pulumi-gcp 7.0.0rc0__py3-none-any.whl → 7.1.0__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- pulumi_gcp/__init__.py +118 -0
- pulumi_gcp/accesscontextmanager/_inputs.py +546 -71
- pulumi_gcp/accesscontextmanager/access_level.py +18 -2
- pulumi_gcp/accesscontextmanager/access_level_condition.py +57 -3
- pulumi_gcp/accesscontextmanager/access_levels.py +18 -2
- pulumi_gcp/accesscontextmanager/access_policy.py +18 -2
- pulumi_gcp/accesscontextmanager/authorized_orgs_desc.py +18 -2
- pulumi_gcp/accesscontextmanager/egress_policy.py +18 -2
- pulumi_gcp/accesscontextmanager/gcp_user_access_binding.py +18 -2
- pulumi_gcp/accesscontextmanager/ingress_policy.py +18 -2
- pulumi_gcp/accesscontextmanager/outputs.py +643 -71
- pulumi_gcp/accesscontextmanager/service_perimeter.py +18 -2
- pulumi_gcp/accesscontextmanager/service_perimeter_egress_policy.py +18 -2
- pulumi_gcp/accesscontextmanager/service_perimeter_ingress_policy.py +18 -2
- pulumi_gcp/accesscontextmanager/service_perimeter_resource.py +18 -2
- pulumi_gcp/accesscontextmanager/service_perimeters.py +18 -2
- pulumi_gcp/activedirectory/domain.py +22 -10
- pulumi_gcp/activedirectory/domain_trust.py +18 -2
- pulumi_gcp/activedirectory/peering.py +4 -8
- pulumi_gcp/alloydb/__init__.py +1 -0
- pulumi_gcp/alloydb/_inputs.py +93 -0
- pulumi_gcp/alloydb/backup.py +22 -10
- pulumi_gcp/alloydb/cluster.py +283 -11
- pulumi_gcp/alloydb/instance.py +241 -40
- pulumi_gcp/alloydb/outputs.py +130 -0
- pulumi_gcp/alloydb/user.py +609 -0
- pulumi_gcp/apigateway/api.py +22 -10
- pulumi_gcp/apigateway/api_config.py +22 -10
- pulumi_gcp/apigateway/gateway.py +22 -10
- pulumi_gcp/apigee/addons_config.py +18 -2
- pulumi_gcp/apigee/endpoint_attachment.py +18 -2
- pulumi_gcp/apigee/env_group.py +18 -2
- pulumi_gcp/apigee/env_group_attachment.py +18 -2
- pulumi_gcp/apigee/env_keystore.py +18 -2
- pulumi_gcp/apigee/env_references.py +18 -2
- pulumi_gcp/apigee/environment.py +96 -5
- pulumi_gcp/apigee/flowhook.py +18 -2
- pulumi_gcp/apigee/instance.py +18 -2
- pulumi_gcp/apigee/instance_attachment.py +18 -2
- pulumi_gcp/apigee/keystores_aliases_key_cert_file.py +18 -2
- pulumi_gcp/apigee/keystores_aliases_pkcs12.py +18 -2
- pulumi_gcp/apigee/keystores_aliases_self_signed_cert.py +18 -2
- pulumi_gcp/apigee/nat_address.py +18 -2
- pulumi_gcp/apigee/organization.py +18 -2
- pulumi_gcp/apigee/sharedflow.py +18 -2
- pulumi_gcp/apigee/sharedflow_deployment.py +18 -2
- pulumi_gcp/apigee/sync_authorization.py +18 -2
- pulumi_gcp/apigee/target_server.py +18 -2
- pulumi_gcp/appengine/application.py +20 -4
- pulumi_gcp/appengine/application_url_dispatch_rules.py +18 -2
- pulumi_gcp/appengine/domain_mapping.py +18 -2
- pulumi_gcp/appengine/engine_split_traffic.py +18 -2
- pulumi_gcp/appengine/firewall_rule.py +18 -2
- pulumi_gcp/appengine/flexible_app_version.py +18 -2
- pulumi_gcp/appengine/service_network_settings.py +18 -2
- pulumi_gcp/appengine/standard_app_version.py +18 -2
- pulumi_gcp/artifactregistry/_inputs.py +4 -4
- pulumi_gcp/artifactregistry/outputs.py +4 -4
- pulumi_gcp/artifactregistry/repository.py +24 -12
- pulumi_gcp/artifactregistry/vpcsc_config.py +18 -2
- pulumi_gcp/assuredworkloads/_inputs.py +178 -4
- pulumi_gcp/assuredworkloads/outputs.py +217 -5
- pulumi_gcp/assuredworkloads/workload.py +474 -63
- pulumi_gcp/backupdisasterrecovery/__init__.py +1 -0
- pulumi_gcp/backupdisasterrecovery/get_management_server.py +152 -0
- pulumi_gcp/backupdisasterrecovery/management_server.py +18 -2
- pulumi_gcp/backupdisasterrecovery/outputs.py +40 -0
- pulumi_gcp/beyondcorp/app_connection.py +22 -10
- pulumi_gcp/beyondcorp/app_connector.py +22 -10
- pulumi_gcp/beyondcorp/app_gateway.py +22 -10
- pulumi_gcp/biglake/catalog.py +18 -2
- pulumi_gcp/biglake/database.py +18 -2
- pulumi_gcp/biglake/table.py +18 -2
- pulumi_gcp/bigquery/__init__.py +1 -0
- pulumi_gcp/bigquery/_inputs.py +94 -8
- pulumi_gcp/bigquery/app_profile.py +18 -2
- pulumi_gcp/bigquery/bi_reservation.py +18 -2
- pulumi_gcp/bigquery/capacity_commitment.py +25 -9
- pulumi_gcp/bigquery/connection.py +56 -2
- pulumi_gcp/bigquery/data_transfer_config.py +18 -2
- pulumi_gcp/bigquery/dataset.py +22 -10
- pulumi_gcp/bigquery/dataset_iam_binding.py +10 -38
- pulumi_gcp/bigquery/dataset_iam_member.py +10 -38
- pulumi_gcp/bigquery/dataset_iam_policy.py +10 -38
- pulumi_gcp/bigquery/get_dataset.py +315 -0
- pulumi_gcp/bigquery/job.py +26 -10
- pulumi_gcp/bigquery/outputs.py +275 -9
- pulumi_gcp/bigquery/reservation.py +18 -2
- pulumi_gcp/bigquery/reservation_assignment.py +18 -2
- pulumi_gcp/bigquery/routine.py +18 -2
- pulumi_gcp/bigquery/table.py +171 -17
- pulumi_gcp/bigqueryanalyticshub/data_exchange.py +18 -2
- pulumi_gcp/bigqueryanalyticshub/listing.py +18 -2
- pulumi_gcp/bigquerydatapolicy/data_policy.py +18 -2
- pulumi_gcp/bigtable/instance.py +30 -10
- pulumi_gcp/bigtable/instance_iam_binding.py +12 -20
- pulumi_gcp/bigtable/instance_iam_member.py +12 -20
- pulumi_gcp/bigtable/instance_iam_policy.py +12 -20
- pulumi_gcp/bigtable/table.py +18 -6
- pulumi_gcp/bigtable/table_iam_binding.py +12 -20
- pulumi_gcp/bigtable/table_iam_member.py +12 -20
- pulumi_gcp/bigtable/table_iam_policy.py +12 -20
- pulumi_gcp/billing/account_iam_binding.py +12 -20
- pulumi_gcp/billing/account_iam_member.py +12 -20
- pulumi_gcp/billing/account_iam_policy.py +12 -20
- pulumi_gcp/billing/budget.py +18 -2
- pulumi_gcp/billing/project_info.py +18 -2
- pulumi_gcp/billing/sub_account.py +18 -2
- pulumi_gcp/binaryauthorization/attestor.py +18 -2
- pulumi_gcp/binaryauthorization/policy.py +18 -2
- pulumi_gcp/certificateauthority/authority.py +22 -10
- pulumi_gcp/certificateauthority/ca_pool.py +22 -10
- pulumi_gcp/certificateauthority/certificate.py +22 -10
- pulumi_gcp/certificateauthority/certificate_template.py +22 -10
- pulumi_gcp/certificatemanager/certificate.py +223 -31
- pulumi_gcp/certificatemanager/certificate_issuance_config.py +22 -10
- pulumi_gcp/certificatemanager/certificate_map.py +22 -10
- pulumi_gcp/certificatemanager/certificate_map_entry.py +22 -10
- pulumi_gcp/certificatemanager/dns_authorization.py +22 -10
- pulumi_gcp/certificatemanager/trust_config.py +22 -10
- pulumi_gcp/cloudasset/folder_feed.py +18 -2
- pulumi_gcp/cloudasset/organization_feed.py +18 -2
- pulumi_gcp/cloudasset/project_feed.py +18 -2
- pulumi_gcp/cloudbuild/bitbucket_server_config.py +18 -2
- pulumi_gcp/cloudbuild/trigger.py +18 -2
- pulumi_gcp/cloudbuild/worker_pool.py +18 -2
- pulumi_gcp/cloudbuildv2/connection.py +18 -2
- pulumi_gcp/cloudbuildv2/repository.py +18 -2
- pulumi_gcp/clouddeploy/delivery_pipeline.py +22 -10
- pulumi_gcp/clouddeploy/target.py +22 -10
- pulumi_gcp/cloudfunctions/function.py +26 -14
- pulumi_gcp/cloudfunctions/get_function.py +3 -0
- pulumi_gcp/cloudfunctionsv2/function.py +22 -10
- pulumi_gcp/cloudidentity/__init__.py +1 -0
- pulumi_gcp/cloudidentity/_inputs.py +119 -0
- pulumi_gcp/cloudidentity/get_group_lookup.py +128 -0
- pulumi_gcp/cloudidentity/group.py +50 -2
- pulumi_gcp/cloudidentity/group_membership.py +18 -2
- pulumi_gcp/cloudidentity/outputs.py +156 -0
- pulumi_gcp/cloudids/endpoint.py +18 -2
- pulumi_gcp/cloudrun/_inputs.py +12 -0
- pulumi_gcp/cloudrun/domain_mapping.py +18 -2
- pulumi_gcp/cloudrun/outputs.py +12 -0
- pulumi_gcp/cloudrun/service.py +18 -2
- pulumi_gcp/cloudrunv2/__init__.py +2 -0
- pulumi_gcp/cloudrunv2/get_job.py +394 -0
- pulumi_gcp/cloudrunv2/get_service.py +454 -0
- pulumi_gcp/cloudrunv2/job.py +40 -27
- pulumi_gcp/cloudrunv2/outputs.py +1687 -0
- pulumi_gcp/cloudrunv2/service.py +40 -27
- pulumi_gcp/cloudscheduler/job.py +18 -2
- pulumi_gcp/cloudtasks/queue.py +18 -2
- pulumi_gcp/composer/_inputs.py +17 -0
- pulumi_gcp/composer/environment.py +68 -5
- pulumi_gcp/composer/get_environment.py +13 -3
- pulumi_gcp/composer/outputs.py +26 -0
- pulumi_gcp/compute/__init__.py +2 -0
- pulumi_gcp/compute/_inputs.py +158 -4
- pulumi_gcp/compute/address.py +38 -18
- pulumi_gcp/compute/attached_disk.py +18 -2
- pulumi_gcp/compute/autoscaler.py +18 -2
- pulumi_gcp/compute/backend_bucket.py +18 -2
- pulumi_gcp/compute/backend_service.py +32 -16
- pulumi_gcp/compute/disk.py +22 -10
- pulumi_gcp/compute/disk_resource_policy_attachment.py +18 -2
- pulumi_gcp/compute/external_vpn_gateway.py +22 -10
- pulumi_gcp/compute/firewall.py +18 -2
- pulumi_gcp/compute/firewall_policy_association.py +18 -2
- pulumi_gcp/compute/firewall_policy_rule.py +18 -2
- pulumi_gcp/compute/forwarding_rule.py +377 -276
- pulumi_gcp/compute/get_disk.py +3 -0
- pulumi_gcp/compute/get_forwarding_rule.py +11 -1
- pulumi_gcp/compute/get_image.py +3 -0
- pulumi_gcp/compute/get_network.py +14 -1
- pulumi_gcp/compute/get_networks.py +130 -0
- pulumi_gcp/compute/get_subnetwork.py +14 -1
- pulumi_gcp/compute/global_address.py +18 -2
- pulumi_gcp/compute/global_forwarding_rule.py +127 -108
- pulumi_gcp/compute/global_network_endpoint.py +18 -2
- pulumi_gcp/compute/global_network_endpoint_group.py +18 -2
- pulumi_gcp/compute/ha_vpn_gateway.py +18 -2
- pulumi_gcp/compute/health_check.py +18 -2
- pulumi_gcp/compute/http_health_check.py +18 -2
- pulumi_gcp/compute/https_health_check.py +18 -2
- pulumi_gcp/compute/image.py +22 -10
- pulumi_gcp/compute/instance.py +44 -36
- pulumi_gcp/compute/instance_group.py +24 -8
- pulumi_gcp/compute/instance_group_manager.py +26 -10
- pulumi_gcp/compute/instance_group_named_port.py +18 -2
- pulumi_gcp/compute/instance_settings.py +387 -0
- pulumi_gcp/compute/instance_template.py +29 -21
- pulumi_gcp/compute/interconnect_attachment.py +18 -2
- pulumi_gcp/compute/machine_image.py +18 -2
- pulumi_gcp/compute/managed_ssl_certificate.py +18 -2
- pulumi_gcp/compute/manged_ssl_certificate.py +18 -2
- pulumi_gcp/compute/network.py +18 -2
- pulumi_gcp/compute/network_attachment.py +156 -2
- pulumi_gcp/compute/network_edge_security_service.py +18 -2
- pulumi_gcp/compute/network_endpoint.py +18 -2
- pulumi_gcp/compute/network_endpoint_group.py +32 -16
- pulumi_gcp/compute/network_endpoint_list.py +18 -2
- pulumi_gcp/compute/network_firewall_policy.py +18 -2
- pulumi_gcp/compute/network_firewall_policy_association.py +18 -2
- pulumi_gcp/compute/network_firewall_policy_rule.py +18 -2
- pulumi_gcp/compute/network_peering.py +20 -4
- pulumi_gcp/compute/network_peering_routes_config.py +18 -2
- pulumi_gcp/compute/node_group.py +129 -2
- pulumi_gcp/compute/node_template.py +18 -2
- pulumi_gcp/compute/organization_security_policy.py +18 -2
- pulumi_gcp/compute/organization_security_policy_association.py +18 -2
- pulumi_gcp/compute/organization_security_policy_rule.py +18 -2
- pulumi_gcp/compute/outputs.py +230 -7
- pulumi_gcp/compute/packet_mirroring.py +18 -2
- pulumi_gcp/compute/per_instance_config.py +18 -2
- pulumi_gcp/compute/project_default_network_tier.py +20 -4
- pulumi_gcp/compute/project_metadata.py +20 -4
- pulumi_gcp/compute/project_metadata_item.py +20 -4
- pulumi_gcp/compute/public_advertised_prefix.py +18 -2
- pulumi_gcp/compute/public_delegated_prefix.py +18 -2
- pulumi_gcp/compute/region_autoscaler.py +18 -2
- pulumi_gcp/compute/region_backend_service.py +18 -2
- pulumi_gcp/compute/region_commitment.py +18 -2
- pulumi_gcp/compute/region_disk.py +22 -10
- pulumi_gcp/compute/region_disk_resource_policy_attachment.py +18 -2
- pulumi_gcp/compute/region_health_check.py +18 -2
- pulumi_gcp/compute/region_instance_group_manager.py +20 -4
- pulumi_gcp/compute/region_instance_template.py +29 -21
- pulumi_gcp/compute/region_network_endpoint_group.py +18 -2
- pulumi_gcp/compute/region_network_firewall_policy.py +18 -2
- pulumi_gcp/compute/region_network_firewall_policy_association.py +18 -2
- pulumi_gcp/compute/region_network_firewall_policy_rule.py +18 -2
- pulumi_gcp/compute/region_per_instance_config.py +18 -2
- pulumi_gcp/compute/region_security_policy.py +18 -2
- pulumi_gcp/compute/region_security_policy_rule.py +18 -2
- pulumi_gcp/compute/region_ssl_certificate.py +18 -2
- pulumi_gcp/compute/region_ssl_policy.py +18 -2
- pulumi_gcp/compute/region_target_http_proxy.py +18 -2
- pulumi_gcp/compute/region_target_https_proxy.py +18 -2
- pulumi_gcp/compute/region_target_tcp_proxy.py +18 -2
- pulumi_gcp/compute/region_url_map.py +18 -2
- pulumi_gcp/compute/reservation.py +18 -2
- pulumi_gcp/compute/resource_policy.py +18 -2
- pulumi_gcp/compute/route.py +18 -2
- pulumi_gcp/compute/router.py +18 -2
- pulumi_gcp/compute/router_interface.py +22 -6
- pulumi_gcp/compute/router_nat.py +18 -2
- pulumi_gcp/compute/router_peer.py +18 -2
- pulumi_gcp/compute/security_policy.py +52 -4
- pulumi_gcp/compute/security_scan_config.py +18 -2
- pulumi_gcp/compute/service_attachment.py +18 -2
- pulumi_gcp/compute/shared_vpc_host_project.py +20 -4
- pulumi_gcp/compute/shared_vpc_service_project.py +20 -4
- pulumi_gcp/compute/snapshot.py +22 -10
- pulumi_gcp/compute/ssl_certificate.py +18 -2
- pulumi_gcp/compute/ssl_policy.py +18 -2
- pulumi_gcp/compute/subnetwork.py +109 -2
- pulumi_gcp/compute/target_grpc_proxy.py +18 -2
- pulumi_gcp/compute/target_http_proxy.py +18 -2
- pulumi_gcp/compute/target_https_proxy.py +181 -16
- pulumi_gcp/compute/target_instance.py +18 -2
- pulumi_gcp/compute/target_pool.py +18 -2
- pulumi_gcp/compute/target_ssl_proxy.py +18 -2
- pulumi_gcp/compute/target_tcp_proxy.py +18 -2
- pulumi_gcp/compute/url_map.py +18 -2
- pulumi_gcp/compute/vpn_gateway.py +18 -2
- pulumi_gcp/compute/vpn_tunnel.py +18 -2
- pulumi_gcp/config/vars.py +12 -0
- pulumi_gcp/container/_inputs.py +299 -54
- pulumi_gcp/container/attached_cluster.py +18 -2
- pulumi_gcp/container/aws_cluster.py +24 -2
- pulumi_gcp/container/aws_node_pool.py +18 -2
- pulumi_gcp/container/azure_client.py +18 -2
- pulumi_gcp/container/azure_cluster.py +24 -2
- pulumi_gcp/container/azure_node_pool.py +18 -2
- pulumi_gcp/container/cluster.py +92 -29
- pulumi_gcp/container/get_cluster.py +11 -1
- pulumi_gcp/container/node_pool.py +22 -6
- pulumi_gcp/container/outputs.py +384 -52
- pulumi_gcp/containeranalysis/note.py +18 -2
- pulumi_gcp/containeranalysis/occurence.py +18 -2
- pulumi_gcp/databasemigrationservice/__init__.py +1 -0
- pulumi_gcp/databasemigrationservice/_inputs.py +465 -0
- pulumi_gcp/databasemigrationservice/connection_profile.py +122 -12
- pulumi_gcp/databasemigrationservice/outputs.py +466 -0
- pulumi_gcp/databasemigrationservice/private_connection.py +672 -0
- pulumi_gcp/datacatalog/entry.py +18 -2
- pulumi_gcp/datacatalog/entry_group.py +18 -2
- pulumi_gcp/datacatalog/policy_tag.py +18 -2
- pulumi_gcp/datacatalog/tag.py +18 -2
- pulumi_gcp/datacatalog/tag_template.py +18 -2
- pulumi_gcp/datacatalog/taxonomy.py +18 -2
- pulumi_gcp/dataflow/job.py +24 -12
- pulumi_gcp/dataflow/pipeline.py +18 -2
- pulumi_gcp/dataform/_inputs.py +78 -21
- pulumi_gcp/dataform/outputs.py +86 -20
- pulumi_gcp/dataform/repository.py +140 -9
- pulumi_gcp/dataform/repository_release_config.py +18 -2
- pulumi_gcp/dataform/repository_workflow_config.py +20 -4
- pulumi_gcp/datafusion/instance.py +22 -10
- pulumi_gcp/dataloss/prevention_deidentify_template.py +18 -2
- pulumi_gcp/dataloss/prevention_inspect_template.py +18 -2
- pulumi_gcp/dataloss/prevention_job_trigger.py +18 -2
- pulumi_gcp/dataloss/prevention_stored_info_type.py +18 -2
- pulumi_gcp/dataplex/asset.py +22 -10
- pulumi_gcp/dataplex/datascan.py +22 -10
- pulumi_gcp/dataplex/lake.py +22 -10
- pulumi_gcp/dataplex/task.py +22 -10
- pulumi_gcp/dataplex/zone.py +22 -10
- pulumi_gcp/dataproc/_inputs.py +148 -0
- pulumi_gcp/dataproc/autoscaling_policy.py +18 -2
- pulumi_gcp/dataproc/cluster.py +2 -2
- pulumi_gcp/dataproc/cluster_iam_binding.py +12 -20
- pulumi_gcp/dataproc/cluster_iam_member.py +12 -20
- pulumi_gcp/dataproc/cluster_iam_policy.py +12 -20
- pulumi_gcp/dataproc/job.py +20 -8
- pulumi_gcp/dataproc/job_iam_binding.py +12 -20
- pulumi_gcp/dataproc/job_iam_member.py +12 -20
- pulumi_gcp/dataproc/job_iam_policy.py +12 -20
- pulumi_gcp/dataproc/metastore_federation.py +22 -10
- pulumi_gcp/dataproc/metastore_service.py +22 -10
- pulumi_gcp/dataproc/outputs.py +175 -0
- pulumi_gcp/dataproc/workflow_template.py +18 -2
- pulumi_gcp/datastore/data_store_index.py +18 -2
- pulumi_gcp/datastream/connection_profile.py +22 -10
- pulumi_gcp/datastream/private_connection.py +22 -10
- pulumi_gcp/datastream/stream.py +22 -10
- pulumi_gcp/deploymentmanager/deployment.py +18 -2
- pulumi_gcp/diagflow/_inputs.py +626 -4
- pulumi_gcp/diagflow/agent.py +18 -2
- pulumi_gcp/diagflow/cx_agent.py +288 -21
- pulumi_gcp/diagflow/cx_entity_type.py +18 -2
- pulumi_gcp/diagflow/cx_environment.py +18 -2
- pulumi_gcp/diagflow/cx_flow.py +309 -4
- pulumi_gcp/diagflow/cx_intent.py +165 -10
- pulumi_gcp/diagflow/cx_page.py +109 -4
- pulumi_gcp/diagflow/cx_security_settings.py +18 -2
- pulumi_gcp/diagflow/cx_test_case.py +18 -2
- pulumi_gcp/diagflow/cx_version.py +18 -2
- pulumi_gcp/diagflow/cx_webhook.py +18 -2
- pulumi_gcp/diagflow/entity_type.py +18 -2
- pulumi_gcp/diagflow/fulfillment.py +18 -2
- pulumi_gcp/diagflow/intent.py +18 -2
- pulumi_gcp/diagflow/outputs.py +722 -5
- pulumi_gcp/dns/get_keys.py +16 -2
- pulumi_gcp/dns/managed_zone.py +22 -10
- pulumi_gcp/dns/policy.py +18 -2
- pulumi_gcp/dns/record_set.py +24 -8
- pulumi_gcp/dns/response_policy.py +18 -2
- pulumi_gcp/dns/response_policy_rule.py +18 -2
- pulumi_gcp/edgecontainer/__init__.py +12 -0
- pulumi_gcp/edgecontainer/_inputs.py +1171 -0
- pulumi_gcp/edgecontainer/cluster.py +1539 -0
- pulumi_gcp/edgecontainer/node_pool.py +1062 -0
- pulumi_gcp/edgecontainer/outputs.py +1204 -0
- pulumi_gcp/edgecontainer/vpn_connection.py +918 -0
- pulumi_gcp/edgenetwork/network.py +18 -2
- pulumi_gcp/edgenetwork/subnet.py +18 -2
- pulumi_gcp/essentialcontacts/contact.py +18 -2
- pulumi_gcp/essentialcontacts/document_ai_processor.py +18 -2
- pulumi_gcp/essentialcontacts/document_ai_processor_default_version.py +18 -2
- pulumi_gcp/essentialcontacts/document_ai_warehouse_document_schema.py +18 -2
- pulumi_gcp/eventarc/channel.py +18 -2
- pulumi_gcp/eventarc/google_channel_config.py +18 -2
- pulumi_gcp/eventarc/trigger.py +22 -10
- pulumi_gcp/filestore/backup.py +22 -10
- pulumi_gcp/filestore/instance.py +22 -10
- pulumi_gcp/filestore/snapshot.py +22 -10
- pulumi_gcp/firebase/__init__.py +1 -0
- pulumi_gcp/firebase/_inputs.py +878 -0
- pulumi_gcp/firebase/android_app.py +18 -2
- pulumi_gcp/firebase/apple_app.py +18 -2
- pulumi_gcp/firebase/database_instance.py +18 -2
- pulumi_gcp/firebase/extensions_instance.py +18 -2
- pulumi_gcp/firebase/hosting_channel.py +22 -10
- pulumi_gcp/firebase/hosting_custom_domain.py +1274 -0
- pulumi_gcp/firebase/hosting_release.py +18 -2
- pulumi_gcp/firebase/hosting_site.py +18 -2
- pulumi_gcp/firebase/hosting_version.py +18 -2
- pulumi_gcp/firebase/outputs.py +905 -0
- pulumi_gcp/firebase/project.py +18 -2
- pulumi_gcp/firebase/storage_bucket.py +18 -2
- pulumi_gcp/firebase/web_app.py +18 -2
- pulumi_gcp/firebaserules/release.py +18 -2
- pulumi_gcp/firebaserules/ruleset.py +18 -2
- pulumi_gcp/firestore/__init__.py +1 -0
- pulumi_gcp/firestore/_inputs.py +35 -2
- pulumi_gcp/firestore/backup_schedule.py +547 -0
- pulumi_gcp/firestore/database.py +24 -4
- pulumi_gcp/firestore/document.py +22 -2
- pulumi_gcp/firestore/field.py +27 -13
- pulumi_gcp/firestore/index.py +140 -21
- pulumi_gcp/firestore/outputs.py +31 -2
- pulumi_gcp/folder/access_approval_settings.py +18 -2
- pulumi_gcp/folder/iam_audit_config.py +10 -58
- pulumi_gcp/folder/iam_member.py +10 -58
- pulumi_gcp/folder/iam_policy.py +10 -58
- pulumi_gcp/folder/organization_policy.py +22 -6
- pulumi_gcp/gkebackup/backup_plan.py +22 -10
- pulumi_gcp/gkebackup/restore_plan.py +22 -10
- pulumi_gcp/gkebackup/restore_plan_iam_binding.py +18 -2
- pulumi_gcp/gkebackup/restore_plan_iam_member.py +18 -2
- pulumi_gcp/gkebackup/restore_plan_iam_policy.py +18 -2
- pulumi_gcp/gkehub/__init__.py +1 -0
- pulumi_gcp/gkehub/_inputs.py +431 -0
- pulumi_gcp/gkehub/feature.py +76 -10
- pulumi_gcp/gkehub/feature_membership.py +22 -2
- pulumi_gcp/gkehub/fleet.py +432 -0
- pulumi_gcp/gkehub/get_membership_iam_policy.py +24 -3
- pulumi_gcp/gkehub/membership.py +120 -16
- pulumi_gcp/gkehub/membership_binding.py +22 -10
- pulumi_gcp/gkehub/membership_iam_binding.py +67 -0
- pulumi_gcp/gkehub/membership_iam_member.py +67 -0
- pulumi_gcp/gkehub/membership_iam_policy.py +67 -0
- pulumi_gcp/gkehub/membership_rbac_role_binding.py +18 -2
- pulumi_gcp/gkehub/namespace.py +22 -10
- pulumi_gcp/gkehub/outputs.py +432 -1
- pulumi_gcp/gkehub/scope.py +22 -10
- pulumi_gcp/gkehub/scope_rbac_role_binding.py +22 -10
- pulumi_gcp/gkeonprem/_inputs.py +17 -31
- pulumi_gcp/gkeonprem/bare_metal_admin_cluster.py +148 -132
- pulumi_gcp/gkeonprem/bare_metal_cluster.py +260 -246
- pulumi_gcp/gkeonprem/bare_metal_node_pool.py +30 -18
- pulumi_gcp/gkeonprem/outputs.py +17 -31
- pulumi_gcp/gkeonprem/v_mware_cluster.py +287 -230
- pulumi_gcp/gkeonprem/v_mware_node_pool.py +30 -18
- pulumi_gcp/healthcare/consent_store.py +22 -10
- pulumi_gcp/healthcare/dataset.py +18 -2
- pulumi_gcp/healthcare/dataset_iam_binding.py +10 -38
- pulumi_gcp/healthcare/dataset_iam_member.py +10 -38
- pulumi_gcp/healthcare/dataset_iam_policy.py +10 -38
- pulumi_gcp/healthcare/dicom_store.py +22 -10
- pulumi_gcp/healthcare/dicom_store_iam_binding.py +10 -30
- pulumi_gcp/healthcare/dicom_store_iam_member.py +10 -30
- pulumi_gcp/healthcare/dicom_store_iam_policy.py +10 -30
- pulumi_gcp/healthcare/fhir_store.py +22 -10
- pulumi_gcp/healthcare/fhir_store_iam_binding.py +10 -30
- pulumi_gcp/healthcare/fhir_store_iam_member.py +10 -30
- pulumi_gcp/healthcare/fhir_store_iam_policy.py +10 -30
- pulumi_gcp/healthcare/hl7_store.py +22 -10
- pulumi_gcp/healthcare/hl7_store_iam_binding.py +10 -30
- pulumi_gcp/healthcare/hl7_store_iam_member.py +10 -30
- pulumi_gcp/healthcare/hl7_store_iam_policy.py +10 -30
- pulumi_gcp/iam/_inputs.py +20 -0
- pulumi_gcp/iam/access_boundary_policy.py +18 -2
- pulumi_gcp/iam/deny_policy.py +18 -2
- pulumi_gcp/iam/outputs.py +20 -0
- pulumi_gcp/iam/workforce_pool.py +18 -2
- pulumi_gcp/iam/workforce_pool_provider.py +18 -2
- pulumi_gcp/iam/workload_identity_pool.py +18 -2
- pulumi_gcp/iam/workload_identity_pool_provider.py +18 -2
- pulumi_gcp/iap/brand.py +18 -2
- pulumi_gcp/iap/client.py +18 -2
- pulumi_gcp/identityplatform/_inputs.py +92 -0
- pulumi_gcp/identityplatform/config.py +91 -5
- pulumi_gcp/identityplatform/default_supported_idp_config.py +18 -2
- pulumi_gcp/identityplatform/inbound_saml_config.py +18 -2
- pulumi_gcp/identityplatform/oauth_idp_config.py +18 -2
- pulumi_gcp/identityplatform/outputs.py +129 -0
- pulumi_gcp/identityplatform/project_default_config.py +18 -2
- pulumi_gcp/identityplatform/tenant.py +18 -2
- pulumi_gcp/identityplatform/tenant_default_supported_idp_config.py +18 -2
- pulumi_gcp/identityplatform/tenant_inbound_saml_config.py +18 -2
- pulumi_gcp/identityplatform/tenant_oauth_idp_config.py +18 -2
- pulumi_gcp/integrationconnectors/__init__.py +10 -0
- pulumi_gcp/integrationconnectors/_inputs.py +2518 -0
- pulumi_gcp/integrationconnectors/connection.py +1921 -0
- pulumi_gcp/integrationconnectors/outputs.py +2780 -0
- pulumi_gcp/kms/crypto_key.py +22 -10
- pulumi_gcp/kms/crypto_key_iam_binding.py +10 -30
- pulumi_gcp/kms/crypto_key_iam_member.py +10 -30
- pulumi_gcp/kms/crypto_key_iam_policy.py +10 -30
- pulumi_gcp/kms/crypto_key_version.py +18 -2
- pulumi_gcp/kms/key_ring.py +18 -2
- pulumi_gcp/kms/key_ring_iam_binding.py +10 -30
- pulumi_gcp/kms/key_ring_iam_member.py +10 -30
- pulumi_gcp/kms/key_ring_iam_policy.py +10 -30
- pulumi_gcp/kms/key_ring_import_job.py +18 -2
- pulumi_gcp/logging/_inputs.py +160 -0
- pulumi_gcp/logging/billing_account_bucket_config.py +61 -26
- pulumi_gcp/logging/billing_account_exclusion.py +20 -4
- pulumi_gcp/logging/billing_account_sink.py +20 -4
- pulumi_gcp/logging/folder_bucket_config.py +75 -4
- pulumi_gcp/logging/folder_exclusion.py +20 -4
- pulumi_gcp/logging/folder_sink.py +20 -4
- pulumi_gcp/logging/linked_dataset.py +18 -2
- pulumi_gcp/logging/log_view.py +18 -2
- pulumi_gcp/logging/metric.py +18 -2
- pulumi_gcp/logging/organization_bucket_config.py +75 -4
- pulumi_gcp/logging/organization_exclusion.py +20 -4
- pulumi_gcp/logging/organization_sink.py +20 -4
- pulumi_gcp/logging/outputs.py +196 -0
- pulumi_gcp/logging/project_bucket_config.py +59 -134
- pulumi_gcp/logging/project_exclusion.py +20 -4
- pulumi_gcp/logging/project_sink.py +95 -18
- pulumi_gcp/looker/instance.py +18 -2
- pulumi_gcp/memcache/instance.py +22 -10
- pulumi_gcp/ml/engine_model.py +22 -10
- pulumi_gcp/monitoring/_inputs.py +127 -13
- pulumi_gcp/monitoring/alert_policy.py +64 -2
- pulumi_gcp/monitoring/custom_service.py +18 -2
- pulumi_gcp/monitoring/dashboard.py +18 -2
- pulumi_gcp/monitoring/generic_service.py +18 -2
- pulumi_gcp/monitoring/group.py +18 -2
- pulumi_gcp/monitoring/metric_descriptor.py +18 -2
- pulumi_gcp/monitoring/monitored_project.py +18 -2
- pulumi_gcp/monitoring/notification_channel.py +18 -2
- pulumi_gcp/monitoring/outputs.py +158 -13
- pulumi_gcp/monitoring/slo.py +18 -2
- pulumi_gcp/monitoring/uptime_check_config.py +92 -9
- pulumi_gcp/networkconnectivity/__init__.py +1 -0
- pulumi_gcp/networkconnectivity/_inputs.py +185 -0
- pulumi_gcp/networkconnectivity/hub.py +22 -10
- pulumi_gcp/networkconnectivity/outputs.py +189 -0
- pulumi_gcp/networkconnectivity/policy_based_route.py +1003 -0
- pulumi_gcp/networkconnectivity/service_connection_policy.py +22 -10
- pulumi_gcp/networkconnectivity/spoke.py +22 -10
- pulumi_gcp/networkmanagement/connectivity_test.py +22 -10
- pulumi_gcp/networksecurity/address_group.py +22 -10
- pulumi_gcp/networksecurity/authorization_policy.py +22 -10
- pulumi_gcp/networksecurity/client_tls_policy.py +22 -10
- pulumi_gcp/networksecurity/gateway_security_policy.py +18 -2
- pulumi_gcp/networksecurity/gateway_security_policy_rule.py +18 -2
- pulumi_gcp/networksecurity/server_tls_policy.py +92 -10
- pulumi_gcp/networksecurity/tls_inspection_policy.py +18 -2
- pulumi_gcp/networksecurity/url_list.py +18 -2
- pulumi_gcp/networkservices/edge_cache_keyset.py +22 -10
- pulumi_gcp/networkservices/edge_cache_origin.py +22 -10
- pulumi_gcp/networkservices/edge_cache_service.py +22 -10
- pulumi_gcp/networkservices/endpoint_policy.py +22 -10
- pulumi_gcp/networkservices/gateway.py +22 -10
- pulumi_gcp/networkservices/grpc_route.py +22 -10
- pulumi_gcp/networkservices/http_route.py +22 -10
- pulumi_gcp/networkservices/mesh.py +22 -10
- pulumi_gcp/networkservices/service_binding.py +22 -10
- pulumi_gcp/networkservices/tcp_route.py +22 -10
- pulumi_gcp/networkservices/tls_route.py +18 -2
- pulumi_gcp/notebooks/environment.py +18 -2
- pulumi_gcp/notebooks/instance.py +22 -10
- pulumi_gcp/notebooks/location.py +18 -2
- pulumi_gcp/notebooks/runtime.py +18 -2
- pulumi_gcp/organizations/access_approval_settings.py +18 -2
- pulumi_gcp/organizations/folder.py +22 -6
- pulumi_gcp/organizations/iam_member.py +10 -58
- pulumi_gcp/organizations/iam_policy.py +10 -58
- pulumi_gcp/organizations/policy.py +22 -4
- pulumi_gcp/organizations/project.py +24 -12
- pulumi_gcp/orgpolicy/custom_constraint.py +50 -22
- pulumi_gcp/orgpolicy/policy.py +18 -2
- pulumi_gcp/osconfig/guest_policies.py +18 -2
- pulumi_gcp/osconfig/os_policy_assignment.py +18 -2
- pulumi_gcp/osconfig/patch_deployment.py +18 -2
- pulumi_gcp/oslogin/ssh_public_key.py +18 -2
- pulumi_gcp/projects/access_approval_settings.py +18 -2
- pulumi_gcp/projects/api_key.py +18 -2
- pulumi_gcp/projects/iam_audit_config.py +10 -58
- pulumi_gcp/projects/iam_binding.py +10 -58
- pulumi_gcp/projects/iam_custom_role.py +18 -2
- pulumi_gcp/projects/iam_member.py +10 -58
- pulumi_gcp/projects/iam_policy.py +10 -58
- pulumi_gcp/projects/organization_policy.py +24 -8
- pulumi_gcp/projects/service.py +22 -4
- pulumi_gcp/projects/usage_export_bucket.py +20 -4
- pulumi_gcp/provider.py +60 -0
- pulumi_gcp/pubsub/__init__.py +4 -0
- pulumi_gcp/pubsub/_inputs.py +80 -0
- pulumi_gcp/pubsub/get_schema_iam_policy.py +147 -0
- pulumi_gcp/pubsub/lite_reservation.py +18 -2
- pulumi_gcp/pubsub/lite_subscription.py +18 -2
- pulumi_gcp/pubsub/lite_topic.py +18 -2
- pulumi_gcp/pubsub/outputs.py +56 -0
- pulumi_gcp/pubsub/schema.py +18 -2
- pulumi_gcp/pubsub/schema_iam_binding.py +601 -0
- pulumi_gcp/pubsub/schema_iam_member.py +601 -0
- pulumi_gcp/pubsub/schema_iam_policy.py +523 -0
- pulumi_gcp/pubsub/subscription.py +22 -10
- pulumi_gcp/pubsub/subscription_iam_binding.py +12 -20
- pulumi_gcp/pubsub/subscription_iam_member.py +12 -20
- pulumi_gcp/pubsub/subscription_iam_policy.py +12 -20
- pulumi_gcp/pubsub/topic.py +36 -17
- pulumi_gcp/recaptcha/enterprise_key.py +22 -10
- pulumi_gcp/redis/cluster.py +42 -18
- pulumi_gcp/redis/instance.py +22 -58
- pulumi_gcp/resourcemanager/lien.py +18 -2
- pulumi_gcp/runtimeconfig/config.py +26 -6
- pulumi_gcp/runtimeconfig/variable.py +26 -6
- pulumi_gcp/secretmanager/__init__.py +1 -0
- pulumi_gcp/secretmanager/get_secrets.py +133 -0
- pulumi_gcp/secretmanager/outputs.py +354 -0
- pulumi_gcp/secretmanager/secret.py +36 -10
- pulumi_gcp/secretmanager/secret_version.py +18 -2
- pulumi_gcp/securitycenter/folder_custom_module.py +18 -2
- pulumi_gcp/securitycenter/instance_iam_binding.py +18 -2
- pulumi_gcp/securitycenter/instance_iam_member.py +18 -2
- pulumi_gcp/securitycenter/instance_iam_policy.py +18 -2
- pulumi_gcp/securitycenter/mute_config.py +18 -2
- pulumi_gcp/securitycenter/notification_config.py +18 -2
- pulumi_gcp/securitycenter/organization_custom_module.py +18 -2
- pulumi_gcp/securitycenter/project_custom_module.py +18 -2
- pulumi_gcp/securitycenter/source.py +18 -2
- pulumi_gcp/securitycenter/source_iam_binding.py +18 -2
- pulumi_gcp/securitycenter/source_iam_member.py +18 -2
- pulumi_gcp/securitycenter/source_iam_policy.py +18 -2
- pulumi_gcp/serviceaccount/account.py +20 -4
- pulumi_gcp/serviceaccount/iam_binding.py +2 -30
- pulumi_gcp/serviceaccount/iam_member.py +2 -30
- pulumi_gcp/serviceaccount/iam_policy.py +2 -30
- pulumi_gcp/servicedirectory/endpoint.py +18 -2
- pulumi_gcp/servicedirectory/namespace.py +22 -10
- pulumi_gcp/servicedirectory/service.py +18 -2
- pulumi_gcp/servicenetworking/connection.py +22 -6
- pulumi_gcp/servicenetworking/peered_dns_domain.py +18 -6
- pulumi_gcp/serviceusage/consumer_quota_override.py +18 -2
- pulumi_gcp/sourcerepo/repository.py +18 -2
- pulumi_gcp/spanner/_inputs.py +142 -0
- pulumi_gcp/spanner/database.py +18 -2
- pulumi_gcp/spanner/database_iam_binding.py +10 -26
- pulumi_gcp/spanner/database_iam_member.py +10 -26
- pulumi_gcp/spanner/database_iam_policy.py +10 -26
- pulumi_gcp/spanner/get_instance.py +12 -1
- pulumi_gcp/spanner/instance.py +99 -10
- pulumi_gcp/spanner/instance_iam_binding.py +10 -26
- pulumi_gcp/spanner/instance_iam_member.py +10 -26
- pulumi_gcp/spanner/instance_iam_policy.py +10 -26
- pulumi_gcp/spanner/outputs.py +236 -0
- pulumi_gcp/sql/_inputs.py +27 -7
- pulumi_gcp/sql/database.py +18 -2
- pulumi_gcp/sql/database_instance.py +24 -8
- pulumi_gcp/sql/outputs.py +41 -9
- pulumi_gcp/sql/source_representation_instance.py +25 -9
- pulumi_gcp/sql/user.py +38 -8
- pulumi_gcp/storage/_inputs.py +59 -1
- pulumi_gcp/storage/bucket.py +69 -6
- pulumi_gcp/storage/bucket_access_control.py +18 -2
- pulumi_gcp/storage/bucket_object.py +47 -0
- pulumi_gcp/storage/default_object_access_control.py +18 -2
- pulumi_gcp/storage/get_bucket.py +11 -1
- pulumi_gcp/storage/get_bucket_object.py +11 -1
- pulumi_gcp/storage/get_bucket_object_content.py +11 -1
- pulumi_gcp/storage/hmac_key.py +18 -2
- pulumi_gcp/storage/insights_report_config.py +18 -2
- pulumi_gcp/storage/notification.py +20 -4
- pulumi_gcp/storage/object_access_control.py +18 -2
- pulumi_gcp/storage/outputs.py +129 -2
- pulumi_gcp/storage/transfer_agent_pool.py +18 -2
- pulumi_gcp/storage/transfer_job.py +20 -4
- pulumi_gcp/tags/location_tag_binding.py +35 -19
- pulumi_gcp/tags/tag_binding.py +18 -2
- pulumi_gcp/tags/tag_key.py +18 -2
- pulumi_gcp/tags/tag_value.py +18 -2
- pulumi_gcp/tpu/_inputs.py +450 -0
- pulumi_gcp/tpu/node.py +22 -10
- pulumi_gcp/tpu/outputs.py +477 -0
- pulumi_gcp/tpu/v2_vm.py +906 -38
- pulumi_gcp/vertex/_inputs.py +39 -0
- pulumi_gcp/vertex/ai_dataset.py +4 -8
- pulumi_gcp/vertex/ai_endpoint.py +22 -10
- pulumi_gcp/vertex/ai_feature_store.py +22 -10
- pulumi_gcp/vertex/ai_feature_store_entity_type.py +22 -10
- pulumi_gcp/vertex/ai_feature_store_entity_type_feature.py +22 -10
- pulumi_gcp/vertex/ai_index.py +22 -10
- pulumi_gcp/vertex/ai_index_endpoint.py +116 -10
- pulumi_gcp/vertex/ai_metadata_store.py +18 -2
- pulumi_gcp/vertex/ai_tensorboard.py +22 -10
- pulumi_gcp/vertex/outputs.py +50 -0
- pulumi_gcp/vmwareengine/cluster.py +18 -2
- pulumi_gcp/vmwareengine/network.py +18 -2
- pulumi_gcp/vmwareengine/private_cloud.py +18 -2
- pulumi_gcp/vpcaccess/connector.py +18 -2
- pulumi_gcp/workflows/workflow.py +159 -11
- pulumi_gcp/workstations/_inputs.py +23 -0
- pulumi_gcp/workstations/outputs.py +19 -0
- pulumi_gcp/workstations/workstation.py +22 -10
- pulumi_gcp/workstations/workstation_cluster.py +142 -10
- pulumi_gcp/workstations/workstation_config.py +24 -12
- {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/METADATA +1 -1
- {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/RECORD +678 -650
- {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/WHEEL +0 -0
- {pulumi_gcp-7.0.0rc0.dist-info → pulumi_gcp-7.1.0.dist-info}/top_level.txt +0 -0
@@ -16,19 +16,22 @@ __all__ = ['WorkloadArgs', 'Workload']
|
|
16
16
|
@pulumi.input_type
|
17
17
|
class WorkloadArgs:
|
18
18
|
def __init__(__self__, *,
|
19
|
-
billing_account: pulumi.Input[str],
|
20
19
|
compliance_regime: pulumi.Input[str],
|
21
20
|
display_name: pulumi.Input[str],
|
22
21
|
location: pulumi.Input[str],
|
23
22
|
organization: pulumi.Input[str],
|
23
|
+
billing_account: Optional[pulumi.Input[str]] = None,
|
24
|
+
enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
|
24
25
|
kms_settings: Optional[pulumi.Input['WorkloadKmsSettingsArgs']] = None,
|
25
26
|
labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
27
|
+
partner: Optional[pulumi.Input[str]] = None,
|
28
|
+
partner_permissions: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']] = None,
|
26
29
|
provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
|
27
|
-
resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]] = None
|
30
|
+
resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]] = None,
|
31
|
+
violation_notifications_enabled: Optional[pulumi.Input[bool]] = None):
|
28
32
|
"""
|
29
33
|
The set of arguments for constructing a Workload resource.
|
30
|
-
:param pulumi.Input[str]
|
31
|
-
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
34
|
+
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
32
35
|
:param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
|
33
36
|
:param pulumi.Input[str] location: The location for the resource
|
34
37
|
:param pulumi.Input[str] organization: The organization for the resource
|
@@ -36,45 +39,47 @@ class WorkloadArgs:
|
|
36
39
|
|
37
40
|
|
38
41
|
- - -
|
39
|
-
:param pulumi.Input[
|
42
|
+
:param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
43
|
+
:param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
44
|
+
:param pulumi.Input['WorkloadKmsSettingsArgs'] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
40
45
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
|
41
46
|
|
42
47
|
**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
|
43
48
|
Please refer to the field `effective_labels` for all of the labels present on the resource.
|
44
|
-
:param pulumi.Input[str]
|
49
|
+
:param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
50
|
+
:param pulumi.Input['WorkloadPartnerPermissionsArgs'] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
|
51
|
+
:param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
45
52
|
:param pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
|
53
|
+
:param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
46
54
|
"""
|
47
|
-
pulumi.set(__self__, "billing_account", billing_account)
|
48
55
|
pulumi.set(__self__, "compliance_regime", compliance_regime)
|
49
56
|
pulumi.set(__self__, "display_name", display_name)
|
50
57
|
pulumi.set(__self__, "location", location)
|
51
58
|
pulumi.set(__self__, "organization", organization)
|
59
|
+
if billing_account is not None:
|
60
|
+
pulumi.set(__self__, "billing_account", billing_account)
|
61
|
+
if enable_sovereign_controls is not None:
|
62
|
+
pulumi.set(__self__, "enable_sovereign_controls", enable_sovereign_controls)
|
52
63
|
if kms_settings is not None:
|
53
64
|
pulumi.set(__self__, "kms_settings", kms_settings)
|
54
65
|
if labels is not None:
|
55
66
|
pulumi.set(__self__, "labels", labels)
|
67
|
+
if partner is not None:
|
68
|
+
pulumi.set(__self__, "partner", partner)
|
69
|
+
if partner_permissions is not None:
|
70
|
+
pulumi.set(__self__, "partner_permissions", partner_permissions)
|
56
71
|
if provisioned_resources_parent is not None:
|
57
72
|
pulumi.set(__self__, "provisioned_resources_parent", provisioned_resources_parent)
|
58
73
|
if resource_settings is not None:
|
59
74
|
pulumi.set(__self__, "resource_settings", resource_settings)
|
60
|
-
|
61
|
-
|
62
|
-
@pulumi.getter(name="billingAccount")
|
63
|
-
def billing_account(self) -> pulumi.Input[str]:
|
64
|
-
"""
|
65
|
-
Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, 'billingAccounts/012345-567890-ABCDEF`.
|
66
|
-
"""
|
67
|
-
return pulumi.get(self, "billing_account")
|
68
|
-
|
69
|
-
@billing_account.setter
|
70
|
-
def billing_account(self, value: pulumi.Input[str]):
|
71
|
-
pulumi.set(self, "billing_account", value)
|
75
|
+
if violation_notifications_enabled is not None:
|
76
|
+
pulumi.set(__self__, "violation_notifications_enabled", violation_notifications_enabled)
|
72
77
|
|
73
78
|
@property
|
74
79
|
@pulumi.getter(name="complianceRegime")
|
75
80
|
def compliance_regime(self) -> pulumi.Input[str]:
|
76
81
|
"""
|
77
|
-
Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
82
|
+
Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
78
83
|
"""
|
79
84
|
return pulumi.get(self, "compliance_regime")
|
80
85
|
|
@@ -122,11 +127,35 @@ class WorkloadArgs:
|
|
122
127
|
def organization(self, value: pulumi.Input[str]):
|
123
128
|
pulumi.set(self, "organization", value)
|
124
129
|
|
130
|
+
@property
|
131
|
+
@pulumi.getter(name="billingAccount")
|
132
|
+
def billing_account(self) -> Optional[pulumi.Input[str]]:
|
133
|
+
"""
|
134
|
+
Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
135
|
+
"""
|
136
|
+
return pulumi.get(self, "billing_account")
|
137
|
+
|
138
|
+
@billing_account.setter
|
139
|
+
def billing_account(self, value: Optional[pulumi.Input[str]]):
|
140
|
+
pulumi.set(self, "billing_account", value)
|
141
|
+
|
142
|
+
@property
|
143
|
+
@pulumi.getter(name="enableSovereignControls")
|
144
|
+
def enable_sovereign_controls(self) -> Optional[pulumi.Input[bool]]:
|
145
|
+
"""
|
146
|
+
Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
147
|
+
"""
|
148
|
+
return pulumi.get(self, "enable_sovereign_controls")
|
149
|
+
|
150
|
+
@enable_sovereign_controls.setter
|
151
|
+
def enable_sovereign_controls(self, value: Optional[pulumi.Input[bool]]):
|
152
|
+
pulumi.set(self, "enable_sovereign_controls", value)
|
153
|
+
|
125
154
|
@property
|
126
155
|
@pulumi.getter(name="kmsSettings")
|
127
156
|
def kms_settings(self) -> Optional[pulumi.Input['WorkloadKmsSettingsArgs']]:
|
128
157
|
"""
|
129
|
-
Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is
|
158
|
+
**DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
130
159
|
"""
|
131
160
|
return pulumi.get(self, "kms_settings")
|
132
161
|
|
@@ -149,11 +178,35 @@ class WorkloadArgs:
|
|
149
178
|
def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]):
|
150
179
|
pulumi.set(self, "labels", value)
|
151
180
|
|
181
|
+
@property
|
182
|
+
@pulumi.getter
|
183
|
+
def partner(self) -> Optional[pulumi.Input[str]]:
|
184
|
+
"""
|
185
|
+
Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
186
|
+
"""
|
187
|
+
return pulumi.get(self, "partner")
|
188
|
+
|
189
|
+
@partner.setter
|
190
|
+
def partner(self, value: Optional[pulumi.Input[str]]):
|
191
|
+
pulumi.set(self, "partner", value)
|
192
|
+
|
193
|
+
@property
|
194
|
+
@pulumi.getter(name="partnerPermissions")
|
195
|
+
def partner_permissions(self) -> Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]:
|
196
|
+
"""
|
197
|
+
Optional. Permissions granted to the AW Partner SA account for the customer workload
|
198
|
+
"""
|
199
|
+
return pulumi.get(self, "partner_permissions")
|
200
|
+
|
201
|
+
@partner_permissions.setter
|
202
|
+
def partner_permissions(self, value: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]):
|
203
|
+
pulumi.set(self, "partner_permissions", value)
|
204
|
+
|
152
205
|
@property
|
153
206
|
@pulumi.getter(name="provisionedResourcesParent")
|
154
207
|
def provisioned_resources_parent(self) -> Optional[pulumi.Input[str]]:
|
155
208
|
"""
|
156
|
-
Input only. The parent resource for the resources managed by this Assured Workload. May be either
|
209
|
+
Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
157
210
|
"""
|
158
211
|
return pulumi.get(self, "provisioned_resources_parent")
|
159
212
|
|
@@ -173,33 +226,58 @@ class WorkloadArgs:
|
|
173
226
|
def resource_settings(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]]):
|
174
227
|
pulumi.set(self, "resource_settings", value)
|
175
228
|
|
229
|
+
@property
|
230
|
+
@pulumi.getter(name="violationNotificationsEnabled")
|
231
|
+
def violation_notifications_enabled(self) -> Optional[pulumi.Input[bool]]:
|
232
|
+
"""
|
233
|
+
Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
234
|
+
"""
|
235
|
+
return pulumi.get(self, "violation_notifications_enabled")
|
236
|
+
|
237
|
+
@violation_notifications_enabled.setter
|
238
|
+
def violation_notifications_enabled(self, value: Optional[pulumi.Input[bool]]):
|
239
|
+
pulumi.set(self, "violation_notifications_enabled", value)
|
240
|
+
|
176
241
|
|
177
242
|
@pulumi.input_type
|
178
243
|
class _WorkloadState:
|
179
244
|
def __init__(__self__, *,
|
180
245
|
billing_account: Optional[pulumi.Input[str]] = None,
|
181
246
|
compliance_regime: Optional[pulumi.Input[str]] = None,
|
247
|
+
compliance_statuses: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]]] = None,
|
248
|
+
compliant_but_disallowed_services: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
182
249
|
create_time: Optional[pulumi.Input[str]] = None,
|
183
250
|
display_name: Optional[pulumi.Input[str]] = None,
|
184
251
|
effective_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
|
252
|
+
ekm_provisioning_responses: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]]] = None,
|
253
|
+
enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
|
254
|
+
kaj_enrollment_state: Optional[pulumi.Input[str]] = None,
|
185
255
|
kms_settings: Optional[pulumi.Input['WorkloadKmsSettingsArgs']] = None,
|
186
256
|
labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
187
257
|
location: Optional[pulumi.Input[str]] = None,
|
188
258
|
name: Optional[pulumi.Input[str]] = None,
|
189
259
|
organization: Optional[pulumi.Input[str]] = None,
|
260
|
+
partner: Optional[pulumi.Input[str]] = None,
|
261
|
+
partner_permissions: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']] = None,
|
190
262
|
provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
|
191
263
|
pulumi_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
|
192
264
|
resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]]] = None,
|
193
|
-
resources: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]]] = None
|
265
|
+
resources: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]]] = None,
|
266
|
+
saa_enrollment_responses: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]]] = None,
|
267
|
+
violation_notifications_enabled: Optional[pulumi.Input[bool]] = None):
|
194
268
|
"""
|
195
269
|
Input properties used for looking up and filtering Workload resources.
|
196
|
-
:param pulumi.Input[str] billing_account:
|
197
|
-
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
270
|
+
:param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
271
|
+
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
272
|
+
:param pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]] compliance_statuses: Output only. Count of active Violations in the Workload.
|
273
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] compliant_but_disallowed_services: Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
|
198
274
|
:param pulumi.Input[str] create_time: Output only. Immutable. The Workload creation timestamp.
|
199
275
|
:param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
|
200
|
-
:param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through
|
201
|
-
|
202
|
-
:param pulumi.Input[
|
276
|
+
:param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
|
277
|
+
:param pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]] ekm_provisioning_responses: Optional. Represents the Ekm Provisioning State of the given workload.
|
278
|
+
:param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
279
|
+
:param pulumi.Input[str] kaj_enrollment_state: Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
|
280
|
+
:param pulumi.Input['WorkloadKmsSettingsArgs'] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
203
281
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
|
204
282
|
|
205
283
|
**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
|
@@ -211,21 +289,35 @@ class _WorkloadState:
|
|
211
289
|
|
212
290
|
|
213
291
|
- - -
|
214
|
-
:param pulumi.Input[str]
|
292
|
+
:param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
293
|
+
:param pulumi.Input['WorkloadPartnerPermissionsArgs'] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
|
294
|
+
:param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
215
295
|
:param pulumi.Input[Mapping[str, Any]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider.
|
216
296
|
:param pulumi.Input[Sequence[pulumi.Input['WorkloadResourceSettingArgs']]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
|
217
297
|
:param pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]] resources: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.
|
298
|
+
:param pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]] saa_enrollment_responses: Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
|
299
|
+
:param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
218
300
|
"""
|
219
301
|
if billing_account is not None:
|
220
302
|
pulumi.set(__self__, "billing_account", billing_account)
|
221
303
|
if compliance_regime is not None:
|
222
304
|
pulumi.set(__self__, "compliance_regime", compliance_regime)
|
305
|
+
if compliance_statuses is not None:
|
306
|
+
pulumi.set(__self__, "compliance_statuses", compliance_statuses)
|
307
|
+
if compliant_but_disallowed_services is not None:
|
308
|
+
pulumi.set(__self__, "compliant_but_disallowed_services", compliant_but_disallowed_services)
|
223
309
|
if create_time is not None:
|
224
310
|
pulumi.set(__self__, "create_time", create_time)
|
225
311
|
if display_name is not None:
|
226
312
|
pulumi.set(__self__, "display_name", display_name)
|
227
313
|
if effective_labels is not None:
|
228
314
|
pulumi.set(__self__, "effective_labels", effective_labels)
|
315
|
+
if ekm_provisioning_responses is not None:
|
316
|
+
pulumi.set(__self__, "ekm_provisioning_responses", ekm_provisioning_responses)
|
317
|
+
if enable_sovereign_controls is not None:
|
318
|
+
pulumi.set(__self__, "enable_sovereign_controls", enable_sovereign_controls)
|
319
|
+
if kaj_enrollment_state is not None:
|
320
|
+
pulumi.set(__self__, "kaj_enrollment_state", kaj_enrollment_state)
|
229
321
|
if kms_settings is not None:
|
230
322
|
pulumi.set(__self__, "kms_settings", kms_settings)
|
231
323
|
if labels is not None:
|
@@ -236,6 +328,10 @@ class _WorkloadState:
|
|
236
328
|
pulumi.set(__self__, "name", name)
|
237
329
|
if organization is not None:
|
238
330
|
pulumi.set(__self__, "organization", organization)
|
331
|
+
if partner is not None:
|
332
|
+
pulumi.set(__self__, "partner", partner)
|
333
|
+
if partner_permissions is not None:
|
334
|
+
pulumi.set(__self__, "partner_permissions", partner_permissions)
|
239
335
|
if provisioned_resources_parent is not None:
|
240
336
|
pulumi.set(__self__, "provisioned_resources_parent", provisioned_resources_parent)
|
241
337
|
if pulumi_labels is not None:
|
@@ -244,12 +340,16 @@ class _WorkloadState:
|
|
244
340
|
pulumi.set(__self__, "resource_settings", resource_settings)
|
245
341
|
if resources is not None:
|
246
342
|
pulumi.set(__self__, "resources", resources)
|
343
|
+
if saa_enrollment_responses is not None:
|
344
|
+
pulumi.set(__self__, "saa_enrollment_responses", saa_enrollment_responses)
|
345
|
+
if violation_notifications_enabled is not None:
|
346
|
+
pulumi.set(__self__, "violation_notifications_enabled", violation_notifications_enabled)
|
247
347
|
|
248
348
|
@property
|
249
349
|
@pulumi.getter(name="billingAccount")
|
250
350
|
def billing_account(self) -> Optional[pulumi.Input[str]]:
|
251
351
|
"""
|
252
|
-
|
352
|
+
Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
253
353
|
"""
|
254
354
|
return pulumi.get(self, "billing_account")
|
255
355
|
|
@@ -261,7 +361,7 @@ class _WorkloadState:
|
|
261
361
|
@pulumi.getter(name="complianceRegime")
|
262
362
|
def compliance_regime(self) -> Optional[pulumi.Input[str]]:
|
263
363
|
"""
|
264
|
-
Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
364
|
+
Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
265
365
|
"""
|
266
366
|
return pulumi.get(self, "compliance_regime")
|
267
367
|
|
@@ -269,6 +369,30 @@ class _WorkloadState:
|
|
269
369
|
def compliance_regime(self, value: Optional[pulumi.Input[str]]):
|
270
370
|
pulumi.set(self, "compliance_regime", value)
|
271
371
|
|
372
|
+
@property
|
373
|
+
@pulumi.getter(name="complianceStatuses")
|
374
|
+
def compliance_statuses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]]]:
|
375
|
+
"""
|
376
|
+
Output only. Count of active Violations in the Workload.
|
377
|
+
"""
|
378
|
+
return pulumi.get(self, "compliance_statuses")
|
379
|
+
|
380
|
+
@compliance_statuses.setter
|
381
|
+
def compliance_statuses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadComplianceStatusArgs']]]]):
|
382
|
+
pulumi.set(self, "compliance_statuses", value)
|
383
|
+
|
384
|
+
@property
|
385
|
+
@pulumi.getter(name="compliantButDisallowedServices")
|
386
|
+
def compliant_but_disallowed_services(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
|
387
|
+
"""
|
388
|
+
Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
|
389
|
+
"""
|
390
|
+
return pulumi.get(self, "compliant_but_disallowed_services")
|
391
|
+
|
392
|
+
@compliant_but_disallowed_services.setter
|
393
|
+
def compliant_but_disallowed_services(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
|
394
|
+
pulumi.set(self, "compliant_but_disallowed_services", value)
|
395
|
+
|
272
396
|
@property
|
273
397
|
@pulumi.getter(name="createTime")
|
274
398
|
def create_time(self) -> Optional[pulumi.Input[str]]:
|
@@ -297,8 +421,7 @@ class _WorkloadState:
|
|
297
421
|
@pulumi.getter(name="effectiveLabels")
|
298
422
|
def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, Any]]]:
|
299
423
|
"""
|
300
|
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through
|
301
|
-
clients and services.
|
424
|
+
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
|
302
425
|
"""
|
303
426
|
return pulumi.get(self, "effective_labels")
|
304
427
|
|
@@ -306,11 +429,47 @@ class _WorkloadState:
|
|
306
429
|
def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, Any]]]):
|
307
430
|
pulumi.set(self, "effective_labels", value)
|
308
431
|
|
432
|
+
@property
|
433
|
+
@pulumi.getter(name="ekmProvisioningResponses")
|
434
|
+
def ekm_provisioning_responses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]]]:
|
435
|
+
"""
|
436
|
+
Optional. Represents the Ekm Provisioning State of the given workload.
|
437
|
+
"""
|
438
|
+
return pulumi.get(self, "ekm_provisioning_responses")
|
439
|
+
|
440
|
+
@ekm_provisioning_responses.setter
|
441
|
+
def ekm_provisioning_responses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadEkmProvisioningResponseArgs']]]]):
|
442
|
+
pulumi.set(self, "ekm_provisioning_responses", value)
|
443
|
+
|
444
|
+
@property
|
445
|
+
@pulumi.getter(name="enableSovereignControls")
|
446
|
+
def enable_sovereign_controls(self) -> Optional[pulumi.Input[bool]]:
|
447
|
+
"""
|
448
|
+
Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
449
|
+
"""
|
450
|
+
return pulumi.get(self, "enable_sovereign_controls")
|
451
|
+
|
452
|
+
@enable_sovereign_controls.setter
|
453
|
+
def enable_sovereign_controls(self, value: Optional[pulumi.Input[bool]]):
|
454
|
+
pulumi.set(self, "enable_sovereign_controls", value)
|
455
|
+
|
456
|
+
@property
|
457
|
+
@pulumi.getter(name="kajEnrollmentState")
|
458
|
+
def kaj_enrollment_state(self) -> Optional[pulumi.Input[str]]:
|
459
|
+
"""
|
460
|
+
Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
|
461
|
+
"""
|
462
|
+
return pulumi.get(self, "kaj_enrollment_state")
|
463
|
+
|
464
|
+
@kaj_enrollment_state.setter
|
465
|
+
def kaj_enrollment_state(self, value: Optional[pulumi.Input[str]]):
|
466
|
+
pulumi.set(self, "kaj_enrollment_state", value)
|
467
|
+
|
309
468
|
@property
|
310
469
|
@pulumi.getter(name="kmsSettings")
|
311
470
|
def kms_settings(self) -> Optional[pulumi.Input['WorkloadKmsSettingsArgs']]:
|
312
471
|
"""
|
313
|
-
Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is
|
472
|
+
**DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
314
473
|
"""
|
315
474
|
return pulumi.get(self, "kms_settings")
|
316
475
|
|
@@ -373,11 +532,35 @@ class _WorkloadState:
|
|
373
532
|
def organization(self, value: Optional[pulumi.Input[str]]):
|
374
533
|
pulumi.set(self, "organization", value)
|
375
534
|
|
535
|
+
@property
|
536
|
+
@pulumi.getter
|
537
|
+
def partner(self) -> Optional[pulumi.Input[str]]:
|
538
|
+
"""
|
539
|
+
Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
540
|
+
"""
|
541
|
+
return pulumi.get(self, "partner")
|
542
|
+
|
543
|
+
@partner.setter
|
544
|
+
def partner(self, value: Optional[pulumi.Input[str]]):
|
545
|
+
pulumi.set(self, "partner", value)
|
546
|
+
|
547
|
+
@property
|
548
|
+
@pulumi.getter(name="partnerPermissions")
|
549
|
+
def partner_permissions(self) -> Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]:
|
550
|
+
"""
|
551
|
+
Optional. Permissions granted to the AW Partner SA account for the customer workload
|
552
|
+
"""
|
553
|
+
return pulumi.get(self, "partner_permissions")
|
554
|
+
|
555
|
+
@partner_permissions.setter
|
556
|
+
def partner_permissions(self, value: Optional[pulumi.Input['WorkloadPartnerPermissionsArgs']]):
|
557
|
+
pulumi.set(self, "partner_permissions", value)
|
558
|
+
|
376
559
|
@property
|
377
560
|
@pulumi.getter(name="provisionedResourcesParent")
|
378
561
|
def provisioned_resources_parent(self) -> Optional[pulumi.Input[str]]:
|
379
562
|
"""
|
380
|
-
Input only. The parent resource for the resources managed by this Assured Workload. May be either
|
563
|
+
Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
381
564
|
"""
|
382
565
|
return pulumi.get(self, "provisioned_resources_parent")
|
383
566
|
|
@@ -421,6 +604,30 @@ class _WorkloadState:
|
|
421
604
|
def resources(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadResourceArgs']]]]):
|
422
605
|
pulumi.set(self, "resources", value)
|
423
606
|
|
607
|
+
@property
|
608
|
+
@pulumi.getter(name="saaEnrollmentResponses")
|
609
|
+
def saa_enrollment_responses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]]]:
|
610
|
+
"""
|
611
|
+
Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
|
612
|
+
"""
|
613
|
+
return pulumi.get(self, "saa_enrollment_responses")
|
614
|
+
|
615
|
+
@saa_enrollment_responses.setter
|
616
|
+
def saa_enrollment_responses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadSaaEnrollmentResponseArgs']]]]):
|
617
|
+
pulumi.set(self, "saa_enrollment_responses", value)
|
618
|
+
|
619
|
+
@property
|
620
|
+
@pulumi.getter(name="violationNotificationsEnabled")
|
621
|
+
def violation_notifications_enabled(self) -> Optional[pulumi.Input[bool]]:
|
622
|
+
"""
|
623
|
+
Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
624
|
+
"""
|
625
|
+
return pulumi.get(self, "violation_notifications_enabled")
|
626
|
+
|
627
|
+
@violation_notifications_enabled.setter
|
628
|
+
def violation_notifications_enabled(self, value: Optional[pulumi.Input[bool]]):
|
629
|
+
pulumi.set(self, "violation_notifications_enabled", value)
|
630
|
+
|
424
631
|
|
425
632
|
class Workload(pulumi.CustomResource):
|
426
633
|
@overload
|
@@ -430,12 +637,16 @@ class Workload(pulumi.CustomResource):
|
|
430
637
|
billing_account: Optional[pulumi.Input[str]] = None,
|
431
638
|
compliance_regime: Optional[pulumi.Input[str]] = None,
|
432
639
|
display_name: Optional[pulumi.Input[str]] = None,
|
640
|
+
enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
|
433
641
|
kms_settings: Optional[pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']]] = None,
|
434
642
|
labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
435
643
|
location: Optional[pulumi.Input[str]] = None,
|
436
644
|
organization: Optional[pulumi.Input[str]] = None,
|
645
|
+
partner: Optional[pulumi.Input[str]] = None,
|
646
|
+
partner_permissions: Optional[pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']]] = None,
|
437
647
|
provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
|
438
648
|
resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]]] = None,
|
649
|
+
violation_notifications_enabled: Optional[pulumi.Input[bool]] = None,
|
439
650
|
__props__=None):
|
440
651
|
"""
|
441
652
|
The AssuredWorkloads Workload resource
|
@@ -450,7 +661,7 @@ class Workload(pulumi.CustomResource):
|
|
450
661
|
primary = gcp.assuredworkloads.Workload("primary",
|
451
662
|
billing_account="billingAccounts/000000-0000000-0000000-000000",
|
452
663
|
compliance_regime="FEDRAMP_MODERATE",
|
453
|
-
display_name="
|
664
|
+
display_name="{{display}}",
|
454
665
|
kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
|
455
666
|
next_rotation_time="9999-10-02T15:01:23Z",
|
456
667
|
rotation_period="10368000s",
|
@@ -463,7 +674,39 @@ class Workload(pulumi.CustomResource):
|
|
463
674
|
provisioned_resources_parent="folders/519620126891",
|
464
675
|
resource_settings=[
|
465
676
|
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
466
|
-
|
677
|
+
display_name="folder-display-name",
|
678
|
+
resource_type="CONSUMER_FOLDER",
|
679
|
+
),
|
680
|
+
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
681
|
+
resource_type="ENCRYPTION_KEYS_PROJECT",
|
682
|
+
),
|
683
|
+
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
684
|
+
resource_id="ring",
|
685
|
+
resource_type="KEYRING",
|
686
|
+
),
|
687
|
+
],
|
688
|
+
violation_notifications_enabled=True)
|
689
|
+
```
|
690
|
+
### Sovereign_controls_workload
|
691
|
+
A Sovereign Controls test of the assuredworkloads api
|
692
|
+
```python
|
693
|
+
import pulumi
|
694
|
+
import pulumi_gcp as gcp
|
695
|
+
|
696
|
+
primary = gcp.assuredworkloads.Workload("primary",
|
697
|
+
compliance_regime="EU_REGIONS_AND_SUPPORT",
|
698
|
+
display_name="display",
|
699
|
+
location="europe-west9",
|
700
|
+
organization="123456789",
|
701
|
+
billing_account="billingAccounts/000000-0000000-0000000-000000",
|
702
|
+
enable_sovereign_controls=True,
|
703
|
+
kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
|
704
|
+
next_rotation_time="9999-10-02T15:01:23Z",
|
705
|
+
rotation_period="10368000s",
|
706
|
+
),
|
707
|
+
resource_settings=[
|
708
|
+
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
709
|
+
resource_type="CONSUMER_FOLDER",
|
467
710
|
),
|
468
711
|
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
469
712
|
resource_type="ENCRYPTION_KEYS_PROJECT",
|
@@ -472,12 +715,24 @@ class Workload(pulumi.CustomResource):
|
|
472
715
|
resource_id="ring",
|
473
716
|
resource_type="KEYRING",
|
474
717
|
),
|
475
|
-
]
|
718
|
+
],
|
719
|
+
labels={
|
720
|
+
"label-one": "value-one",
|
721
|
+
},
|
722
|
+
opts=pulumi.ResourceOptions(provider=google_beta))
|
476
723
|
```
|
477
724
|
|
478
725
|
## Import
|
479
726
|
|
480
|
-
Workload can be imported using any of these accepted formats
|
727
|
+
Workload can be imported using any of these accepted formats* `organizations/{{organization}}/locations/{{location}}/workloads/{{name}}` * `{{organization}}/{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Workload using one of the formats above. For exampletf import {
|
728
|
+
|
729
|
+
id = "organizations/{{organization}}/locations/{{location}}/workloads/{{name}}"
|
730
|
+
|
731
|
+
to = google_assured_workloads_workload.default }
|
732
|
+
|
733
|
+
```sh
|
734
|
+
$ pulumi import gcp:assuredworkloads/workload:Workload When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Workload can be imported using one of the formats above. For example
|
735
|
+
```
|
481
736
|
|
482
737
|
```sh
|
483
738
|
$ pulumi import gcp:assuredworkloads/workload:Workload default organizations/{{organization}}/locations/{{location}}/workloads/{{name}}
|
@@ -489,10 +744,11 @@ class Workload(pulumi.CustomResource):
|
|
489
744
|
|
490
745
|
:param str resource_name: The name of the resource.
|
491
746
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
492
|
-
:param pulumi.Input[str] billing_account:
|
493
|
-
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
747
|
+
:param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
748
|
+
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
494
749
|
:param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
|
495
|
-
:param pulumi.Input[
|
750
|
+
:param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
751
|
+
:param pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
496
752
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
|
497
753
|
|
498
754
|
**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
|
@@ -503,8 +759,11 @@ class Workload(pulumi.CustomResource):
|
|
503
759
|
|
504
760
|
|
505
761
|
- - -
|
506
|
-
:param pulumi.Input[str]
|
762
|
+
:param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
763
|
+
:param pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
|
764
|
+
:param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
507
765
|
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
|
766
|
+
:param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
508
767
|
"""
|
509
768
|
...
|
510
769
|
@overload
|
@@ -525,7 +784,7 @@ class Workload(pulumi.CustomResource):
|
|
525
784
|
primary = gcp.assuredworkloads.Workload("primary",
|
526
785
|
billing_account="billingAccounts/000000-0000000-0000000-000000",
|
527
786
|
compliance_regime="FEDRAMP_MODERATE",
|
528
|
-
display_name="
|
787
|
+
display_name="{{display}}",
|
529
788
|
kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
|
530
789
|
next_rotation_time="9999-10-02T15:01:23Z",
|
531
790
|
rotation_period="10368000s",
|
@@ -538,7 +797,39 @@ class Workload(pulumi.CustomResource):
|
|
538
797
|
provisioned_resources_parent="folders/519620126891",
|
539
798
|
resource_settings=[
|
540
799
|
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
541
|
-
|
800
|
+
display_name="folder-display-name",
|
801
|
+
resource_type="CONSUMER_FOLDER",
|
802
|
+
),
|
803
|
+
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
804
|
+
resource_type="ENCRYPTION_KEYS_PROJECT",
|
805
|
+
),
|
806
|
+
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
807
|
+
resource_id="ring",
|
808
|
+
resource_type="KEYRING",
|
809
|
+
),
|
810
|
+
],
|
811
|
+
violation_notifications_enabled=True)
|
812
|
+
```
|
813
|
+
### Sovereign_controls_workload
|
814
|
+
A Sovereign Controls test of the assuredworkloads api
|
815
|
+
```python
|
816
|
+
import pulumi
|
817
|
+
import pulumi_gcp as gcp
|
818
|
+
|
819
|
+
primary = gcp.assuredworkloads.Workload("primary",
|
820
|
+
compliance_regime="EU_REGIONS_AND_SUPPORT",
|
821
|
+
display_name="display",
|
822
|
+
location="europe-west9",
|
823
|
+
organization="123456789",
|
824
|
+
billing_account="billingAccounts/000000-0000000-0000000-000000",
|
825
|
+
enable_sovereign_controls=True,
|
826
|
+
kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
|
827
|
+
next_rotation_time="9999-10-02T15:01:23Z",
|
828
|
+
rotation_period="10368000s",
|
829
|
+
),
|
830
|
+
resource_settings=[
|
831
|
+
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
832
|
+
resource_type="CONSUMER_FOLDER",
|
542
833
|
),
|
543
834
|
gcp.assuredworkloads.WorkloadResourceSettingArgs(
|
544
835
|
resource_type="ENCRYPTION_KEYS_PROJECT",
|
@@ -547,12 +838,24 @@ class Workload(pulumi.CustomResource):
|
|
547
838
|
resource_id="ring",
|
548
839
|
resource_type="KEYRING",
|
549
840
|
),
|
550
|
-
]
|
841
|
+
],
|
842
|
+
labels={
|
843
|
+
"label-one": "value-one",
|
844
|
+
},
|
845
|
+
opts=pulumi.ResourceOptions(provider=google_beta))
|
551
846
|
```
|
552
847
|
|
553
848
|
## Import
|
554
849
|
|
555
|
-
Workload can be imported using any of these accepted formats
|
850
|
+
Workload can be imported using any of these accepted formats* `organizations/{{organization}}/locations/{{location}}/workloads/{{name}}` * `{{organization}}/{{location}}/{{name}}` In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Workload using one of the formats above. For exampletf import {
|
851
|
+
|
852
|
+
id = "organizations/{{organization}}/locations/{{location}}/workloads/{{name}}"
|
853
|
+
|
854
|
+
to = google_assured_workloads_workload.default }
|
855
|
+
|
856
|
+
```sh
|
857
|
+
$ pulumi import gcp:assuredworkloads/workload:Workload When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Workload can be imported using one of the formats above. For example
|
858
|
+
```
|
556
859
|
|
557
860
|
```sh
|
558
861
|
$ pulumi import gcp:assuredworkloads/workload:Workload default organizations/{{organization}}/locations/{{location}}/workloads/{{name}}
|
@@ -580,12 +883,16 @@ class Workload(pulumi.CustomResource):
|
|
580
883
|
billing_account: Optional[pulumi.Input[str]] = None,
|
581
884
|
compliance_regime: Optional[pulumi.Input[str]] = None,
|
582
885
|
display_name: Optional[pulumi.Input[str]] = None,
|
886
|
+
enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
|
583
887
|
kms_settings: Optional[pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']]] = None,
|
584
888
|
labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
585
889
|
location: Optional[pulumi.Input[str]] = None,
|
586
890
|
organization: Optional[pulumi.Input[str]] = None,
|
891
|
+
partner: Optional[pulumi.Input[str]] = None,
|
892
|
+
partner_permissions: Optional[pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']]] = None,
|
587
893
|
provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
|
588
894
|
resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]]] = None,
|
895
|
+
violation_notifications_enabled: Optional[pulumi.Input[bool]] = None,
|
589
896
|
__props__=None):
|
590
897
|
opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
|
591
898
|
if not isinstance(opts, pulumi.ResourceOptions):
|
@@ -595,8 +902,6 @@ class Workload(pulumi.CustomResource):
|
|
595
902
|
raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
|
596
903
|
__props__ = WorkloadArgs.__new__(WorkloadArgs)
|
597
904
|
|
598
|
-
if billing_account is None and not opts.urn:
|
599
|
-
raise TypeError("Missing required property 'billing_account'")
|
600
905
|
__props__.__dict__["billing_account"] = billing_account
|
601
906
|
if compliance_regime is None and not opts.urn:
|
602
907
|
raise TypeError("Missing required property 'compliance_regime'")
|
@@ -604,6 +909,7 @@ class Workload(pulumi.CustomResource):
|
|
604
909
|
if display_name is None and not opts.urn:
|
605
910
|
raise TypeError("Missing required property 'display_name'")
|
606
911
|
__props__.__dict__["display_name"] = display_name
|
912
|
+
__props__.__dict__["enable_sovereign_controls"] = enable_sovereign_controls
|
607
913
|
__props__.__dict__["kms_settings"] = kms_settings
|
608
914
|
__props__.__dict__["labels"] = labels
|
609
915
|
if location is None and not opts.urn:
|
@@ -612,13 +918,21 @@ class Workload(pulumi.CustomResource):
|
|
612
918
|
if organization is None and not opts.urn:
|
613
919
|
raise TypeError("Missing required property 'organization'")
|
614
920
|
__props__.__dict__["organization"] = organization
|
921
|
+
__props__.__dict__["partner"] = partner
|
922
|
+
__props__.__dict__["partner_permissions"] = partner_permissions
|
615
923
|
__props__.__dict__["provisioned_resources_parent"] = provisioned_resources_parent
|
616
924
|
__props__.__dict__["resource_settings"] = resource_settings
|
925
|
+
__props__.__dict__["violation_notifications_enabled"] = violation_notifications_enabled
|
926
|
+
__props__.__dict__["compliance_statuses"] = None
|
927
|
+
__props__.__dict__["compliant_but_disallowed_services"] = None
|
617
928
|
__props__.__dict__["create_time"] = None
|
618
929
|
__props__.__dict__["effective_labels"] = None
|
930
|
+
__props__.__dict__["ekm_provisioning_responses"] = None
|
931
|
+
__props__.__dict__["kaj_enrollment_state"] = None
|
619
932
|
__props__.__dict__["name"] = None
|
620
933
|
__props__.__dict__["pulumi_labels"] = None
|
621
934
|
__props__.__dict__["resources"] = None
|
935
|
+
__props__.__dict__["saa_enrollment_responses"] = None
|
622
936
|
secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"])
|
623
937
|
opts = pulumi.ResourceOptions.merge(opts, secret_opts)
|
624
938
|
super(Workload, __self__).__init__(
|
@@ -633,18 +947,27 @@ class Workload(pulumi.CustomResource):
|
|
633
947
|
opts: Optional[pulumi.ResourceOptions] = None,
|
634
948
|
billing_account: Optional[pulumi.Input[str]] = None,
|
635
949
|
compliance_regime: Optional[pulumi.Input[str]] = None,
|
950
|
+
compliance_statuses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadComplianceStatusArgs']]]]] = None,
|
951
|
+
compliant_but_disallowed_services: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
|
636
952
|
create_time: Optional[pulumi.Input[str]] = None,
|
637
953
|
display_name: Optional[pulumi.Input[str]] = None,
|
638
954
|
effective_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
|
955
|
+
ekm_provisioning_responses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadEkmProvisioningResponseArgs']]]]] = None,
|
956
|
+
enable_sovereign_controls: Optional[pulumi.Input[bool]] = None,
|
957
|
+
kaj_enrollment_state: Optional[pulumi.Input[str]] = None,
|
639
958
|
kms_settings: Optional[pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']]] = None,
|
640
959
|
labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
|
641
960
|
location: Optional[pulumi.Input[str]] = None,
|
642
961
|
name: Optional[pulumi.Input[str]] = None,
|
643
962
|
organization: Optional[pulumi.Input[str]] = None,
|
963
|
+
partner: Optional[pulumi.Input[str]] = None,
|
964
|
+
partner_permissions: Optional[pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']]] = None,
|
644
965
|
provisioned_resources_parent: Optional[pulumi.Input[str]] = None,
|
645
966
|
pulumi_labels: Optional[pulumi.Input[Mapping[str, Any]]] = None,
|
646
967
|
resource_settings: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]]] = None,
|
647
|
-
resources: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceArgs']]]]] = None
|
968
|
+
resources: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceArgs']]]]] = None,
|
969
|
+
saa_enrollment_responses: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadSaaEnrollmentResponseArgs']]]]] = None,
|
970
|
+
violation_notifications_enabled: Optional[pulumi.Input[bool]] = None) -> 'Workload':
|
648
971
|
"""
|
649
972
|
Get an existing Workload resource's state with the given name, id, and optional extra
|
650
973
|
properties used to qualify the lookup.
|
@@ -652,13 +975,17 @@ class Workload(pulumi.CustomResource):
|
|
652
975
|
:param str resource_name: The unique name of the resulting resource.
|
653
976
|
:param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
|
654
977
|
:param pulumi.ResourceOptions opts: Options for the resource.
|
655
|
-
:param pulumi.Input[str] billing_account:
|
656
|
-
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
978
|
+
:param pulumi.Input[str] billing_account: Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
979
|
+
:param pulumi.Input[str] compliance_regime: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
980
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadComplianceStatusArgs']]]] compliance_statuses: Output only. Count of active Violations in the Workload.
|
981
|
+
:param pulumi.Input[Sequence[pulumi.Input[str]]] compliant_but_disallowed_services: Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
|
657
982
|
:param pulumi.Input[str] create_time: Output only. Immutable. The Workload creation timestamp.
|
658
983
|
:param pulumi.Input[str] display_name: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
|
659
|
-
:param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through
|
660
|
-
|
661
|
-
:param pulumi.Input[
|
984
|
+
:param pulumi.Input[Mapping[str, Any]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
|
985
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadEkmProvisioningResponseArgs']]]] ekm_provisioning_responses: Optional. Represents the Ekm Provisioning State of the given workload.
|
986
|
+
:param pulumi.Input[bool] enable_sovereign_controls: Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
987
|
+
:param pulumi.Input[str] kaj_enrollment_state: Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
|
988
|
+
:param pulumi.Input[pulumi.InputType['WorkloadKmsSettingsArgs']] kms_settings: **DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
662
989
|
:param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Optional. Labels applied to the workload.
|
663
990
|
|
664
991
|
**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
|
@@ -670,10 +997,14 @@ class Workload(pulumi.CustomResource):
|
|
670
997
|
|
671
998
|
|
672
999
|
- - -
|
673
|
-
:param pulumi.Input[str]
|
1000
|
+
:param pulumi.Input[str] partner: Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
1001
|
+
:param pulumi.Input[pulumi.InputType['WorkloadPartnerPermissionsArgs']] partner_permissions: Optional. Permissions granted to the AW Partner SA account for the customer workload
|
1002
|
+
:param pulumi.Input[str] provisioned_resources_parent: Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
674
1003
|
:param pulumi.Input[Mapping[str, Any]] pulumi_labels: The combination of labels configured directly on the resource and default labels configured on the provider.
|
675
1004
|
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceSettingArgs']]]] resource_settings: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
|
676
1005
|
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadResourceArgs']]]] resources: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.
|
1006
|
+
:param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WorkloadSaaEnrollmentResponseArgs']]]] saa_enrollment_responses: Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
|
1007
|
+
:param pulumi.Input[bool] violation_notifications_enabled: Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
677
1008
|
"""
|
678
1009
|
opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
|
679
1010
|
|
@@ -681,25 +1012,34 @@ class Workload(pulumi.CustomResource):
|
|
681
1012
|
|
682
1013
|
__props__.__dict__["billing_account"] = billing_account
|
683
1014
|
__props__.__dict__["compliance_regime"] = compliance_regime
|
1015
|
+
__props__.__dict__["compliance_statuses"] = compliance_statuses
|
1016
|
+
__props__.__dict__["compliant_but_disallowed_services"] = compliant_but_disallowed_services
|
684
1017
|
__props__.__dict__["create_time"] = create_time
|
685
1018
|
__props__.__dict__["display_name"] = display_name
|
686
1019
|
__props__.__dict__["effective_labels"] = effective_labels
|
1020
|
+
__props__.__dict__["ekm_provisioning_responses"] = ekm_provisioning_responses
|
1021
|
+
__props__.__dict__["enable_sovereign_controls"] = enable_sovereign_controls
|
1022
|
+
__props__.__dict__["kaj_enrollment_state"] = kaj_enrollment_state
|
687
1023
|
__props__.__dict__["kms_settings"] = kms_settings
|
688
1024
|
__props__.__dict__["labels"] = labels
|
689
1025
|
__props__.__dict__["location"] = location
|
690
1026
|
__props__.__dict__["name"] = name
|
691
1027
|
__props__.__dict__["organization"] = organization
|
1028
|
+
__props__.__dict__["partner"] = partner
|
1029
|
+
__props__.__dict__["partner_permissions"] = partner_permissions
|
692
1030
|
__props__.__dict__["provisioned_resources_parent"] = provisioned_resources_parent
|
693
1031
|
__props__.__dict__["pulumi_labels"] = pulumi_labels
|
694
1032
|
__props__.__dict__["resource_settings"] = resource_settings
|
695
1033
|
__props__.__dict__["resources"] = resources
|
1034
|
+
__props__.__dict__["saa_enrollment_responses"] = saa_enrollment_responses
|
1035
|
+
__props__.__dict__["violation_notifications_enabled"] = violation_notifications_enabled
|
696
1036
|
return Workload(resource_name, opts=opts, __props__=__props__)
|
697
1037
|
|
698
1038
|
@property
|
699
1039
|
@pulumi.getter(name="billingAccount")
|
700
|
-
def billing_account(self) -> pulumi.Output[str]:
|
1040
|
+
def billing_account(self) -> pulumi.Output[Optional[str]]:
|
701
1041
|
"""
|
702
|
-
|
1042
|
+
Optional. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form `billingAccounts/{billing_account_id}`. For example, `billingAccounts/012345-567890-ABCDEF`.
|
703
1043
|
"""
|
704
1044
|
return pulumi.get(self, "billing_account")
|
705
1045
|
|
@@ -707,10 +1047,26 @@ class Workload(pulumi.CustomResource):
|
|
707
1047
|
@pulumi.getter(name="complianceRegime")
|
708
1048
|
def compliance_regime(self) -> pulumi.Output[str]:
|
709
1049
|
"""
|
710
|
-
Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS
|
1050
|
+
Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS, HIPAA, HITRUST, EU_REGIONS_AND_SUPPORT, CA_REGIONS_AND_SUPPORT, ITAR, AU_REGIONS_AND_US_SUPPORT, ASSURED_WORKLOADS_FOR_PARTNERS, ISR_REGIONS, ISR_REGIONS_AND_SUPPORT, CA_PROTECTED_B, IL5, IL2, JP_REGIONS_AND_SUPPORT
|
711
1051
|
"""
|
712
1052
|
return pulumi.get(self, "compliance_regime")
|
713
1053
|
|
1054
|
+
@property
|
1055
|
+
@pulumi.getter(name="complianceStatuses")
|
1056
|
+
def compliance_statuses(self) -> pulumi.Output[Sequence['outputs.WorkloadComplianceStatus']]:
|
1057
|
+
"""
|
1058
|
+
Output only. Count of active Violations in the Workload.
|
1059
|
+
"""
|
1060
|
+
return pulumi.get(self, "compliance_statuses")
|
1061
|
+
|
1062
|
+
@property
|
1063
|
+
@pulumi.getter(name="compliantButDisallowedServices")
|
1064
|
+
def compliant_but_disallowed_services(self) -> pulumi.Output[Sequence[str]]:
|
1065
|
+
"""
|
1066
|
+
Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke workloads.restrictAllowedResources endpoint to allow your project developers to use these services in their environment.
|
1067
|
+
"""
|
1068
|
+
return pulumi.get(self, "compliant_but_disallowed_services")
|
1069
|
+
|
714
1070
|
@property
|
715
1071
|
@pulumi.getter(name="createTime")
|
716
1072
|
def create_time(self) -> pulumi.Output[str]:
|
@@ -731,16 +1087,39 @@ class Workload(pulumi.CustomResource):
|
|
731
1087
|
@pulumi.getter(name="effectiveLabels")
|
732
1088
|
def effective_labels(self) -> pulumi.Output[Mapping[str, Any]]:
|
733
1089
|
"""
|
734
|
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through
|
735
|
-
clients and services.
|
1090
|
+
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
|
736
1091
|
"""
|
737
1092
|
return pulumi.get(self, "effective_labels")
|
738
1093
|
|
1094
|
+
@property
|
1095
|
+
@pulumi.getter(name="ekmProvisioningResponses")
|
1096
|
+
def ekm_provisioning_responses(self) -> pulumi.Output[Sequence['outputs.WorkloadEkmProvisioningResponse']]:
|
1097
|
+
"""
|
1098
|
+
Optional. Represents the Ekm Provisioning State of the given workload.
|
1099
|
+
"""
|
1100
|
+
return pulumi.get(self, "ekm_provisioning_responses")
|
1101
|
+
|
1102
|
+
@property
|
1103
|
+
@pulumi.getter(name="enableSovereignControls")
|
1104
|
+
def enable_sovereign_controls(self) -> pulumi.Output[bool]:
|
1105
|
+
"""
|
1106
|
+
Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.
|
1107
|
+
"""
|
1108
|
+
return pulumi.get(self, "enable_sovereign_controls")
|
1109
|
+
|
1110
|
+
@property
|
1111
|
+
@pulumi.getter(name="kajEnrollmentState")
|
1112
|
+
def kaj_enrollment_state(self) -> pulumi.Output[str]:
|
1113
|
+
"""
|
1114
|
+
Output only. Represents the KAJ enrollment state of the given workload. Possible values: KAJ_ENROLLMENT_STATE_UNSPECIFIED, KAJ_ENROLLMENT_STATE_PENDING, KAJ_ENROLLMENT_STATE_COMPLETE
|
1115
|
+
"""
|
1116
|
+
return pulumi.get(self, "kaj_enrollment_state")
|
1117
|
+
|
739
1118
|
@property
|
740
1119
|
@pulumi.getter(name="kmsSettings")
|
741
1120
|
def kms_settings(self) -> pulumi.Output[Optional['outputs.WorkloadKmsSettings']]:
|
742
1121
|
"""
|
743
|
-
Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is
|
1122
|
+
**DEPRECATED** Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
744
1123
|
"""
|
745
1124
|
return pulumi.get(self, "kms_settings")
|
746
1125
|
|
@@ -783,11 +1162,27 @@ class Workload(pulumi.CustomResource):
|
|
783
1162
|
"""
|
784
1163
|
return pulumi.get(self, "organization")
|
785
1164
|
|
1165
|
+
@property
|
1166
|
+
@pulumi.getter
|
1167
|
+
def partner(self) -> pulumi.Output[Optional[str]]:
|
1168
|
+
"""
|
1169
|
+
Optional. Partner regime associated with this workload. Possible values: PARTNER_UNSPECIFIED, LOCAL_CONTROLS_BY_S3NS, SOVEREIGN_CONTROLS_BY_T_SYSTEMS, SOVEREIGN_CONTROLS_BY_SIA_MINSAIT, SOVEREIGN_CONTROLS_BY_PSN
|
1170
|
+
"""
|
1171
|
+
return pulumi.get(self, "partner")
|
1172
|
+
|
1173
|
+
@property
|
1174
|
+
@pulumi.getter(name="partnerPermissions")
|
1175
|
+
def partner_permissions(self) -> pulumi.Output[Optional['outputs.WorkloadPartnerPermissions']]:
|
1176
|
+
"""
|
1177
|
+
Optional. Permissions granted to the AW Partner SA account for the customer workload
|
1178
|
+
"""
|
1179
|
+
return pulumi.get(self, "partner_permissions")
|
1180
|
+
|
786
1181
|
@property
|
787
1182
|
@pulumi.getter(name="provisionedResourcesParent")
|
788
1183
|
def provisioned_resources_parent(self) -> pulumi.Output[Optional[str]]:
|
789
1184
|
"""
|
790
|
-
Input only. The parent resource for the resources managed by this Assured Workload. May be either
|
1185
|
+
Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}
|
791
1186
|
"""
|
792
1187
|
return pulumi.get(self, "provisioned_resources_parent")
|
793
1188
|
|
@@ -815,3 +1210,19 @@ class Workload(pulumi.CustomResource):
|
|
815
1210
|
"""
|
816
1211
|
return pulumi.get(self, "resources")
|
817
1212
|
|
1213
|
+
@property
|
1214
|
+
@pulumi.getter(name="saaEnrollmentResponses")
|
1215
|
+
def saa_enrollment_responses(self) -> pulumi.Output[Sequence['outputs.WorkloadSaaEnrollmentResponse']]:
|
1216
|
+
"""
|
1217
|
+
Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during workloads.get call. In failure cases, user friendly error message is shown in SAA details page.
|
1218
|
+
"""
|
1219
|
+
return pulumi.get(self, "saa_enrollment_responses")
|
1220
|
+
|
1221
|
+
@property
|
1222
|
+
@pulumi.getter(name="violationNotificationsEnabled")
|
1223
|
+
def violation_notifications_enabled(self) -> pulumi.Output[bool]:
|
1224
|
+
"""
|
1225
|
+
Optional. Indicates whether the e-mail notification for a violation is enabled for a workload. This value will be by default True, and if not present will be considered as true. This should only be updated via updateWorkload call. Any Changes to this field during the createWorkload call will not be honored. This will always be true while creating the workload.
|
1226
|
+
"""
|
1227
|
+
return pulumi.get(self, "violation_notifications_enabled")
|
1228
|
+
|