnrollmentResponse']]:
1216
+ """
1217
+ Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
1218
+ """
1219
+ return pulumi.get(self, "saa_enrollment_responses")
1220
+
1221
+ @property
1222
+ @pulumi.getter(name="violationNotificationsEnabled")
1223
+ def violation_notifications_enabled(self) -> pulumi.Output[bool]:
1224
+ """
1225
+ Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
1226
+ """
1227
+ return pulumi.get(self, "violation_notifications_enabled")
1228
+