pulumi-gcp 7.12.0a1709102105__py3-none-any.whl → 7.12.0a1709133800__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- pulumi_gcp/accessapproval/get_folder_service_account.py +2 -2
- pulumi_gcp/accessapproval/get_organization_service_account.py +2 -2
- pulumi_gcp/accessapproval/get_project_service_account.py +2 -2
- pulumi_gcp/accesscontextmanager/access_level.py +10 -8
- pulumi_gcp/accesscontextmanager/access_level_condition.py +2 -0
- pulumi_gcp/accesscontextmanager/access_levels.py +16 -16
- pulumi_gcp/accesscontextmanager/access_policy.py +12 -6
- pulumi_gcp/accesscontextmanager/access_policy_iam_binding.py +10 -2
- pulumi_gcp/accesscontextmanager/access_policy_iam_member.py +10 -2
- pulumi_gcp/accesscontextmanager/access_policy_iam_policy.py +10 -2
- pulumi_gcp/accesscontextmanager/authorized_orgs_desc.py +8 -6
- pulumi_gcp/accesscontextmanager/gcp_user_access_binding.py +80 -0
- pulumi_gcp/accesscontextmanager/get_access_policy_iam_policy.py +2 -2
- pulumi_gcp/accesscontextmanager/service_perimeter.py +34 -24
- pulumi_gcp/accesscontextmanager/service_perimeter_resource.py +6 -4
- pulumi_gcp/accesscontextmanager/service_perimeters.py +14 -12
- pulumi_gcp/activedirectory/domain_trust.py +6 -6
- pulumi_gcp/activedirectory/peering.py +20 -22
- pulumi_gcp/alloydb/backup.py +62 -66
- pulumi_gcp/alloydb/cluster.py +78 -82
- pulumi_gcp/alloydb/instance.py +70 -74
- pulumi_gcp/alloydb/user.py +44 -48
- pulumi_gcp/apigateway/api.py +2 -4
- pulumi_gcp/apigateway/api_config.py +86 -14
- pulumi_gcp/apigateway/api_config_iam_binding.py +18 -24
- pulumi_gcp/apigateway/api_config_iam_member.py +18 -24
- pulumi_gcp/apigateway/api_config_iam_policy.py +18 -24
- pulumi_gcp/apigateway/api_iam_binding.py +18 -24
- pulumi_gcp/apigateway/api_iam_member.py +18 -24
- pulumi_gcp/apigateway/api_iam_policy.py +18 -24
- pulumi_gcp/apigateway/gateway.py +16 -22
- pulumi_gcp/apigateway/gateway_iam_binding.py +24 -30
- pulumi_gcp/apigateway/gateway_iam_member.py +24 -30
- pulumi_gcp/apigateway/gateway_iam_policy.py +24 -30
- pulumi_gcp/apigee/addons_config.py +22 -26
- pulumi_gcp/apigee/endpoint_attachment.py +14 -14
- pulumi_gcp/apigee/env_group.py +16 -14
- pulumi_gcp/apigee/env_group_attachment.py +0 -100
- pulumi_gcp/apigee/environment.py +14 -12
- pulumi_gcp/apigee/environment_iam_binding.py +12 -12
- pulumi_gcp/apigee/environment_iam_member.py +12 -12
- pulumi_gcp/apigee/environment_iam_policy.py +12 -12
- pulumi_gcp/apigee/get_environment_iam_policy.py +4 -4
- pulumi_gcp/apigee/instance.py +84 -76
- pulumi_gcp/apigee/instance_attachment.py +0 -100
- pulumi_gcp/apigee/keystores_aliases_self_signed_cert.py +40 -40
- pulumi_gcp/apigee/nat_address.py +42 -36
- pulumi_gcp/apigee/organization.py +62 -58
- pulumi_gcp/apigee/sync_authorization.py +16 -12
- pulumi_gcp/apigee/target_server.py +34 -36
- pulumi_gcp/appengine/application.py +8 -2
- pulumi_gcp/appengine/application_url_dispatch_rules.py +12 -6
- pulumi_gcp/appengine/domain_mapping.py +2 -2
- pulumi_gcp/appengine/engine_split_traffic.py +12 -6
- pulumi_gcp/appengine/firewall_rule.py +6 -2
- pulumi_gcp/appengine/flexible_app_version.py +20 -12
- pulumi_gcp/appengine/service_network_settings.py +14 -8
- pulumi_gcp/appengine/standard_app_version.py +18 -12
- pulumi_gcp/artifactregistry/get_repository_iam_policy.py +6 -6
- pulumi_gcp/artifactregistry/repository.py +78 -82
- pulumi_gcp/artifactregistry/repository_iam_binding.py +18 -18
- pulumi_gcp/artifactregistry/repository_iam_member.py +18 -18
- pulumi_gcp/artifactregistry/repository_iam_policy.py +18 -18
- pulumi_gcp/artifactregistry/vpcsc_config.py +2 -4
- pulumi_gcp/assuredworkloads/workload.py +16 -18
- pulumi_gcp/backupdisasterrecovery/management_server.py +20 -24
- pulumi_gcp/beyondcorp/app_connection.py +44 -30
- pulumi_gcp/beyondcorp/app_connector.py +22 -16
- pulumi_gcp/beyondcorp/app_gateway.py +20 -16
- pulumi_gcp/biglake/catalog.py +6 -2
- pulumi_gcp/biglake/database.py +14 -4
- pulumi_gcp/biglake/table.py +20 -6
- pulumi_gcp/bigquery/app_profile.py +8 -0
- pulumi_gcp/bigquery/capacity_commitment.py +4 -4
- pulumi_gcp/bigquery/connection.py +72 -54
- pulumi_gcp/bigquery/connection_iam_binding.py +18 -18
- pulumi_gcp/bigquery/connection_iam_member.py +18 -18
- pulumi_gcp/bigquery/connection_iam_policy.py +18 -18
- pulumi_gcp/bigquery/data_transfer_config.py +8 -12
- pulumi_gcp/bigquery/dataset.py +20 -14
- pulumi_gcp/bigquery/dataset_access.py +16 -16
- pulumi_gcp/bigquery/dataset_iam_binding.py +4 -4
- pulumi_gcp/bigquery/dataset_iam_member.py +4 -4
- pulumi_gcp/bigquery/dataset_iam_policy.py +4 -4
- pulumi_gcp/bigquery/get_connection_iam_policy.py +6 -6
- pulumi_gcp/bigquery/get_dataset_iam_policy.py +2 -2
- pulumi_gcp/bigquery/get_default_service_account.py +4 -4
- pulumi_gcp/bigquery/get_table_iam_policy.py +6 -6
- pulumi_gcp/bigquery/iam_binding.py +36 -36
- pulumi_gcp/bigquery/iam_member.py +36 -36
- pulumi_gcp/bigquery/iam_policy.py +36 -36
- pulumi_gcp/bigquery/job.py +326 -20
- pulumi_gcp/bigquery/reservation.py +14 -12
- pulumi_gcp/bigquery/reservation_assignment.py +2 -0
- pulumi_gcp/bigquery/routine.py +22 -22
- pulumi_gcp/bigquery/table.py +8 -8
- pulumi_gcp/bigqueryanalyticshub/data_exchange.py +6 -6
- pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_binding.py +18 -18
- pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_member.py +18 -18
- pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_policy.py +18 -18
- pulumi_gcp/bigqueryanalyticshub/get_data_exchange_iam_policy.py +6 -6
- pulumi_gcp/bigqueryanalyticshub/get_listing_iam_policy.py +8 -8
- pulumi_gcp/bigqueryanalyticshub/listing.py +16 -16
- pulumi_gcp/bigqueryanalyticshub/listing_iam_binding.py +24 -24
- pulumi_gcp/bigqueryanalyticshub/listing_iam_member.py +24 -24
- pulumi_gcp/bigqueryanalyticshub/listing_iam_policy.py +24 -24
- pulumi_gcp/bigquerydatapolicy/data_policy.py +4 -4
- pulumi_gcp/bigquerydatapolicy/data_policy_iam_binding.py +18 -18
- pulumi_gcp/bigquerydatapolicy/data_policy_iam_member.py +18 -18
- pulumi_gcp/bigquerydatapolicy/data_policy_iam_policy.py +18 -18
- pulumi_gcp/bigquerydatapolicy/get_iam_policy.py +6 -6
- pulumi_gcp/bigtable/gc_policy.py +0 -208
- pulumi_gcp/bigtable/get_instance_iam_policy.py +2 -2
- pulumi_gcp/bigtable/get_table_iam_policy.py +4 -4
- pulumi_gcp/bigtable/instance.py +14 -10
- pulumi_gcp/bigtable/instance_iam_binding.py +8 -8
- pulumi_gcp/bigtable/instance_iam_member.py +8 -8
- pulumi_gcp/bigtable/instance_iam_policy.py +8 -8
- pulumi_gcp/bigtable/table.py +18 -12
- pulumi_gcp/bigtable/table_iam_binding.py +8 -8
- pulumi_gcp/bigtable/table_iam_member.py +8 -8
- pulumi_gcp/bigtable/table_iam_policy.py +8 -8
- pulumi_gcp/billing/account_iam_binding.py +8 -8
- pulumi_gcp/billing/account_iam_member.py +8 -8
- pulumi_gcp/billing/account_iam_policy.py +8 -8
- pulumi_gcp/billing/budget.py +2 -2
- pulumi_gcp/binaryauthorization/attestor.py +74 -52
- pulumi_gcp/binaryauthorization/attestor_iam_binding.py +12 -12
- pulumi_gcp/binaryauthorization/attestor_iam_member.py +12 -12
- pulumi_gcp/binaryauthorization/attestor_iam_policy.py +12 -12
- pulumi_gcp/binaryauthorization/get_attestor_iam_policy.py +4 -4
- pulumi_gcp/binaryauthorization/policy.py +48 -32
- pulumi_gcp/blockchainnodeengine/blockchain_nodes.py +38 -38
- pulumi_gcp/certificateauthority/authority.py +34 -42
- pulumi_gcp/certificateauthority/ca_pool.py +274 -6
- pulumi_gcp/certificateauthority/ca_pool_iam_binding.py +12 -12
- pulumi_gcp/certificateauthority/ca_pool_iam_member.py +12 -12
- pulumi_gcp/certificateauthority/ca_pool_iam_policy.py +12 -12
- pulumi_gcp/certificateauthority/certificate.py +264 -44
- pulumi_gcp/certificateauthority/certificate_template.py +168 -0
- pulumi_gcp/certificateauthority/certificate_template_iam_binding.py +12 -12
- pulumi_gcp/certificateauthority/certificate_template_iam_member.py +12 -12
- pulumi_gcp/certificateauthority/certificate_template_iam_policy.py +12 -12
- pulumi_gcp/certificateauthority/get_ca_pool_iam_policy.py +2 -2
- pulumi_gcp/certificateauthority/get_certificate_template_iam_policy.py +2 -2
- pulumi_gcp/certificatemanager/certificate.py +114 -84
- pulumi_gcp/certificatemanager/certificate_issuance_config.py +34 -32
- pulumi_gcp/certificatemanager/certificate_map.py +2 -0
- pulumi_gcp/certificatemanager/certificate_map_entry.py +12 -2
- pulumi_gcp/certificatemanager/dns_authorization.py +2 -0
- pulumi_gcp/certificatemanager/trust_config.py +8 -4
- pulumi_gcp/cloudasset/folder_feed.py +82 -0
- pulumi_gcp/cloudasset/organization_feed.py +74 -0
- pulumi_gcp/cloudasset/project_feed.py +70 -0
- pulumi_gcp/cloudbuild/bitbucket_server_config.py +98 -14
- pulumi_gcp/cloudbuild/get_trigger.py +2 -2
- pulumi_gcp/cloudbuild/trigger.py +650 -122
- pulumi_gcp/cloudbuild/worker_pool.py +20 -16
- pulumi_gcp/cloudbuildv2/connection.py +20 -18
- pulumi_gcp/cloudbuildv2/connection_iam_binding.py +18 -12
- pulumi_gcp/cloudbuildv2/connection_iam_member.py +18 -12
- pulumi_gcp/cloudbuildv2/connection_iam_policy.py +18 -12
- pulumi_gcp/cloudbuildv2/get_connection_iam_policy.py +6 -6
- pulumi_gcp/cloudbuildv2/repository.py +18 -14
- pulumi_gcp/clouddeploy/automation.py +16 -16
- pulumi_gcp/clouddeploy/custom_target_type.py +38 -32
- pulumi_gcp/clouddeploy/delivery_pipeline.py +40 -38
- pulumi_gcp/clouddeploy/get_delivery_pipeline_iam_policy.py +6 -6
- pulumi_gcp/clouddeploy/target.py +26 -24
- pulumi_gcp/clouddomains/registration.py +74 -74
- pulumi_gcp/cloudfunctions/function.py +20 -4
- pulumi_gcp/cloudfunctions/function_iam_binding.py +18 -18
- pulumi_gcp/cloudfunctions/function_iam_member.py +18 -18
- pulumi_gcp/cloudfunctions/function_iam_policy.py +18 -18
- pulumi_gcp/cloudfunctions/get_function_iam_policy.py +6 -6
- pulumi_gcp/cloudfunctionsv2/function.py +776 -42
- pulumi_gcp/cloudfunctionsv2/function_iam_binding.py +18 -18
- pulumi_gcp/cloudfunctionsv2/function_iam_member.py +18 -18
- pulumi_gcp/cloudfunctionsv2/function_iam_policy.py +18 -18
- pulumi_gcp/cloudfunctionsv2/get_function.py +4 -4
- pulumi_gcp/cloudfunctionsv2/get_function_iam_policy.py +6 -6
- pulumi_gcp/cloudidentity/group.py +8 -8
- pulumi_gcp/cloudidentity/group_membership.py +4 -4
- pulumi_gcp/cloudids/endpoint.py +12 -10
- pulumi_gcp/cloudrun/domain_mapping.py +10 -6
- pulumi_gcp/cloudrun/get_service.py +4 -4
- pulumi_gcp/cloudrun/get_service_iam_policy.py +6 -6
- pulumi_gcp/cloudrun/iam_binding.py +18 -18
- pulumi_gcp/cloudrun/iam_member.py +18 -18
- pulumi_gcp/cloudrun/iam_policy.py +18 -18
- pulumi_gcp/cloudrun/service.py +28 -14
- pulumi_gcp/cloudrunv2/get_job.py +4 -4
- pulumi_gcp/cloudrunv2/get_job_iam_policy.py +6 -6
- pulumi_gcp/cloudrunv2/get_service.py +4 -4
- pulumi_gcp/cloudrunv2/get_service_iam_policy.py +6 -6
- pulumi_gcp/cloudrunv2/job.py +56 -46
- pulumi_gcp/cloudrunv2/job_iam_binding.py +18 -12
- pulumi_gcp/cloudrunv2/job_iam_member.py +18 -12
- pulumi_gcp/cloudrunv2/job_iam_policy.py +18 -12
- pulumi_gcp/cloudrunv2/service.py +94 -68
- pulumi_gcp/cloudrunv2/service_iam_binding.py +18 -12
- pulumi_gcp/cloudrunv2/service_iam_member.py +18 -12
- pulumi_gcp/cloudrunv2/service_iam_policy.py +18 -12
- pulumi_gcp/cloudscheduler/job.py +168 -26
- pulumi_gcp/cloudtasks/get_queue_iam_policy.py +6 -6
- pulumi_gcp/cloudtasks/queue.py +18 -12
- pulumi_gcp/cloudtasks/queue_iam_binding.py +18 -12
- pulumi_gcp/cloudtasks/queue_iam_member.py +18 -12
- pulumi_gcp/cloudtasks/queue_iam_policy.py +18 -12
- pulumi_gcp/composer/get_environment.py +22 -0
- pulumi_gcp/composer/get_image_versions.py +2 -0
- pulumi_gcp/compute/address.py +32 -18
- pulumi_gcp/compute/attached_disk.py +8 -6
- pulumi_gcp/compute/autoscaler.py +34 -28
- pulumi_gcp/compute/backend_bucket.py +42 -16
- pulumi_gcp/compute/backend_bucket_signed_url_key.py +16 -8
- pulumi_gcp/compute/backend_service.py +350 -34
- pulumi_gcp/compute/backend_service_signed_url_key.py +98 -0
- pulumi_gcp/compute/disk.py +26 -18
- pulumi_gcp/compute/disk_async_replication.py +4 -0
- pulumi_gcp/compute/disk_iam_binding.py +18 -12
- pulumi_gcp/compute/disk_iam_member.py +18 -12
- pulumi_gcp/compute/disk_iam_policy.py +18 -12
- pulumi_gcp/compute/disk_resource_policy_attachment.py +12 -6
- pulumi_gcp/compute/external_vpn_gateway.py +40 -16
- pulumi_gcp/compute/firewall.py +16 -12
- pulumi_gcp/compute/firewall_policy.py +4 -4
- pulumi_gcp/compute/firewall_policy_association.py +10 -8
- pulumi_gcp/compute/firewall_policy_rule.py +4 -2
- pulumi_gcp/compute/forwarding_rule.py +1840 -22
- pulumi_gcp/compute/get_address.py +6 -2
- pulumi_gcp/compute/get_addresses.py +6 -2
- pulumi_gcp/compute/get_backend_service.py +32 -0
- pulumi_gcp/compute/get_disk.py +0 -2
- pulumi_gcp/compute/get_disk_iam_policy.py +6 -6
- pulumi_gcp/compute/get_global_address.py +6 -2
- pulumi_gcp/compute/get_image.py +0 -2
- pulumi_gcp/compute/get_image_iam_policy.py +4 -4
- pulumi_gcp/compute/get_instance_iam_policy.py +6 -6
- pulumi_gcp/compute/get_instance_serial_port.py +10 -8
- pulumi_gcp/compute/get_instance_template.py +0 -22
- pulumi_gcp/compute/get_lbip_ranges.py +4 -2
- pulumi_gcp/compute/get_machine_types.py +100 -0
- pulumi_gcp/compute/get_netblock_ip_ranges.py +4 -2
- pulumi_gcp/compute/get_network_peering.py +16 -4
- pulumi_gcp/compute/get_node_types.py +4 -2
- pulumi_gcp/compute/get_region_disk_iam_policy.py +6 -6
- pulumi_gcp/compute/get_region_instance_template.py +4 -0
- pulumi_gcp/compute/get_regions.py +2 -0
- pulumi_gcp/compute/get_snapshot.py +4 -0
- pulumi_gcp/compute/get_snapshot_iam_policy.py +4 -4
- pulumi_gcp/compute/get_subnetwork_iam_policy.py +6 -6
- pulumi_gcp/compute/global_address.py +12 -10
- pulumi_gcp/compute/global_forwarding_rule.py +1574 -56
- pulumi_gcp/compute/global_network_endpoint.py +2 -0
- pulumi_gcp/compute/global_network_endpoint_group.py +8 -4
- pulumi_gcp/compute/ha_vpn_gateway.py +38 -10
- pulumi_gcp/compute/health_check.py +114 -90
- pulumi_gcp/compute/http_health_check.py +6 -4
- pulumi_gcp/compute/https_health_check.py +6 -4
- pulumi_gcp/compute/image.py +22 -14
- pulumi_gcp/compute/image_iam_binding.py +24 -24
- pulumi_gcp/compute/image_iam_member.py +24 -24
- pulumi_gcp/compute/image_iam_policy.py +24 -24
- pulumi_gcp/compute/instance.py +16 -14
- pulumi_gcp/compute/instance_from_machine_image.py +4 -4
- pulumi_gcp/compute/instance_from_template.py +10 -6
- pulumi_gcp/compute/instance_group.py +108 -6
- pulumi_gcp/compute/instance_group_manager.py +16 -12
- pulumi_gcp/compute/instance_group_membership.py +6 -4
- pulumi_gcp/compute/instance_group_named_port.py +22 -10
- pulumi_gcp/compute/instance_iam_binding.py +36 -36
- pulumi_gcp/compute/instance_iam_member.py +36 -36
- pulumi_gcp/compute/instance_iam_policy.py +36 -36
- pulumi_gcp/compute/instance_settings.py +4 -6
- pulumi_gcp/compute/instance_template.py +150 -12
- pulumi_gcp/compute/interconnect_attachment.py +28 -10
- pulumi_gcp/compute/machine_image.py +30 -24
- pulumi_gcp/compute/machine_image_iam_binding.py +36 -48
- pulumi_gcp/compute/machine_image_iam_member.py +36 -48
- pulumi_gcp/compute/machine_image_iam_policy.py +36 -48
- pulumi_gcp/compute/managed_ssl_certificate.py +212 -0
- pulumi_gcp/compute/manged_ssl_certificate.py +212 -0
- pulumi_gcp/compute/network.py +18 -14
- pulumi_gcp/compute/network_attachment.py +60 -52
- pulumi_gcp/compute/network_edge_security_service.py +4 -4
- pulumi_gcp/compute/network_endpoint.py +32 -22
- pulumi_gcp/compute/network_endpoint_group.py +20 -10
- pulumi_gcp/compute/network_endpoint_list.py +44 -32
- pulumi_gcp/compute/network_firewall_policy.py +6 -2
- pulumi_gcp/compute/network_firewall_policy_association.py +8 -4
- pulumi_gcp/compute/network_firewall_policy_rule.py +14 -10
- pulumi_gcp/compute/network_peering.py +16 -4
- pulumi_gcp/compute/network_peering_routes_config.py +38 -18
- pulumi_gcp/compute/node_group.py +28 -10
- pulumi_gcp/compute/node_template.py +12 -8
- pulumi_gcp/compute/organization_security_policy.py +2 -4
- pulumi_gcp/compute/organization_security_policy_association.py +22 -28
- pulumi_gcp/compute/organization_security_policy_rule.py +10 -14
- pulumi_gcp/compute/packet_mirroring.py +128 -0
- pulumi_gcp/compute/per_instance_config.py +16 -8
- pulumi_gcp/compute/project_metadata.py +6 -8
- pulumi_gcp/compute/public_advertised_prefix.py +2 -0
- pulumi_gcp/compute/public_delegated_prefix.py +4 -0
- pulumi_gcp/compute/region_autoscaler.py +14 -8
- pulumi_gcp/compute/region_backend_service.py +462 -2
- pulumi_gcp/compute/region_commitment.py +20 -16
- pulumi_gcp/compute/region_disk.py +20 -8
- pulumi_gcp/compute/region_disk_iam_binding.py +18 -12
- pulumi_gcp/compute/region_disk_iam_member.py +18 -12
- pulumi_gcp/compute/region_disk_iam_policy.py +18 -12
- pulumi_gcp/compute/region_disk_resource_policy_attachment.py +16 -6
- pulumi_gcp/compute/region_health_check.py +114 -90
- pulumi_gcp/compute/region_instance_group_manager.py +14 -8
- pulumi_gcp/compute/region_network_endpoint.py +16 -4
- pulumi_gcp/compute/region_network_endpoint_group.py +166 -32
- pulumi_gcp/compute/region_network_firewall_policy.py +6 -2
- pulumi_gcp/compute/region_network_firewall_policy_association.py +8 -4
- pulumi_gcp/compute/region_network_firewall_policy_rule.py +14 -10
- pulumi_gcp/compute/region_per_instance_config.py +12 -4
- pulumi_gcp/compute/region_security_policy.py +12 -12
- pulumi_gcp/compute/region_security_policy_rule.py +38 -48
- pulumi_gcp/compute/region_ssl_certificate.py +138 -32
- pulumi_gcp/compute/region_target_http_proxy.py +88 -4
- pulumi_gcp/compute/region_target_https_proxy.py +96 -0
- pulumi_gcp/compute/region_target_tcp_proxy.py +52 -0
- pulumi_gcp/compute/region_url_map.py +1038 -0
- pulumi_gcp/compute/reservation.py +10 -8
- pulumi_gcp/compute/resource_policy.py +60 -48
- pulumi_gcp/compute/route.py +206 -4
- pulumi_gcp/compute/router.py +18 -6
- pulumi_gcp/compute/router_interface.py +6 -4
- pulumi_gcp/compute/router_nat.py +82 -42
- pulumi_gcp/compute/router_peer.py +72 -42
- pulumi_gcp/compute/security_policy.py +120 -108
- pulumi_gcp/compute/security_scan_config.py +4 -6
- pulumi_gcp/compute/service_attachment.py +376 -0
- pulumi_gcp/compute/snapshot.py +8 -0
- pulumi_gcp/compute/snapshot_iam_binding.py +12 -6
- pulumi_gcp/compute/snapshot_iam_member.py +12 -6
- pulumi_gcp/compute/snapshot_iam_policy.py +12 -6
- pulumi_gcp/compute/ssl_certificate.py +118 -30
- pulumi_gcp/compute/ssl_policy.py +20 -12
- pulumi_gcp/compute/subnetwork.py +58 -30
- pulumi_gcp/compute/subnetwork_iam_binding.py +36 -36
- pulumi_gcp/compute/subnetwork_iam_member.py +36 -36
- pulumi_gcp/compute/subnetwork_iam_policy.py +36 -36
- pulumi_gcp/compute/target_grpc_proxy.py +176 -0
- pulumi_gcp/compute/target_http_proxy.py +166 -10
- pulumi_gcp/compute/target_https_proxy.py +336 -14
- pulumi_gcp/compute/target_instance.py +22 -16
- pulumi_gcp/compute/target_pool.py +40 -0
- pulumi_gcp/compute/target_ssl_proxy.py +54 -0
- pulumi_gcp/compute/target_tcp_proxy.py +44 -0
- pulumi_gcp/compute/url_map.py +1146 -0
- pulumi_gcp/compute/vpn_gateway.py +28 -24
- pulumi_gcp/compute/vpn_tunnel.py +40 -36
- pulumi_gcp/container/_inputs.py +0 -188
- pulumi_gcp/container/attached_cluster.py +124 -0
- pulumi_gcp/container/aws_cluster.py +46 -42
- pulumi_gcp/container/aws_node_pool.py +34 -26
- pulumi_gcp/container/azure_client.py +6 -4
- pulumi_gcp/container/azure_cluster.py +30 -26
- pulumi_gcp/container/azure_node_pool.py +12 -6
- pulumi_gcp/container/cluster.py +62 -6
- pulumi_gcp/container/get_attached_versions.py +2 -2
- pulumi_gcp/container/get_aws_versions.py +2 -2
- pulumi_gcp/container/get_azure_versions.py +2 -2
- pulumi_gcp/container/get_engine_versions.py +2 -0
- pulumi_gcp/container/node_pool.py +68 -2
- pulumi_gcp/container/outputs.py +0 -188
- pulumi_gcp/container/registry.py +4 -4
- pulumi_gcp/containeranalysis/get_note_iam_policy.py +4 -4
- pulumi_gcp/containeranalysis/note.py +32 -26
- pulumi_gcp/containeranalysis/note_iam_binding.py +12 -12
- pulumi_gcp/containeranalysis/note_iam_member.py +12 -12
- pulumi_gcp/containeranalysis/note_iam_policy.py +12 -12
- pulumi_gcp/databasemigrationservice/connection_profile.py +40 -46
- pulumi_gcp/databasemigrationservice/private_connection.py +6 -6
- pulumi_gcp/datacatalog/entry.py +12 -12
- pulumi_gcp/datacatalog/entry_group.py +8 -8
- pulumi_gcp/datacatalog/entry_group_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/entry_group_iam_member.py +6 -6
- pulumi_gcp/datacatalog/entry_group_iam_policy.py +6 -6
- pulumi_gcp/datacatalog/get_entry_group_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/get_policy_tag_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/get_tag_template_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/get_taxonomy_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/policy_tag.py +14 -16
- pulumi_gcp/datacatalog/policy_tag_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/policy_tag_iam_member.py +6 -6
- pulumi_gcp/datacatalog/policy_tag_iam_policy.py +6 -6
- pulumi_gcp/datacatalog/tag.py +22 -22
- pulumi_gcp/datacatalog/tag_template.py +16 -16
- pulumi_gcp/datacatalog/tag_template_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/tag_template_iam_member.py +6 -6
- pulumi_gcp/datacatalog/tag_template_iam_policy.py +6 -6
- pulumi_gcp/datacatalog/taxonomy.py +6 -6
- pulumi_gcp/datacatalog/taxonomy_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/taxonomy_iam_member.py +6 -6
- pulumi_gcp/datacatalog/taxonomy_iam_policy.py +6 -6
- pulumi_gcp/dataflow/flex_template_job.py +18 -18
- pulumi_gcp/dataflow/job.py +34 -26
- pulumi_gcp/dataflow/pipeline.py +4 -2
- pulumi_gcp/dataform/repository.py +28 -36
- pulumi_gcp/dataform/repository_release_config.py +16 -20
- pulumi_gcp/dataform/repository_workflow_config.py +26 -32
- pulumi_gcp/datafusion/get_instance_iam_policy.py +6 -6
- pulumi_gcp/datafusion/instance.py +60 -40
- pulumi_gcp/dataloss/prevention_deidentify_template.py +206 -10
- pulumi_gcp/dataloss/prevention_inspect_template.py +270 -42
- pulumi_gcp/dataloss/prevention_job_trigger.py +368 -192
- pulumi_gcp/dataloss/prevention_stored_info_type.py +24 -20
- pulumi_gcp/dataplex/asset.py +16 -10
- pulumi_gcp/dataplex/asset_iam_binding.py +30 -30
- pulumi_gcp/dataplex/asset_iam_member.py +30 -30
- pulumi_gcp/dataplex/asset_iam_policy.py +30 -30
- pulumi_gcp/dataplex/datascan.py +90 -92
- pulumi_gcp/dataplex/datascan_iam_binding.py +18 -18
- pulumi_gcp/dataplex/datascan_iam_member.py +18 -18
- pulumi_gcp/dataplex/datascan_iam_policy.py +18 -18
- pulumi_gcp/dataplex/get_asset_iam_policy.py +10 -10
- pulumi_gcp/dataplex/get_datascan_iam_policy.py +6 -6
- pulumi_gcp/dataplex/get_lake_iam_policy.py +6 -6
- pulumi_gcp/dataplex/get_task_iam_policy.py +8 -8
- pulumi_gcp/dataplex/get_zone_iam_policy.py +8 -8
- pulumi_gcp/dataplex/lake.py +8 -6
- pulumi_gcp/dataplex/lake_iam_binding.py +18 -18
- pulumi_gcp/dataplex/lake_iam_member.py +18 -18
- pulumi_gcp/dataplex/lake_iam_policy.py +18 -18
- pulumi_gcp/dataplex/task_iam_binding.py +24 -24
- pulumi_gcp/dataplex/task_iam_member.py +24 -24
- pulumi_gcp/dataplex/task_iam_policy.py +24 -24
- pulumi_gcp/dataplex/zone.py +4 -0
- pulumi_gcp/dataplex/zone_iam_binding.py +24 -24
- pulumi_gcp/dataplex/zone_iam_member.py +24 -24
- pulumi_gcp/dataplex/zone_iam_policy.py +24 -24
- pulumi_gcp/dataproc/autoscaling_policy.py +2 -0
- pulumi_gcp/dataproc/autoscaling_policy_iam_binding.py +18 -18
- pulumi_gcp/dataproc/autoscaling_policy_iam_member.py +18 -18
- pulumi_gcp/dataproc/autoscaling_policy_iam_policy.py +18 -18
- pulumi_gcp/dataproc/cluster.py +18 -10
- pulumi_gcp/dataproc/cluster_iam_binding.py +8 -8
- pulumi_gcp/dataproc/cluster_iam_member.py +8 -8
- pulumi_gcp/dataproc/cluster_iam_policy.py +8 -8
- pulumi_gcp/dataproc/get_autoscaling_policy_iam_policy.py +6 -6
- pulumi_gcp/dataproc/get_cluster_iam_policy.py +2 -2
- pulumi_gcp/dataproc/get_job_iam_policy.py +2 -2
- pulumi_gcp/dataproc/get_metastore_service.py +4 -4
- pulumi_gcp/dataproc/get_metastore_service_iam_policy.py +6 -6
- pulumi_gcp/dataproc/job.py +6 -2
- pulumi_gcp/dataproc/job_iam_binding.py +8 -8
- pulumi_gcp/dataproc/job_iam_member.py +8 -8
- pulumi_gcp/dataproc/job_iam_policy.py +8 -8
- pulumi_gcp/dataproc/metastore_federation.py +16 -24
- pulumi_gcp/dataproc/metastore_service.py +64 -56
- pulumi_gcp/dataproc/metastore_service_iam_binding.py +18 -18
- pulumi_gcp/dataproc/metastore_service_iam_member.py +18 -18
- pulumi_gcp/dataproc/metastore_service_iam_policy.py +18 -18
- pulumi_gcp/dataproc/workflow_template.py +58 -56
- pulumi_gcp/datastore/data_store_index.py +4 -4
- pulumi_gcp/datastream/connection_profile.py +52 -36
- pulumi_gcp/datastream/private_connection.py +4 -4
- pulumi_gcp/datastream/stream.py +52 -30
- pulumi_gcp/deploymentmanager/deployment.py +6 -2
- pulumi_gcp/diagflow/agent.py +20 -20
- pulumi_gcp/diagflow/cx_agent.py +4 -2
- pulumi_gcp/diagflow/cx_entity_type.py +2 -2
- pulumi_gcp/diagflow/cx_environment.py +2 -2
- pulumi_gcp/diagflow/cx_flow.py +6 -4
- pulumi_gcp/diagflow/cx_intent.py +2 -2
- pulumi_gcp/diagflow/cx_page.py +6 -6
- pulumi_gcp/diagflow/cx_security_settings.py +6 -4
- pulumi_gcp/diagflow/cx_test_case.py +6 -6
- pulumi_gcp/diagflow/cx_version.py +2 -2
- pulumi_gcp/diagflow/cx_webhook.py +2 -2
- pulumi_gcp/diagflow/entity_type.py +6 -8
- pulumi_gcp/diagflow/fulfillment.py +6 -8
- pulumi_gcp/diagflow/intent.py +32 -30
- pulumi_gcp/discoveryengine/chat_engine.py +4 -4
- pulumi_gcp/discoveryengine/data_store.py +8 -8
- pulumi_gcp/discoveryengine/search_engine.py +8 -8
- pulumi_gcp/dns/dns_managed_zone_iam_binding.py +12 -12
- pulumi_gcp/dns/dns_managed_zone_iam_member.py +12 -12
- pulumi_gcp/dns/dns_managed_zone_iam_policy.py +12 -12
- pulumi_gcp/dns/get_keys.py +2 -0
- pulumi_gcp/dns/get_managed_zone_iam_policy.py +4 -4
- pulumi_gcp/dns/managed_zone.py +82 -38
- pulumi_gcp/dns/policy.py +14 -4
- pulumi_gcp/dns/record_set.py +76 -44
- pulumi_gcp/dns/response_policy.py +16 -4
- pulumi_gcp/dns/response_policy_rule.py +12 -4
- pulumi_gcp/edgecontainer/cluster.py +54 -48
- pulumi_gcp/edgecontainer/node_pool.py +34 -16
- pulumi_gcp/edgecontainer/vpn_connection.py +12 -8
- pulumi_gcp/edgenetwork/network.py +2 -2
- pulumi_gcp/edgenetwork/subnet.py +8 -8
- pulumi_gcp/endpoints/get_service_iam_policy.py +2 -2
- pulumi_gcp/endpoints/service.py +12 -12
- pulumi_gcp/endpoints/service_iam_binding.py +6 -6
- pulumi_gcp/endpoints/service_iam_member.py +6 -6
- pulumi_gcp/endpoints/service_iam_policy.py +6 -6
- pulumi_gcp/essentialcontacts/document_ai_processor.py +2 -2
- pulumi_gcp/essentialcontacts/document_ai_processor_default_version.py +8 -8
- pulumi_gcp/essentialcontacts/document_ai_warehouse_document_schema.py +18 -18
- pulumi_gcp/eventarc/channel.py +10 -10
- pulumi_gcp/eventarc/google_channel_config.py +8 -8
- pulumi_gcp/eventarc/trigger.py +6 -2
- pulumi_gcp/filestore/backup.py +4 -0
- pulumi_gcp/filestore/instance.py +44 -30
- pulumi_gcp/filestore/snapshot.py +8 -0
- pulumi_gcp/firebase/_inputs.py +0 -6
- pulumi_gcp/firebase/android_app.py +8 -12
- pulumi_gcp/firebase/app_check_debug_token.py +38 -0
- pulumi_gcp/firebase/app_check_service_config.py +6 -12
- pulumi_gcp/firebase/apple_app.py +8 -12
- pulumi_gcp/firebase/database_instance.py +26 -36
- pulumi_gcp/firebase/extensions_instance.py +8 -10
- pulumi_gcp/firebase/hosting_channel.py +14 -22
- pulumi_gcp/firebase/hosting_custom_domain.py +40 -54
- pulumi_gcp/firebase/hosting_release.py +48 -66
- pulumi_gcp/firebase/hosting_site.py +6 -12
- pulumi_gcp/firebase/hosting_version.py +66 -86
- pulumi_gcp/firebase/outputs.py +0 -6
- pulumi_gcp/firebase/project.py +10 -10
- pulumi_gcp/firebase/storage_bucket.py +10 -12
- pulumi_gcp/firebase/web_app.py +46 -40
- pulumi_gcp/firebaserules/release.py +20 -24
- pulumi_gcp/firebaserules/ruleset.py +10 -10
- pulumi_gcp/firestore/backup_schedule.py +4 -0
- pulumi_gcp/firestore/database.py +40 -32
- pulumi_gcp/firestore/document.py +132 -0
- pulumi_gcp/firestore/field.py +2 -0
- pulumi_gcp/firestore/index.py +94 -10
- pulumi_gcp/folder/access_approval_settings.py +26 -18
- pulumi_gcp/folder/get_iam_policy.py +2 -2
- pulumi_gcp/folder/iam_audit_config.py +42 -42
- pulumi_gcp/folder/iam_member.py +42 -42
- pulumi_gcp/folder/iam_policy.py +42 -42
- pulumi_gcp/folder/organization_policy.py +22 -22
- pulumi_gcp/gkebackup/backup_plan.py +28 -4
- pulumi_gcp/gkebackup/backup_plan_iam_binding.py +18 -12
- pulumi_gcp/gkebackup/backup_plan_iam_member.py +18 -12
- pulumi_gcp/gkebackup/backup_plan_iam_policy.py +18 -12
- pulumi_gcp/gkebackup/get_backup_plan_iam_policy.py +6 -6
- pulumi_gcp/gkebackup/get_restore_plan_iam_policy.py +6 -6
- pulumi_gcp/gkebackup/restore_plan.py +48 -12
- pulumi_gcp/gkebackup/restore_plan_iam_binding.py +48 -12
- pulumi_gcp/gkebackup/restore_plan_iam_member.py +48 -12
- pulumi_gcp/gkebackup/restore_plan_iam_policy.py +48 -12
- pulumi_gcp/gkehub/feature.py +200 -38
- pulumi_gcp/gkehub/feature_iam_binding.py +18 -12
- pulumi_gcp/gkehub/feature_iam_member.py +18 -12
- pulumi_gcp/gkehub/feature_iam_policy.py +18 -12
- pulumi_gcp/gkehub/feature_membership.py +54 -22
- pulumi_gcp/gkehub/fleet.py +4 -4
- pulumi_gcp/gkehub/get_feature_iam_policy.py +6 -6
- pulumi_gcp/gkehub/get_membership_iam_policy.py +6 -6
- pulumi_gcp/gkehub/get_scope_iam_policy.py +4 -4
- pulumi_gcp/gkehub/membership.py +24 -18
- pulumi_gcp/gkehub/membership_iam_binding.py +18 -18
- pulumi_gcp/gkehub/membership_iam_member.py +18 -18
- pulumi_gcp/gkehub/membership_iam_policy.py +18 -18
- pulumi_gcp/gkehub/scope.py +6 -6
- pulumi_gcp/gkehub/scope_iam_binding.py +12 -12
- pulumi_gcp/gkehub/scope_iam_member.py +12 -12
- pulumi_gcp/gkehub/scope_iam_policy.py +12 -12
- pulumi_gcp/gkeonprem/bare_metal_admin_cluster.py +126 -122
- pulumi_gcp/gkeonprem/bare_metal_cluster.py +242 -236
- pulumi_gcp/gkeonprem/bare_metal_node_pool.py +8 -0
- pulumi_gcp/gkeonprem/v_mware_cluster.py +242 -236
- pulumi_gcp/gkeonprem/v_mware_node_pool.py +4 -180
- pulumi_gcp/healthcare/consent_store.py +32 -10
- pulumi_gcp/healthcare/consent_store_iam_binding.py +12 -12
- pulumi_gcp/healthcare/consent_store_iam_member.py +12 -12
- pulumi_gcp/healthcare/consent_store_iam_policy.py +12 -12
- pulumi_gcp/healthcare/dataset.py +2 -0
- pulumi_gcp/healthcare/dataset_iam_binding.py +8 -8
- pulumi_gcp/healthcare/dataset_iam_member.py +8 -8
- pulumi_gcp/healthcare/dataset_iam_policy.py +8 -8
- pulumi_gcp/healthcare/dicom_store.py +30 -26
- pulumi_gcp/healthcare/dicom_store_iam_binding.py +14 -14
- pulumi_gcp/healthcare/dicom_store_iam_member.py +14 -14
- pulumi_gcp/healthcare/dicom_store_iam_policy.py +14 -14
- pulumi_gcp/healthcare/fhir_store.py +44 -24
- pulumi_gcp/healthcare/fhir_store_iam_binding.py +14 -14
- pulumi_gcp/healthcare/fhir_store_iam_member.py +14 -14
- pulumi_gcp/healthcare/fhir_store_iam_policy.py +14 -14
- pulumi_gcp/healthcare/get_consent_store_iam_policy.py +4 -4
- pulumi_gcp/healthcare/get_dataset_iam_policy.py +2 -2
- pulumi_gcp/healthcare/get_dicom_store_iam_policy.py +2 -2
- pulumi_gcp/healthcare/get_fhir_store_iam_policy.py +2 -2
- pulumi_gcp/healthcare/get_hl7_v2_store_iam_policy.py +2 -2
- pulumi_gcp/healthcare/hl7_store.py +30 -20
- pulumi_gcp/healthcare/hl7_store_iam_binding.py +14 -14
- pulumi_gcp/healthcare/hl7_store_iam_member.py +14 -14
- pulumi_gcp/healthcare/hl7_store_iam_policy.py +14 -14
- pulumi_gcp/iam/_inputs.py +0 -18
- pulumi_gcp/iam/access_boundary_policy.py +100 -0
- pulumi_gcp/iam/deny_policy.py +92 -0
- pulumi_gcp/iam/outputs.py +0 -18
- pulumi_gcp/iam/workforce_pool.py +20 -20
- pulumi_gcp/iam/workforce_pool_provider.py +0 -21
- pulumi_gcp/iam/workload_identity_pool.py +6 -6
- pulumi_gcp/iam/workload_identity_pool_provider.py +8 -46
- pulumi_gcp/iap/app_engine_service_iam_binding.py +56 -56
- pulumi_gcp/iap/app_engine_service_iam_member.py +56 -56
- pulumi_gcp/iap/app_engine_service_iam_policy.py +56 -56
- pulumi_gcp/iap/app_engine_version_iam_binding.py +68 -68
- pulumi_gcp/iap/app_engine_version_iam_member.py +68 -68
- pulumi_gcp/iap/app_engine_version_iam_policy.py +68 -68
- pulumi_gcp/iap/brand.py +12 -6
- pulumi_gcp/iap/client.py +14 -8
- pulumi_gcp/iap/get_app_engine_service_iam_policy.py +6 -6
- pulumi_gcp/iap/get_app_engine_version_iam_policy.py +8 -8
- pulumi_gcp/iap/get_client.py +2 -2
- pulumi_gcp/iap/get_tunnel_iam_policy.py +2 -2
- pulumi_gcp/iap/get_tunnel_instance_iam_policy.py +6 -6
- pulumi_gcp/iap/get_web_backend_service_iam_policy.py +4 -4
- pulumi_gcp/iap/get_web_iam_policy.py +2 -2
- pulumi_gcp/iap/get_web_region_backend_service_iam_policy.py +6 -6
- pulumi_gcp/iap/get_web_type_app_engine_iam_policy.py +4 -4
- pulumi_gcp/iap/get_web_type_compute_iam_policy.py +2 -2
- pulumi_gcp/iap/tunnel_iam_binding.py +12 -12
- pulumi_gcp/iap/tunnel_iam_member.py +12 -12
- pulumi_gcp/iap/tunnel_iam_policy.py +12 -12
- pulumi_gcp/iap/tunnel_instance_iam_binding.py +36 -36
- pulumi_gcp/iap/tunnel_instance_iam_member.py +36 -36
- pulumi_gcp/iap/tunnel_instance_iam_policy.py +36 -36
- pulumi_gcp/iap/web_backend_service_iam_binding.py +24 -24
- pulumi_gcp/iap/web_backend_service_iam_member.py +24 -24
- pulumi_gcp/iap/web_backend_service_iam_policy.py +24 -24
- pulumi_gcp/iap/web_iam_binding.py +12 -12
- pulumi_gcp/iap/web_iam_member.py +12 -12
- pulumi_gcp/iap/web_iam_policy.py +12 -12
- pulumi_gcp/iap/web_region_backend_service_iam_binding.py +36 -36
- pulumi_gcp/iap/web_region_backend_service_iam_member.py +36 -36
- pulumi_gcp/iap/web_region_backend_service_iam_policy.py +36 -36
- pulumi_gcp/iap/web_type_app_enging_iam_binding.py +24 -24
- pulumi_gcp/iap/web_type_app_enging_iam_member.py +24 -24
- pulumi_gcp/iap/web_type_app_enging_iam_policy.py +24 -24
- pulumi_gcp/iap/web_type_compute_iam_binding.py +12 -12
- pulumi_gcp/iap/web_type_compute_iam_member.py +12 -12
- pulumi_gcp/iap/web_type_compute_iam_policy.py +12 -12
- pulumi_gcp/identityplatform/config.py +12 -8
- pulumi_gcp/identityplatform/default_supported_idp_config.py +8 -8
- pulumi_gcp/identityplatform/inbound_saml_config.py +8 -4
- pulumi_gcp/identityplatform/oauth_idp_config.py +10 -8
- pulumi_gcp/identityplatform/tenant.py +4 -4
- pulumi_gcp/identityplatform/tenant_default_supported_idp_config.py +2 -2
- pulumi_gcp/identityplatform/tenant_inbound_saml_config.py +8 -4
- pulumi_gcp/identityplatform/tenant_oauth_idp_config.py +4 -2
- pulumi_gcp/integrationconnectors/connection.py +16 -14
- pulumi_gcp/integrationconnectors/endpoint_attachment.py +8 -6
- pulumi_gcp/kms/crypto_key.py +16 -4
- pulumi_gcp/kms/crypto_key_iam_binding.py +32 -26
- pulumi_gcp/kms/crypto_key_iam_member.py +32 -26
- pulumi_gcp/kms/crypto_key_iam_policy.py +32 -26
- pulumi_gcp/kms/crypto_key_version.py +8 -2
- pulumi_gcp/kms/get_crypto_key_iam_policy.py +2 -2
- pulumi_gcp/kms/get_kms_crypto_key_version.py +2 -2
- pulumi_gcp/kms/get_kms_key_ring.py +4 -4
- pulumi_gcp/kms/key_ring.py +6 -2
- pulumi_gcp/kms/key_ring_iam_binding.py +52 -44
- pulumi_gcp/kms/key_ring_iam_member.py +52 -44
- pulumi_gcp/kms/key_ring_iam_policy.py +52 -44
- pulumi_gcp/kms/secret_ciphertext.py +20 -12
- pulumi_gcp/logging/billing_account_exclusion.py +2 -0
- pulumi_gcp/logging/billing_account_sink.py +8 -2
- pulumi_gcp/logging/folder_exclusion.py +2 -0
- pulumi_gcp/logging/folder_settings.py +12 -14
- pulumi_gcp/logging/folder_sink.py +8 -2
- pulumi_gcp/logging/linked_dataset.py +22 -24
- pulumi_gcp/logging/log_view.py +8 -6
- pulumi_gcp/logging/metric.py +78 -68
- pulumi_gcp/logging/organization_exclusion.py +6 -4
- pulumi_gcp/logging/organization_settings.py +10 -12
- pulumi_gcp/logging/organization_sink.py +8 -2
- pulumi_gcp/logging/project_bucket_config.py +178 -0
- pulumi_gcp/logging/project_exclusion.py +2 -0
- pulumi_gcp/looker/instance.py +76 -70
- pulumi_gcp/memcache/instance.py +10 -6
- pulumi_gcp/migrationcenter/group.py +6 -6
- pulumi_gcp/ml/engine_model.py +8 -4
- pulumi_gcp/monitoring/alert_policy.py +58 -58
- pulumi_gcp/monitoring/custom_service.py +2 -2
- pulumi_gcp/monitoring/dashboard.py +0 -4
- pulumi_gcp/monitoring/generic_service.py +18 -18
- pulumi_gcp/monitoring/get_app_engine_service.py +10 -2
- pulumi_gcp/monitoring/get_cluster_istio_service.py +10 -8
- pulumi_gcp/monitoring/get_istio_canonical_service.py +6 -4
- pulumi_gcp/monitoring/get_mesh_istio_service.py +6 -4
- pulumi_gcp/monitoring/get_notification_channel.py +2 -2
- pulumi_gcp/monitoring/metric_descriptor.py +34 -34
- pulumi_gcp/monitoring/monitored_project.py +14 -4
- pulumi_gcp/monitoring/notification_channel.py +8 -8
- pulumi_gcp/monitoring/slo.py +238 -4
- pulumi_gcp/monitoring/uptime_check_config.py +106 -102
- pulumi_gcp/netapp/active_directory.py +4 -2
- pulumi_gcp/netapp/backup_policy.py +12 -10
- pulumi_gcp/netapp/backup_vault.py +4 -2
- pulumi_gcp/netapp/kmsconfig.py +14 -6
- pulumi_gcp/netapp/storage_pool.py +12 -8
- pulumi_gcp/netapp/volume.py +12 -8
- pulumi_gcp/netapp/volume_snapshot.py +16 -12
- pulumi_gcp/networkconnectivity/hub.py +6 -4
- pulumi_gcp/networkconnectivity/policy_based_route.py +18 -6
- pulumi_gcp/networkconnectivity/service_connection_policy.py +12 -4
- pulumi_gcp/networkconnectivity/spoke.py +28 -8
- pulumi_gcp/networkmanagement/connectivity_test.py +36 -22
- pulumi_gcp/networksecurity/address_group.py +32 -26
- pulumi_gcp/networksecurity/authorization_policy.py +8 -8
- pulumi_gcp/networksecurity/client_tls_policy.py +8 -8
- pulumi_gcp/networksecurity/firewall_endpoint.py +4 -4
- pulumi_gcp/networksecurity/gateway_security_policy.py +38 -54
- pulumi_gcp/networksecurity/gateway_security_policy_rule.py +20 -12
- pulumi_gcp/networksecurity/security_profile.py +8 -8
- pulumi_gcp/networksecurity/security_profile_group.py +10 -10
- pulumi_gcp/networksecurity/server_tls_policy.py +30 -28
- pulumi_gcp/networksecurity/tls_inspection_policy.py +28 -44
- pulumi_gcp/networksecurity/url_list.py +6 -2
- pulumi_gcp/networkservices/edge_cache_keyset.py +4 -0
- pulumi_gcp/networkservices/edge_cache_origin.py +12 -4
- pulumi_gcp/networkservices/edge_cache_service.py +270 -16
- pulumi_gcp/networkservices/endpoint_policy.py +8 -8
- pulumi_gcp/networkservices/gateway.py +96 -60
- pulumi_gcp/networkservices/grpc_route.py +12 -12
- pulumi_gcp/networkservices/http_route.py +26 -26
- pulumi_gcp/networkservices/mesh.py +8 -8
- pulumi_gcp/networkservices/service_binding.py +16 -20
- pulumi_gcp/networkservices/tcp_route.py +298 -0
- pulumi_gcp/networkservices/tls_route.py +214 -0
- pulumi_gcp/notebooks/environment.py +6 -4
- pulumi_gcp/notebooks/get_instance_iam_policy.py +6 -6
- pulumi_gcp/notebooks/get_runtime_iam_policy.py +6 -6
- pulumi_gcp/notebooks/instance.py +38 -28
- pulumi_gcp/notebooks/instance_iam_binding.py +18 -18
- pulumi_gcp/notebooks/instance_iam_member.py +18 -18
- pulumi_gcp/notebooks/instance_iam_policy.py +18 -18
- pulumi_gcp/notebooks/runtime.py +74 -64
- pulumi_gcp/notebooks/runtime_iam_binding.py +18 -18
- pulumi_gcp/notebooks/runtime_iam_member.py +18 -18
- pulumi_gcp/notebooks/runtime_iam_policy.py +18 -18
- pulumi_gcp/organizations/access_approval_settings.py +34 -26
- pulumi_gcp/organizations/get_billing_account.py +6 -2
- pulumi_gcp/organizations/get_folders.py +2 -2
- pulumi_gcp/organizations/get_iam_policy.py +0 -62
- pulumi_gcp/organizations/iam_audit_config.py +8 -8
- pulumi_gcp/organizations/iam_binding.py +4 -4
- pulumi_gcp/organizations/iam_custom_role.py +8 -8
- pulumi_gcp/organizations/iam_member.py +42 -42
- pulumi_gcp/organizations/iam_policy.py +42 -42
- pulumi_gcp/organizations/policy.py +26 -26
- pulumi_gcp/organizations/project.py +16 -4
- pulumi_gcp/orgpolicy/custom_constraint.py +14 -8
- pulumi_gcp/orgpolicy/policy.py +24 -60
- pulumi_gcp/osconfig/guest_policies.py +16 -22
- pulumi_gcp/osconfig/os_policy_assignment.py +42 -40
- pulumi_gcp/osconfig/patch_deployment.py +122 -120
- pulumi_gcp/oslogin/ssh_public_key.py +4 -2
- pulumi_gcp/projects/access_approval_settings.py +24 -22
- pulumi_gcp/projects/api_key.py +50 -10
- pulumi_gcp/projects/default_service_accounts.py +10 -10
- pulumi_gcp/projects/iam_audit_config.py +46 -46
- pulumi_gcp/projects/iam_binding.py +46 -46
- pulumi_gcp/projects/iam_custom_role.py +6 -6
- pulumi_gcp/projects/iam_member.py +46 -46
- pulumi_gcp/projects/iam_policy.py +46 -46
- pulumi_gcp/projects/organization_policy.py +26 -26
- pulumi_gcp/projects/service.py +4 -4
- pulumi_gcp/projects/service_identity.py +6 -8
- pulumi_gcp/projects/usage_export_bucket.py +16 -4
- pulumi_gcp/pubsub/get_schema_iam_policy.py +4 -4
- pulumi_gcp/pubsub/get_subscription_iam_policy.py +2 -2
- pulumi_gcp/pubsub/get_topic_iam_policy.py +4 -4
- pulumi_gcp/pubsub/lite_reservation.py +2 -0
- pulumi_gcp/pubsub/lite_subscription.py +10 -6
- pulumi_gcp/pubsub/lite_topic.py +10 -6
- pulumi_gcp/pubsub/schema.py +22 -18
- pulumi_gcp/pubsub/schema_iam_binding.py +12 -12
- pulumi_gcp/pubsub/schema_iam_member.py +12 -12
- pulumi_gcp/pubsub/schema_iam_policy.py +12 -12
- pulumi_gcp/pubsub/subscription.py +90 -96
- pulumi_gcp/pubsub/subscription_iam_binding.py +8 -8
- pulumi_gcp/pubsub/subscription_iam_member.py +8 -8
- pulumi_gcp/pubsub/subscription_iam_policy.py +8 -8
- pulumi_gcp/pubsub/topic.py +46 -24
- pulumi_gcp/pubsub/topic_iam_binding.py +12 -12
- pulumi_gcp/pubsub/topic_iam_member.py +12 -12
- pulumi_gcp/pubsub/topic_iam_policy.py +12 -12
- pulumi_gcp/recaptcha/enterprise_key.py +54 -54
- pulumi_gcp/redis/cluster.py +32 -24
- pulumi_gcp/redis/instance.py +132 -14
- pulumi_gcp/resourcemanager/lien.py +12 -8
- pulumi_gcp/runtimeconfig/config.py +6 -2
- pulumi_gcp/runtimeconfig/get_variable.py +4 -4
- pulumi_gcp/runtimeconfig/variable.py +20 -8
- pulumi_gcp/secretmanager/get_secret_iam_policy.py +4 -4
- pulumi_gcp/secretmanager/secret.py +16 -18
- pulumi_gcp/secretmanager/secret_iam_binding.py +12 -12
- pulumi_gcp/secretmanager/secret_iam_member.py +12 -12
- pulumi_gcp/secretmanager/secret_iam_policy.py +12 -12
- pulumi_gcp/secretmanager/secret_version.py +4 -4
- pulumi_gcp/securesourcemanager/get_instance_iam_policy.py +6 -6
- pulumi_gcp/securesourcemanager/instance.py +144 -14
- pulumi_gcp/securitycenter/get_source_iam_policy.py +2 -2
- pulumi_gcp/securitycenter/instance_iam_binding.py +60 -40
- pulumi_gcp/securitycenter/instance_iam_member.py +60 -40
- pulumi_gcp/securitycenter/instance_iam_policy.py +60 -40
- pulumi_gcp/securitycenter/mute_config.py +6 -6
- pulumi_gcp/securitycenter/notification_config.py +4 -4
- pulumi_gcp/securitycenter/organization_custom_module.py +40 -40
- pulumi_gcp/securitycenter/project_custom_module.py +36 -36
- pulumi_gcp/securitycenter/source.py +6 -6
- pulumi_gcp/securitycenter/source_iam_binding.py +6 -6
- pulumi_gcp/securitycenter/source_iam_member.py +6 -6
- pulumi_gcp/securitycenter/source_iam_policy.py +6 -6
- pulumi_gcp/securityposture/posture.py +46 -46
- pulumi_gcp/serviceaccount/account.py +2 -2
- pulumi_gcp/serviceaccount/get_account.py +34 -0
- pulumi_gcp/serviceaccount/get_account_access_token.py +8 -10
- pulumi_gcp/serviceaccount/get_account_key.py +4 -4
- pulumi_gcp/serviceaccount/get_iam_policy.py +2 -2
- pulumi_gcp/serviceaccount/key.py +46 -2
- pulumi_gcp/servicedirectory/endpoint.py +28 -40
- pulumi_gcp/servicedirectory/namespace.py +2 -4
- pulumi_gcp/servicedirectory/namespace_iam_binding.py +14 -12
- pulumi_gcp/servicedirectory/namespace_iam_member.py +14 -12
- pulumi_gcp/servicedirectory/namespace_iam_policy.py +14 -12
- pulumi_gcp/servicedirectory/service.py +10 -14
- pulumi_gcp/servicedirectory/service_iam_binding.py +14 -12
- pulumi_gcp/servicedirectory/service_iam_member.py +14 -12
- pulumi_gcp/servicedirectory/service_iam_policy.py +14 -12
- pulumi_gcp/servicenetworking/connection.py +8 -6
- pulumi_gcp/servicenetworking/peered_dns_domain.py +6 -4
- pulumi_gcp/serviceusage/consumer_quota_override.py +126 -0
- pulumi_gcp/sourcerepo/get_repository_iam_policy.py +4 -4
- pulumi_gcp/sourcerepo/repository.py +20 -16
- pulumi_gcp/sourcerepo/repository_iam_binding.py +12 -12
- pulumi_gcp/sourcerepo/repository_iam_member.py +12 -12
- pulumi_gcp/sourcerepo/repository_iam_policy.py +12 -12
- pulumi_gcp/spanner/database.py +2 -0
- pulumi_gcp/spanner/database_iam_binding.py +12 -12
- pulumi_gcp/spanner/database_iam_member.py +12 -12
- pulumi_gcp/spanner/database_iam_policy.py +12 -12
- pulumi_gcp/spanner/get_database_iam_policy.py +6 -6
- pulumi_gcp/spanner/get_instance_iam_policy.py +4 -4
- pulumi_gcp/spanner/instance.py +16 -16
- pulumi_gcp/spanner/instance_iam_binding.py +8 -8
- pulumi_gcp/spanner/instance_iam_member.py +8 -8
- pulumi_gcp/spanner/instance_iam_policy.py +8 -8
- pulumi_gcp/sql/database.py +14 -4
- pulumi_gcp/sql/database_instance.py +76 -26
- pulumi_gcp/sql/get_backup_run.py +2 -2
- pulumi_gcp/sql/get_ca_certs.py +32 -0
- pulumi_gcp/sql/get_database.py +2 -2
- pulumi_gcp/sql/get_databases.py +2 -2
- pulumi_gcp/sql/source_representation_instance.py +20 -16
- pulumi_gcp/sql/ssl_cert.py +6 -4
- pulumi_gcp/sql/user.py +154 -0
- pulumi_gcp/storage/bucket.py +44 -38
- pulumi_gcp/storage/bucket_access_control.py +8 -4
- pulumi_gcp/storage/bucket_acl.py +6 -2
- pulumi_gcp/storage/bucket_iam_binding.py +12 -12
- pulumi_gcp/storage/bucket_iam_member.py +12 -12
- pulumi_gcp/storage/bucket_iam_policy.py +12 -12
- pulumi_gcp/storage/bucket_object.py +14 -12
- pulumi_gcp/storage/default_object_access_control.py +8 -4
- pulumi_gcp/storage/default_object_acl.py +6 -2
- pulumi_gcp/storage/get_bucket_iam_policy.py +2 -2
- pulumi_gcp/storage/get_bucket_object.py +4 -4
- pulumi_gcp/storage/get_object_signed_url.py +6 -4
- pulumi_gcp/storage/get_project_service_account.py +6 -6
- pulumi_gcp/storage/hmac_key.py +2 -2
- pulumi_gcp/storage/insights_report_config.py +14 -14
- pulumi_gcp/storage/notification.py +20 -18
- pulumi_gcp/storage/object_access_control.py +10 -4
- pulumi_gcp/storage/object_acl.py +8 -2
- pulumi_gcp/storage/transfer_agent_pool.py +6 -6
- pulumi_gcp/storage/transfer_job.py +30 -38
- pulumi_gcp/tags/get_tag_key_iam_policy.py +2 -2
- pulumi_gcp/tags/get_tag_value_iam_policy.py +2 -2
- pulumi_gcp/tags/location_tag_binding.py +44 -32
- pulumi_gcp/tags/tag_binding.py +16 -10
- pulumi_gcp/tags/tag_key.py +4 -4
- pulumi_gcp/tags/tag_key_iam_binding.py +6 -6
- pulumi_gcp/tags/tag_key_iam_member.py +6 -6
- pulumi_gcp/tags/tag_key_iam_policy.py +6 -6
- pulumi_gcp/tags/tag_value.py +8 -8
- pulumi_gcp/tags/tag_value_iam_binding.py +6 -6
- pulumi_gcp/tags/tag_value_iam_member.py +6 -6
- pulumi_gcp/tags/tag_value_iam_policy.py +6 -6
- pulumi_gcp/tpu/get_tensorflow_versions.py +2 -0
- pulumi_gcp/tpu/get_v2_accelerator_types.py +10 -8
- pulumi_gcp/tpu/get_v2_runtime_versions.py +2 -0
- pulumi_gcp/tpu/node.py +12 -6
- pulumi_gcp/tpu/v2_vm.py +134 -2
- pulumi_gcp/vertex/ai_dataset.py +6 -6
- pulumi_gcp/vertex/ai_endpoint.py +28 -26
- pulumi_gcp/vertex/ai_feature_group.py +8 -6
- pulumi_gcp/vertex/ai_feature_group_feature.py +12 -8
- pulumi_gcp/vertex/ai_feature_online_store.py +26 -24
- pulumi_gcp/vertex/ai_feature_online_store_featureview.py +36 -28
- pulumi_gcp/vertex/ai_feature_store.py +30 -26
- pulumi_gcp/vertex/ai_feature_store_entity_type.py +12 -8
- pulumi_gcp/vertex/ai_feature_store_entity_type_feature.py +18 -12
- pulumi_gcp/vertex/ai_index.py +8 -0
- pulumi_gcp/vertex/ai_index_endpoint.py +36 -36
- pulumi_gcp/vertex/ai_metadata_store.py +2 -0
- pulumi_gcp/vertex/ai_tensorboard.py +12 -14
- pulumi_gcp/vmwareengine/cluster.py +12 -0
- pulumi_gcp/vmwareengine/external_access_rule.py +16 -0
- pulumi_gcp/vmwareengine/external_address.py +10 -4
- pulumi_gcp/vmwareengine/get_network.py +4 -4
- pulumi_gcp/vmwareengine/get_network_policy.py +4 -4
- pulumi_gcp/vmwareengine/get_private_cloud.py +4 -4
- pulumi_gcp/vmwareengine/network.py +56 -4
- pulumi_gcp/vmwareengine/network_peering.py +12 -2
- pulumi_gcp/vmwareengine/network_policy.py +8 -0
- pulumi_gcp/vmwareengine/private_cloud.py +8 -0
- pulumi_gcp/vmwareengine/subnet.py +6 -0
- pulumi_gcp/vpcaccess/connector.py +16 -6
- pulumi_gcp/vpcaccess/get_connector.py +2 -0
- pulumi_gcp/workbench/get_instance_iam_policy.py +6 -6
- pulumi_gcp/workbench/instance.py +42 -26
- pulumi_gcp/workflows/workflow.py +98 -0
- pulumi_gcp/workstations/workstation.py +26 -30
- pulumi_gcp/workstations/workstation_cluster.py +48 -48
- pulumi_gcp/workstations/workstation_config.py +182 -194
- {pulumi_gcp-7.12.0a1709102105.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/METADATA +1 -1
- pulumi_gcp-7.12.0a1709133800.dist-info/RECORD +1489 -0
- pulumi_gcp-7.12.0a1709102105.dist-info/RECORD +0 -1489
- {pulumi_gcp-7.12.0a1709102105.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/WHEEL +0 -0
- {pulumi_gcp-7.12.0a1709102105.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/top_level.txt +0 -0
|
@@ -191,6 +191,56 @@ class AccessBoundaryPolicy(pulumi.CustomResource):
|
|
|
191
191
|
if they would like to test it.
|
|
192
192
|
|
|
193
193
|
## Example Usage
|
|
194
|
+
### Iam Access Boundary Policy Basic
|
|
195
|
+
|
|
196
|
+
```python
|
|
197
|
+
import pulumi
|
|
198
|
+
import pulumi_gcp as gcp
|
|
199
|
+
import pulumi_std as std
|
|
200
|
+
|
|
201
|
+
project = gcp.organizations.Project("project",
|
|
202
|
+
project_id="my-project",
|
|
203
|
+
name="my-project",
|
|
204
|
+
org_id="123456789",
|
|
205
|
+
billing_account="000000-0000000-0000000-000000")
|
|
206
|
+
access_policy = gcp.accesscontextmanager.AccessPolicy("access-policy",
|
|
207
|
+
parent=project.org_id.apply(lambda org_id: f"organizations/{org_id}"),
|
|
208
|
+
title="my policy")
|
|
209
|
+
test_access = gcp.accesscontextmanager.AccessLevel("test-access",
|
|
210
|
+
parent=access_policy.name.apply(lambda name: f"accessPolicies/{name}"),
|
|
211
|
+
name=access_policy.name.apply(lambda name: f"accessPolicies/{name}/accessLevels/chromeos_no_lock"),
|
|
212
|
+
title="chromeos_no_lock",
|
|
213
|
+
basic=gcp.accesscontextmanager.AccessLevelBasicArgs(
|
|
214
|
+
conditions=[gcp.accesscontextmanager.AccessLevelBasicConditionArgs(
|
|
215
|
+
device_policy=gcp.accesscontextmanager.AccessLevelBasicConditionDevicePolicyArgs(
|
|
216
|
+
require_screen_lock=True,
|
|
217
|
+
os_constraints=[gcp.accesscontextmanager.AccessLevelBasicConditionDevicePolicyOsConstraintArgs(
|
|
218
|
+
os_type="DESKTOP_CHROME_OS",
|
|
219
|
+
)],
|
|
220
|
+
),
|
|
221
|
+
regions=[
|
|
222
|
+
"CH",
|
|
223
|
+
"IT",
|
|
224
|
+
"US",
|
|
225
|
+
],
|
|
226
|
+
)],
|
|
227
|
+
))
|
|
228
|
+
example = gcp.iam.AccessBoundaryPolicy("example",
|
|
229
|
+
parent=std.urlencode_output(input=project.project_id.apply(lambda project_id: f"cloudresourcemanager.googleapis.com/projects/{project_id}")).apply(lambda invoke: invoke.result),
|
|
230
|
+
name="my-ab-policy",
|
|
231
|
+
display_name="My AB policy",
|
|
232
|
+
rules=[gcp.iam.AccessBoundaryPolicyRuleArgs(
|
|
233
|
+
description="AB rule",
|
|
234
|
+
access_boundary_rule=gcp.iam.AccessBoundaryPolicyRuleAccessBoundaryRuleArgs(
|
|
235
|
+
available_resource="*",
|
|
236
|
+
available_permissions=["*"],
|
|
237
|
+
availability_condition=gcp.iam.AccessBoundaryPolicyRuleAccessBoundaryRuleAvailabilityConditionArgs(
|
|
238
|
+
title="Access level expr",
|
|
239
|
+
expression=pulumi.Output.all(project.org_id, test_access.name).apply(lambda org_id, name: f"request.matchAccessLevels('{org_id}', ['{name}'])"),
|
|
240
|
+
),
|
|
241
|
+
),
|
|
242
|
+
)])
|
|
243
|
+
```
|
|
194
244
|
|
|
195
245
|
## Import
|
|
196
246
|
|
|
@@ -224,6 +274,56 @@ class AccessBoundaryPolicy(pulumi.CustomResource):
|
|
|
224
274
|
if they would like to test it.
|
|
225
275
|
|
|
226
276
|
## Example Usage
|
|
277
|
+
### Iam Access Boundary Policy Basic
|
|
278
|
+
|
|
279
|
+
```python
|
|
280
|
+
import pulumi
|
|
281
|
+
import pulumi_gcp as gcp
|
|
282
|
+
import pulumi_std as std
|
|
283
|
+
|
|
284
|
+
project = gcp.organizations.Project("project",
|
|
285
|
+
project_id="my-project",
|
|
286
|
+
name="my-project",
|
|
287
|
+
org_id="123456789",
|
|
288
|
+
billing_account="000000-0000000-0000000-000000")
|
|
289
|
+
access_policy = gcp.accesscontextmanager.AccessPolicy("access-policy",
|
|
290
|
+
parent=project.org_id.apply(lambda org_id: f"organizations/{org_id}"),
|
|
291
|
+
title="my policy")
|
|
292
|
+
test_access = gcp.accesscontextmanager.AccessLevel("test-access",
|
|
293
|
+
parent=access_policy.name.apply(lambda name: f"accessPolicies/{name}"),
|
|
294
|
+
name=access_policy.name.apply(lambda name: f"accessPolicies/{name}/accessLevels/chromeos_no_lock"),
|
|
295
|
+
title="chromeos_no_lock",
|
|
296
|
+
basic=gcp.accesscontextmanager.AccessLevelBasicArgs(
|
|
297
|
+
conditions=[gcp.accesscontextmanager.AccessLevelBasicConditionArgs(
|
|
298
|
+
device_policy=gcp.accesscontextmanager.AccessLevelBasicConditionDevicePolicyArgs(
|
|
299
|
+
require_screen_lock=True,
|
|
300
|
+
os_constraints=[gcp.accesscontextmanager.AccessLevelBasicConditionDevicePolicyOsConstraintArgs(
|
|
301
|
+
os_type="DESKTOP_CHROME_OS",
|
|
302
|
+
)],
|
|
303
|
+
),
|
|
304
|
+
regions=[
|
|
305
|
+
"CH",
|
|
306
|
+
"IT",
|
|
307
|
+
"US",
|
|
308
|
+
],
|
|
309
|
+
)],
|
|
310
|
+
))
|
|
311
|
+
example = gcp.iam.AccessBoundaryPolicy("example",
|
|
312
|
+
parent=std.urlencode_output(input=project.project_id.apply(lambda project_id: f"cloudresourcemanager.googleapis.com/projects/{project_id}")).apply(lambda invoke: invoke.result),
|
|
313
|
+
name="my-ab-policy",
|
|
314
|
+
display_name="My AB policy",
|
|
315
|
+
rules=[gcp.iam.AccessBoundaryPolicyRuleArgs(
|
|
316
|
+
description="AB rule",
|
|
317
|
+
access_boundary_rule=gcp.iam.AccessBoundaryPolicyRuleAccessBoundaryRuleArgs(
|
|
318
|
+
available_resource="*",
|
|
319
|
+
available_permissions=["*"],
|
|
320
|
+
availability_condition=gcp.iam.AccessBoundaryPolicyRuleAccessBoundaryRuleAvailabilityConditionArgs(
|
|
321
|
+
title="Access level expr",
|
|
322
|
+
expression=pulumi.Output.all(project.org_id, test_access.name).apply(lambda org_id, name: f"request.matchAccessLevels('{org_id}', ['{name}'])"),
|
|
323
|
+
),
|
|
324
|
+
),
|
|
325
|
+
)])
|
|
326
|
+
```
|
|
227
327
|
|
|
228
328
|
## Import
|
|
229
329
|
|
pulumi_gcp/iam/deny_policy.py
CHANGED
|
@@ -195,6 +195,52 @@ class DenyPolicy(pulumi.CustomResource):
|
|
|
195
195
|
* [Permissions supported in deny policies](https://cloud.google.com/iam/docs/deny-permissions-support)
|
|
196
196
|
|
|
197
197
|
## Example Usage
|
|
198
|
+
### Iam Deny Policy Basic
|
|
199
|
+
|
|
200
|
+
```python
|
|
201
|
+
import pulumi
|
|
202
|
+
import pulumi_gcp as gcp
|
|
203
|
+
import pulumi_std as std
|
|
204
|
+
|
|
205
|
+
project = gcp.organizations.Project("project",
|
|
206
|
+
project_id="my-project",
|
|
207
|
+
name="my-project",
|
|
208
|
+
org_id="123456789",
|
|
209
|
+
billing_account="000000-0000000-0000000-000000")
|
|
210
|
+
test_account = gcp.serviceaccount.Account("test-account",
|
|
211
|
+
account_id="svc-acc",
|
|
212
|
+
display_name="Test Service Account",
|
|
213
|
+
project=project.project_id)
|
|
214
|
+
example = gcp.iam.DenyPolicy("example",
|
|
215
|
+
parent=std.urlencode_output(input=project.project_id.apply(lambda project_id: f"cloudresourcemanager.googleapis.com/projects/{project_id}")).apply(lambda invoke: invoke.result),
|
|
216
|
+
name="my-deny-policy",
|
|
217
|
+
display_name="A deny rule",
|
|
218
|
+
rules=[
|
|
219
|
+
gcp.iam.DenyPolicyRuleArgs(
|
|
220
|
+
description="First rule",
|
|
221
|
+
deny_rule=gcp.iam.DenyPolicyRuleDenyRuleArgs(
|
|
222
|
+
denied_principals=["principalSet://goog/public:all"],
|
|
223
|
+
denial_condition=gcp.iam.DenyPolicyRuleDenyRuleDenialConditionArgs(
|
|
224
|
+
title="Some expr",
|
|
225
|
+
expression="!resource.matchTag('12345678/env', 'test')",
|
|
226
|
+
),
|
|
227
|
+
denied_permissions=["cloudresourcemanager.googleapis.com/projects.update"],
|
|
228
|
+
),
|
|
229
|
+
),
|
|
230
|
+
gcp.iam.DenyPolicyRuleArgs(
|
|
231
|
+
description="Second rule",
|
|
232
|
+
deny_rule=gcp.iam.DenyPolicyRuleDenyRuleArgs(
|
|
233
|
+
denied_principals=["principalSet://goog/public:all"],
|
|
234
|
+
denial_condition=gcp.iam.DenyPolicyRuleDenyRuleDenialConditionArgs(
|
|
235
|
+
title="Some expr",
|
|
236
|
+
expression="!resource.matchTag('12345678/env', 'test')",
|
|
237
|
+
),
|
|
238
|
+
denied_permissions=["cloudresourcemanager.googleapis.com/projects.update"],
|
|
239
|
+
exception_principals=[test_account.email.apply(lambda email: f"principal://iam.googleapis.com/projects/-/serviceAccounts/{email}")],
|
|
240
|
+
),
|
|
241
|
+
),
|
|
242
|
+
])
|
|
243
|
+
```
|
|
198
244
|
|
|
199
245
|
## Import
|
|
200
246
|
|
|
@@ -232,6 +278,52 @@ class DenyPolicy(pulumi.CustomResource):
|
|
|
232
278
|
* [Permissions supported in deny policies](https://cloud.google.com/iam/docs/deny-permissions-support)
|
|
233
279
|
|
|
234
280
|
## Example Usage
|
|
281
|
+
### Iam Deny Policy Basic
|
|
282
|
+
|
|
283
|
+
```python
|
|
284
|
+
import pulumi
|
|
285
|
+
import pulumi_gcp as gcp
|
|
286
|
+
import pulumi_std as std
|
|
287
|
+
|
|
288
|
+
project = gcp.organizations.Project("project",
|
|
289
|
+
project_id="my-project",
|
|
290
|
+
name="my-project",
|
|
291
|
+
org_id="123456789",
|
|
292
|
+
billing_account="000000-0000000-0000000-000000")
|
|
293
|
+
test_account = gcp.serviceaccount.Account("test-account",
|
|
294
|
+
account_id="svc-acc",
|
|
295
|
+
display_name="Test Service Account",
|
|
296
|
+
project=project.project_id)
|
|
297
|
+
example = gcp.iam.DenyPolicy("example",
|
|
298
|
+
parent=std.urlencode_output(input=project.project_id.apply(lambda project_id: f"cloudresourcemanager.googleapis.com/projects/{project_id}")).apply(lambda invoke: invoke.result),
|
|
299
|
+
name="my-deny-policy",
|
|
300
|
+
display_name="A deny rule",
|
|
301
|
+
rules=[
|
|
302
|
+
gcp.iam.DenyPolicyRuleArgs(
|
|
303
|
+
description="First rule",
|
|
304
|
+
deny_rule=gcp.iam.DenyPolicyRuleDenyRuleArgs(
|
|
305
|
+
denied_principals=["principalSet://goog/public:all"],
|
|
306
|
+
denial_condition=gcp.iam.DenyPolicyRuleDenyRuleDenialConditionArgs(
|
|
307
|
+
title="Some expr",
|
|
308
|
+
expression="!resource.matchTag('12345678/env', 'test')",
|
|
309
|
+
),
|
|
310
|
+
denied_permissions=["cloudresourcemanager.googleapis.com/projects.update"],
|
|
311
|
+
),
|
|
312
|
+
),
|
|
313
|
+
gcp.iam.DenyPolicyRuleArgs(
|
|
314
|
+
description="Second rule",
|
|
315
|
+
deny_rule=gcp.iam.DenyPolicyRuleDenyRuleArgs(
|
|
316
|
+
denied_principals=["principalSet://goog/public:all"],
|
|
317
|
+
denial_condition=gcp.iam.DenyPolicyRuleDenyRuleDenialConditionArgs(
|
|
318
|
+
title="Some expr",
|
|
319
|
+
expression="!resource.matchTag('12345678/env', 'test')",
|
|
320
|
+
),
|
|
321
|
+
denied_permissions=["cloudresourcemanager.googleapis.com/projects.update"],
|
|
322
|
+
exception_principals=[test_account.email.apply(lambda email: f"principal://iam.googleapis.com/projects/-/serviceAccounts/{email}")],
|
|
323
|
+
),
|
|
324
|
+
),
|
|
325
|
+
])
|
|
326
|
+
```
|
|
235
327
|
|
|
236
328
|
## Import
|
|
237
329
|
|
pulumi_gcp/iam/outputs.py
CHANGED
|
@@ -550,9 +550,6 @@ class WorkforcePoolProviderOidc(dict):
|
|
|
550
550
|
.well-known path for the `issuer_uri`. Currently, RSA and EC asymmetric
|
|
551
551
|
keys are supported. The JWK must use following format and include only
|
|
552
552
|
the following fields:
|
|
553
|
-
```python
|
|
554
|
-
import pulumi
|
|
555
|
-
```
|
|
556
553
|
:param 'WorkforcePoolProviderOidcWebSsoConfigArgs' web_sso_config: Configuration for web single sign-on for the OIDC provider. Here, web sign-in refers to console sign-in and gcloud sign-in through the browser.
|
|
557
554
|
Structure is documented below.
|
|
558
555
|
"""
|
|
@@ -600,9 +597,6 @@ class WorkforcePoolProviderOidc(dict):
|
|
|
600
597
|
.well-known path for the `issuer_uri`. Currently, RSA and EC asymmetric
|
|
601
598
|
keys are supported. The JWK must use following format and include only
|
|
602
599
|
the following fields:
|
|
603
|
-
```python
|
|
604
|
-
import pulumi
|
|
605
|
-
```
|
|
606
600
|
"""
|
|
607
601
|
return pulumi.get(self, "jwks_json")
|
|
608
602
|
|
|
@@ -896,18 +890,12 @@ class WorkloadIdentityPoolProviderOidc(dict):
|
|
|
896
890
|
If this list is empty, the OIDC token audience must be equal to the full canonical
|
|
897
891
|
resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix.
|
|
898
892
|
For example:
|
|
899
|
-
```python
|
|
900
|
-
import pulumi
|
|
901
|
-
```
|
|
902
893
|
:param str jwks_json: OIDC JWKs in JSON String format. For details on definition of a
|
|
903
894
|
JWK, see https:tools.ietf.org/html/rfc7517. If not set, then we
|
|
904
895
|
use the `jwks_uri` from the discovery document fetched from the
|
|
905
896
|
.well-known path for the `issuer_uri`. Currently, RSA and EC asymmetric
|
|
906
897
|
keys are supported. The JWK must use following format and include only
|
|
907
898
|
the following fields:
|
|
908
|
-
```python
|
|
909
|
-
import pulumi
|
|
910
|
-
```
|
|
911
899
|
"""
|
|
912
900
|
pulumi.set(__self__, "issuer_uri", issuer_uri)
|
|
913
901
|
if allowed_audiences is not None:
|
|
@@ -934,9 +922,6 @@ class WorkloadIdentityPoolProviderOidc(dict):
|
|
|
934
922
|
If this list is empty, the OIDC token audience must be equal to the full canonical
|
|
935
923
|
resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix.
|
|
936
924
|
For example:
|
|
937
|
-
```python
|
|
938
|
-
import pulumi
|
|
939
|
-
```
|
|
940
925
|
"""
|
|
941
926
|
return pulumi.get(self, "allowed_audiences")
|
|
942
927
|
|
|
@@ -950,9 +935,6 @@ class WorkloadIdentityPoolProviderOidc(dict):
|
|
|
950
935
|
.well-known path for the `issuer_uri`. Currently, RSA and EC asymmetric
|
|
951
936
|
keys are supported. The JWK must use following format and include only
|
|
952
937
|
the following fields:
|
|
953
|
-
```python
|
|
954
|
-
import pulumi
|
|
955
|
-
```
|
|
956
938
|
"""
|
|
957
939
|
return pulumi.get(self, "jwks_json")
|
|
958
940
|
|
pulumi_gcp/iam/workforce_pool.py
CHANGED
|
@@ -417,9 +417,9 @@ class WorkforcePool(pulumi.CustomResource):
|
|
|
417
417
|
import pulumi_gcp as gcp
|
|
418
418
|
|
|
419
419
|
example = gcp.iam.WorkforcePool("example",
|
|
420
|
-
|
|
420
|
+
workforce_pool_id="example-pool",
|
|
421
421
|
parent="organizations/123456789",
|
|
422
|
-
|
|
422
|
+
location="global")
|
|
423
423
|
```
|
|
424
424
|
### Iam Workforce Pool Full
|
|
425
425
|
|
|
@@ -428,19 +428,19 @@ class WorkforcePool(pulumi.CustomResource):
|
|
|
428
428
|
import pulumi_gcp as gcp
|
|
429
429
|
|
|
430
430
|
example = gcp.iam.WorkforcePool("example",
|
|
431
|
+
workforce_pool_id="example-pool",
|
|
432
|
+
parent="organizations/123456789",
|
|
433
|
+
location="global",
|
|
434
|
+
display_name="Display name",
|
|
435
|
+
description="A sample workforce pool.",
|
|
436
|
+
disabled=False,
|
|
437
|
+
session_duration="7200s",
|
|
431
438
|
access_restrictions=gcp.iam.WorkforcePoolAccessRestrictionsArgs(
|
|
432
439
|
allowed_services=[gcp.iam.WorkforcePoolAccessRestrictionsAllowedServiceArgs(
|
|
433
440
|
domain="backstory.chronicle.security",
|
|
434
441
|
)],
|
|
435
442
|
disable_programmatic_signin=False,
|
|
436
|
-
)
|
|
437
|
-
description="A sample workforce pool.",
|
|
438
|
-
disabled=False,
|
|
439
|
-
display_name="Display name",
|
|
440
|
-
location="global",
|
|
441
|
-
parent="organizations/123456789",
|
|
442
|
-
session_duration="7200s",
|
|
443
|
-
workforce_pool_id="example-pool")
|
|
443
|
+
))
|
|
444
444
|
```
|
|
445
445
|
|
|
446
446
|
## Import
|
|
@@ -511,9 +511,9 @@ class WorkforcePool(pulumi.CustomResource):
|
|
|
511
511
|
import pulumi_gcp as gcp
|
|
512
512
|
|
|
513
513
|
example = gcp.iam.WorkforcePool("example",
|
|
514
|
-
|
|
514
|
+
workforce_pool_id="example-pool",
|
|
515
515
|
parent="organizations/123456789",
|
|
516
|
-
|
|
516
|
+
location="global")
|
|
517
517
|
```
|
|
518
518
|
### Iam Workforce Pool Full
|
|
519
519
|
|
|
@@ -522,19 +522,19 @@ class WorkforcePool(pulumi.CustomResource):
|
|
|
522
522
|
import pulumi_gcp as gcp
|
|
523
523
|
|
|
524
524
|
example = gcp.iam.WorkforcePool("example",
|
|
525
|
+
workforce_pool_id="example-pool",
|
|
526
|
+
parent="organizations/123456789",
|
|
527
|
+
location="global",
|
|
528
|
+
display_name="Display name",
|
|
529
|
+
description="A sample workforce pool.",
|
|
530
|
+
disabled=False,
|
|
531
|
+
session_duration="7200s",
|
|
525
532
|
access_restrictions=gcp.iam.WorkforcePoolAccessRestrictionsArgs(
|
|
526
533
|
allowed_services=[gcp.iam.WorkforcePoolAccessRestrictionsAllowedServiceArgs(
|
|
527
534
|
domain="backstory.chronicle.security",
|
|
528
535
|
)],
|
|
529
536
|
disable_programmatic_signin=False,
|
|
530
|
-
)
|
|
531
|
-
description="A sample workforce pool.",
|
|
532
|
-
disabled=False,
|
|
533
|
-
display_name="Display name",
|
|
534
|
-
location="global",
|
|
535
|
-
parent="organizations/123456789",
|
|
536
|
-
session_duration="7200s",
|
|
537
|
-
workforce_pool_id="example-pool")
|
|
537
|
+
))
|
|
538
538
|
```
|
|
539
539
|
|
|
540
540
|
## Import
|
|
@@ -81,9 +81,6 @@ class WorkforcePoolProviderArgs:
|
|
|
81
81
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
82
82
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
83
83
|
on a Google token:
|
|
84
|
-
```python
|
|
85
|
-
import pulumi
|
|
86
|
-
```
|
|
87
84
|
An object containing a list of `"key": value` pairs.
|
|
88
85
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
89
86
|
:param pulumi.Input[str] description: A user-specified description of the provider. Cannot exceed 256 characters.
|
|
@@ -214,9 +211,6 @@ class WorkforcePoolProviderArgs:
|
|
|
214
211
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
215
212
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
216
213
|
on a Google token:
|
|
217
|
-
```python
|
|
218
|
-
import pulumi
|
|
219
|
-
```
|
|
220
214
|
An object containing a list of `"key": value` pairs.
|
|
221
215
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
222
216
|
"""
|
|
@@ -349,9 +343,6 @@ class _WorkforcePoolProviderState:
|
|
|
349
343
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
350
344
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
351
345
|
on a Google token:
|
|
352
|
-
```python
|
|
353
|
-
import pulumi
|
|
354
|
-
```
|
|
355
346
|
An object containing a list of `"key": value` pairs.
|
|
356
347
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
357
348
|
:param pulumi.Input[str] description: A user-specified description of the provider. Cannot exceed 256 characters.
|
|
@@ -464,9 +455,6 @@ class _WorkforcePoolProviderState:
|
|
|
464
455
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
465
456
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
466
457
|
on a Google token:
|
|
467
|
-
```python
|
|
468
|
-
import pulumi
|
|
469
|
-
```
|
|
470
458
|
An object containing a list of `"key": value` pairs.
|
|
471
459
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
472
460
|
"""
|
|
@@ -822,9 +810,6 @@ class WorkforcePoolProvider(pulumi.CustomResource):
|
|
|
822
810
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
823
811
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
824
812
|
on a Google token:
|
|
825
|
-
```python
|
|
826
|
-
import pulumi
|
|
827
|
-
```
|
|
828
813
|
An object containing a list of `"key": value` pairs.
|
|
829
814
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
830
815
|
:param pulumi.Input[str] description: A user-specified description of the provider. Cannot exceed 256 characters.
|
|
@@ -1124,9 +1109,6 @@ class WorkforcePoolProvider(pulumi.CustomResource):
|
|
|
1124
1109
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
1125
1110
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
1126
1111
|
on a Google token:
|
|
1127
|
-
```python
|
|
1128
|
-
import pulumi
|
|
1129
|
-
```
|
|
1130
1112
|
An object containing a list of `"key": value` pairs.
|
|
1131
1113
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
1132
1114
|
:param pulumi.Input[str] description: A user-specified description of the provider. Cannot exceed 256 characters.
|
|
@@ -1228,9 +1210,6 @@ class WorkforcePoolProvider(pulumi.CustomResource):
|
|
|
1228
1210
|
For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
1229
1211
|
For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
1230
1212
|
on a Google token:
|
|
1231
|
-
```python
|
|
1232
|
-
import pulumi
|
|
1233
|
-
```
|
|
1234
1213
|
An object containing a list of `"key": value` pairs.
|
|
1235
1214
|
Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
1236
1215
|
"""
|
|
@@ -305,10 +305,10 @@ class WorkloadIdentityPool(pulumi.CustomResource):
|
|
|
305
305
|
import pulumi_gcp as gcp
|
|
306
306
|
|
|
307
307
|
example = gcp.iam.WorkloadIdentityPool("example",
|
|
308
|
-
|
|
309
|
-
disabled=True,
|
|
308
|
+
workload_identity_pool_id="example-pool",
|
|
310
309
|
display_name="Name of pool",
|
|
311
|
-
|
|
310
|
+
description="Identity pool for automated test",
|
|
311
|
+
disabled=True)
|
|
312
312
|
```
|
|
313
313
|
|
|
314
314
|
## Import
|
|
@@ -383,10 +383,10 @@ class WorkloadIdentityPool(pulumi.CustomResource):
|
|
|
383
383
|
import pulumi_gcp as gcp
|
|
384
384
|
|
|
385
385
|
example = gcp.iam.WorkloadIdentityPool("example",
|
|
386
|
-
|
|
387
|
-
disabled=True,
|
|
386
|
+
workload_identity_pool_id="example-pool",
|
|
388
387
|
display_name="Name of pool",
|
|
389
|
-
|
|
388
|
+
description="Identity pool for automated test",
|
|
389
|
+
disabled=True)
|
|
390
390
|
```
|
|
391
391
|
|
|
392
392
|
## Import
|
|
@@ -74,18 +74,12 @@ class WorkloadIdentityPoolProviderArgs:
|
|
|
74
74
|
the total size of all mapped attributes must not exceed 8KB.
|
|
75
75
|
For AWS providers, the following rules apply:
|
|
76
76
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
77
|
-
```python
|
|
78
|
-
import pulumi
|
|
79
|
-
```
|
|
80
77
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
81
78
|
`google.subject` attribute.
|
|
82
79
|
For OIDC providers, the following rules apply:
|
|
83
80
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
84
81
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
85
82
|
incoming credential to the `subject` attribute on a Google token.
|
|
86
|
-
```python
|
|
87
|
-
import pulumi
|
|
88
|
-
```
|
|
89
83
|
:param pulumi.Input['WorkloadIdentityPoolProviderAwsArgs'] aws: An Amazon Web Services identity provider. Not compatible with the property oidc or saml.
|
|
90
84
|
Structure is documented below.
|
|
91
85
|
:param pulumi.Input[str] description: A description for the provider. Cannot exceed 256 characters.
|
|
@@ -202,18 +196,12 @@ class WorkloadIdentityPoolProviderArgs:
|
|
|
202
196
|
the total size of all mapped attributes must not exceed 8KB.
|
|
203
197
|
For AWS providers, the following rules apply:
|
|
204
198
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
205
|
-
```python
|
|
206
|
-
import pulumi
|
|
207
|
-
```
|
|
208
199
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
209
200
|
`google.subject` attribute.
|
|
210
201
|
For OIDC providers, the following rules apply:
|
|
211
202
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
212
203
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
213
204
|
incoming credential to the `subject` attribute on a Google token.
|
|
214
|
-
```python
|
|
215
|
-
import pulumi
|
|
216
|
-
```
|
|
217
205
|
"""
|
|
218
206
|
return pulumi.get(self, "attribute_mapping")
|
|
219
207
|
|
|
@@ -365,18 +353,12 @@ class _WorkloadIdentityPoolProviderState:
|
|
|
365
353
|
the total size of all mapped attributes must not exceed 8KB.
|
|
366
354
|
For AWS providers, the following rules apply:
|
|
367
355
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
368
|
-
```python
|
|
369
|
-
import pulumi
|
|
370
|
-
```
|
|
371
356
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
372
357
|
`google.subject` attribute.
|
|
373
358
|
For OIDC providers, the following rules apply:
|
|
374
359
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
375
360
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
376
361
|
incoming credential to the `subject` attribute on a Google token.
|
|
377
|
-
```python
|
|
378
|
-
import pulumi
|
|
379
|
-
```
|
|
380
362
|
:param pulumi.Input['WorkloadIdentityPoolProviderAwsArgs'] aws: An Amazon Web Services identity provider. Not compatible with the property oidc or saml.
|
|
381
363
|
Structure is documented below.
|
|
382
364
|
:param pulumi.Input[str] description: A description for the provider. Cannot exceed 256 characters.
|
|
@@ -486,18 +468,12 @@ class _WorkloadIdentityPoolProviderState:
|
|
|
486
468
|
the total size of all mapped attributes must not exceed 8KB.
|
|
487
469
|
For AWS providers, the following rules apply:
|
|
488
470
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
489
|
-
```python
|
|
490
|
-
import pulumi
|
|
491
|
-
```
|
|
492
471
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
493
472
|
`google.subject` attribute.
|
|
494
473
|
For OIDC providers, the following rules apply:
|
|
495
474
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
496
475
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
497
476
|
incoming credential to the `subject` attribute on a Google token.
|
|
498
|
-
```python
|
|
499
|
-
import pulumi
|
|
500
|
-
```
|
|
501
477
|
"""
|
|
502
478
|
return pulumi.get(self, "attribute_mapping")
|
|
503
479
|
|
|
@@ -774,6 +750,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
774
750
|
```python
|
|
775
751
|
import pulumi
|
|
776
752
|
import pulumi_gcp as gcp
|
|
753
|
+
import pulumi_std as std
|
|
777
754
|
|
|
778
755
|
pool = gcp.iam.WorkloadIdentityPool("pool", workload_identity_pool_id="example-pool")
|
|
779
756
|
example = gcp.iam.WorkloadIdentityPoolProvider("example",
|
|
@@ -785,7 +762,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
785
762
|
"attribute.environment": "assertion.arn.contains(\\":instance-profile/Production\\") ? \\"prod\\" : \\"test\\"",
|
|
786
763
|
},
|
|
787
764
|
saml=gcp.iam.WorkloadIdentityPoolProviderSamlArgs(
|
|
788
|
-
idp_metadata_xml=
|
|
765
|
+
idp_metadata_xml=std.file(input="test-fixtures/metadata.xml").result,
|
|
789
766
|
))
|
|
790
767
|
```
|
|
791
768
|
### Iam Workload Identity Pool Provider Saml Full
|
|
@@ -793,6 +770,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
793
770
|
```python
|
|
794
771
|
import pulumi
|
|
795
772
|
import pulumi_gcp as gcp
|
|
773
|
+
import pulumi_std as std
|
|
796
774
|
|
|
797
775
|
pool = gcp.iam.WorkloadIdentityPool("pool", workload_identity_pool_id="example-pool")
|
|
798
776
|
example = gcp.iam.WorkloadIdentityPoolProvider("example",
|
|
@@ -807,7 +785,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
807
785
|
"attribute.environment": "assertion.arn.contains(\\":instance-profile/Production\\") ? \\"prod\\" : \\"test\\"",
|
|
808
786
|
},
|
|
809
787
|
saml=gcp.iam.WorkloadIdentityPoolProviderSamlArgs(
|
|
810
|
-
idp_metadata_xml=
|
|
788
|
+
idp_metadata_xml=std.file(input="test-fixtures/metadata.xml").result,
|
|
811
789
|
))
|
|
812
790
|
```
|
|
813
791
|
### Iam Workload Identity Pool Provider Oidc Upload Key
|
|
@@ -905,18 +883,12 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
905
883
|
the total size of all mapped attributes must not exceed 8KB.
|
|
906
884
|
For AWS providers, the following rules apply:
|
|
907
885
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
908
|
-
```python
|
|
909
|
-
import pulumi
|
|
910
|
-
```
|
|
911
886
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
912
887
|
`google.subject` attribute.
|
|
913
888
|
For OIDC providers, the following rules apply:
|
|
914
889
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
915
890
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
916
891
|
incoming credential to the `subject` attribute on a Google token.
|
|
917
|
-
```python
|
|
918
|
-
import pulumi
|
|
919
|
-
```
|
|
920
892
|
:param pulumi.Input[pulumi.InputType['WorkloadIdentityPoolProviderAwsArgs']] aws: An Amazon Web Services identity provider. Not compatible with the property oidc or saml.
|
|
921
893
|
Structure is documented below.
|
|
922
894
|
:param pulumi.Input[str] description: A description for the provider. Cannot exceed 256 characters.
|
|
@@ -1045,6 +1017,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
1045
1017
|
```python
|
|
1046
1018
|
import pulumi
|
|
1047
1019
|
import pulumi_gcp as gcp
|
|
1020
|
+
import pulumi_std as std
|
|
1048
1021
|
|
|
1049
1022
|
pool = gcp.iam.WorkloadIdentityPool("pool", workload_identity_pool_id="example-pool")
|
|
1050
1023
|
example = gcp.iam.WorkloadIdentityPoolProvider("example",
|
|
@@ -1056,7 +1029,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
1056
1029
|
"attribute.environment": "assertion.arn.contains(\\":instance-profile/Production\\") ? \\"prod\\" : \\"test\\"",
|
|
1057
1030
|
},
|
|
1058
1031
|
saml=gcp.iam.WorkloadIdentityPoolProviderSamlArgs(
|
|
1059
|
-
idp_metadata_xml=
|
|
1032
|
+
idp_metadata_xml=std.file(input="test-fixtures/metadata.xml").result,
|
|
1060
1033
|
))
|
|
1061
1034
|
```
|
|
1062
1035
|
### Iam Workload Identity Pool Provider Saml Full
|
|
@@ -1064,6 +1037,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
1064
1037
|
```python
|
|
1065
1038
|
import pulumi
|
|
1066
1039
|
import pulumi_gcp as gcp
|
|
1040
|
+
import pulumi_std as std
|
|
1067
1041
|
|
|
1068
1042
|
pool = gcp.iam.WorkloadIdentityPool("pool", workload_identity_pool_id="example-pool")
|
|
1069
1043
|
example = gcp.iam.WorkloadIdentityPoolProvider("example",
|
|
@@ -1078,7 +1052,7 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
1078
1052
|
"attribute.environment": "assertion.arn.contains(\\":instance-profile/Production\\") ? \\"prod\\" : \\"test\\"",
|
|
1079
1053
|
},
|
|
1080
1054
|
saml=gcp.iam.WorkloadIdentityPoolProviderSamlArgs(
|
|
1081
|
-
idp_metadata_xml=
|
|
1055
|
+
idp_metadata_xml=std.file(input="test-fixtures/metadata.xml").result,
|
|
1082
1056
|
))
|
|
1083
1057
|
```
|
|
1084
1058
|
### Iam Workload Identity Pool Provider Oidc Upload Key
|
|
@@ -1256,18 +1230,12 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
1256
1230
|
the total size of all mapped attributes must not exceed 8KB.
|
|
1257
1231
|
For AWS providers, the following rules apply:
|
|
1258
1232
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
1259
|
-
```python
|
|
1260
|
-
import pulumi
|
|
1261
|
-
```
|
|
1262
1233
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
1263
1234
|
`google.subject` attribute.
|
|
1264
1235
|
For OIDC providers, the following rules apply:
|
|
1265
1236
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
1266
1237
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
1267
1238
|
incoming credential to the `subject` attribute on a Google token.
|
|
1268
|
-
```python
|
|
1269
|
-
import pulumi
|
|
1270
|
-
```
|
|
1271
1239
|
:param pulumi.Input[pulumi.InputType['WorkloadIdentityPoolProviderAwsArgs']] aws: An Amazon Web Services identity provider. Not compatible with the property oidc or saml.
|
|
1272
1240
|
Structure is documented below.
|
|
1273
1241
|
:param pulumi.Input[str] description: A description for the provider. Cannot exceed 256 characters.
|
|
@@ -1365,18 +1333,12 @@ class WorkloadIdentityPoolProvider(pulumi.CustomResource):
|
|
|
1365
1333
|
the total size of all mapped attributes must not exceed 8KB.
|
|
1366
1334
|
For AWS providers, the following rules apply:
|
|
1367
1335
|
- If no attribute mapping is defined, the following default mapping applies:
|
|
1368
|
-
```python
|
|
1369
|
-
import pulumi
|
|
1370
|
-
```
|
|
1371
1336
|
- If any custom attribute mappings are defined, they must include a mapping to the
|
|
1372
1337
|
`google.subject` attribute.
|
|
1373
1338
|
For OIDC providers, the following rules apply:
|
|
1374
1339
|
- Custom attribute mappings must be defined, and must include a mapping to the
|
|
1375
1340
|
`google.subject` attribute. For example, the following maps the `sub` claim of the
|
|
1376
1341
|
incoming credential to the `subject` attribute on a Google token.
|
|
1377
|
-
```python
|
|
1378
|
-
import pulumi
|
|
1379
|
-
```
|
|
1380
1342
|
"""
|
|
1381
1343
|
return pulumi.get(self, "attribute_mapping")
|
|
1382
1344
|
|