pulumi-gcp 7.12.0a1709102105__py3-none-any.whl → 7.12.0a1709133800__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- pulumi_gcp/accessapproval/get_folder_service_account.py +2 -2
- pulumi_gcp/accessapproval/get_organization_service_account.py +2 -2
- pulumi_gcp/accessapproval/get_project_service_account.py +2 -2
- pulumi_gcp/accesscontextmanager/access_level.py +10 -8
- pulumi_gcp/accesscontextmanager/access_level_condition.py +2 -0
- pulumi_gcp/accesscontextmanager/access_levels.py +16 -16
- pulumi_gcp/accesscontextmanager/access_policy.py +12 -6
- pulumi_gcp/accesscontextmanager/access_policy_iam_binding.py +10 -2
- pulumi_gcp/accesscontextmanager/access_policy_iam_member.py +10 -2
- pulumi_gcp/accesscontextmanager/access_policy_iam_policy.py +10 -2
- pulumi_gcp/accesscontextmanager/authorized_orgs_desc.py +8 -6
- pulumi_gcp/accesscontextmanager/gcp_user_access_binding.py +80 -0
- pulumi_gcp/accesscontextmanager/get_access_policy_iam_policy.py +2 -2
- pulumi_gcp/accesscontextmanager/service_perimeter.py +34 -24
- pulumi_gcp/accesscontextmanager/service_perimeter_resource.py +6 -4
- pulumi_gcp/accesscontextmanager/service_perimeters.py +14 -12
- pulumi_gcp/activedirectory/domain_trust.py +6 -6
- pulumi_gcp/activedirectory/peering.py +20 -22
- pulumi_gcp/alloydb/backup.py +62 -66
- pulumi_gcp/alloydb/cluster.py +78 -82
- pulumi_gcp/alloydb/instance.py +70 -74
- pulumi_gcp/alloydb/user.py +44 -48
- pulumi_gcp/apigateway/api.py +2 -4
- pulumi_gcp/apigateway/api_config.py +86 -14
- pulumi_gcp/apigateway/api_config_iam_binding.py +18 -24
- pulumi_gcp/apigateway/api_config_iam_member.py +18 -24
- pulumi_gcp/apigateway/api_config_iam_policy.py +18 -24
- pulumi_gcp/apigateway/api_iam_binding.py +18 -24
- pulumi_gcp/apigateway/api_iam_member.py +18 -24
- pulumi_gcp/apigateway/api_iam_policy.py +18 -24
- pulumi_gcp/apigateway/gateway.py +16 -22
- pulumi_gcp/apigateway/gateway_iam_binding.py +24 -30
- pulumi_gcp/apigateway/gateway_iam_member.py +24 -30
- pulumi_gcp/apigateway/gateway_iam_policy.py +24 -30
- pulumi_gcp/apigee/addons_config.py +22 -26
- pulumi_gcp/apigee/endpoint_attachment.py +14 -14
- pulumi_gcp/apigee/env_group.py +16 -14
- pulumi_gcp/apigee/env_group_attachment.py +0 -100
- pulumi_gcp/apigee/environment.py +14 -12
- pulumi_gcp/apigee/environment_iam_binding.py +12 -12
- pulumi_gcp/apigee/environment_iam_member.py +12 -12
- pulumi_gcp/apigee/environment_iam_policy.py +12 -12
- pulumi_gcp/apigee/get_environment_iam_policy.py +4 -4
- pulumi_gcp/apigee/instance.py +84 -76
- pulumi_gcp/apigee/instance_attachment.py +0 -100
- pulumi_gcp/apigee/keystores_aliases_self_signed_cert.py +40 -40
- pulumi_gcp/apigee/nat_address.py +42 -36
- pulumi_gcp/apigee/organization.py +62 -58
- pulumi_gcp/apigee/sync_authorization.py +16 -12
- pulumi_gcp/apigee/target_server.py +34 -36
- pulumi_gcp/appengine/application.py +8 -2
- pulumi_gcp/appengine/application_url_dispatch_rules.py +12 -6
- pulumi_gcp/appengine/domain_mapping.py +2 -2
- pulumi_gcp/appengine/engine_split_traffic.py +12 -6
- pulumi_gcp/appengine/firewall_rule.py +6 -2
- pulumi_gcp/appengine/flexible_app_version.py +20 -12
- pulumi_gcp/appengine/service_network_settings.py +14 -8
- pulumi_gcp/appengine/standard_app_version.py +18 -12
- pulumi_gcp/artifactregistry/get_repository_iam_policy.py +6 -6
- pulumi_gcp/artifactregistry/repository.py +78 -82
- pulumi_gcp/artifactregistry/repository_iam_binding.py +18 -18
- pulumi_gcp/artifactregistry/repository_iam_member.py +18 -18
- pulumi_gcp/artifactregistry/repository_iam_policy.py +18 -18
- pulumi_gcp/artifactregistry/vpcsc_config.py +2 -4
- pulumi_gcp/assuredworkloads/workload.py +16 -18
- pulumi_gcp/backupdisasterrecovery/management_server.py +20 -24
- pulumi_gcp/beyondcorp/app_connection.py +44 -30
- pulumi_gcp/beyondcorp/app_connector.py +22 -16
- pulumi_gcp/beyondcorp/app_gateway.py +20 -16
- pulumi_gcp/biglake/catalog.py +6 -2
- pulumi_gcp/biglake/database.py +14 -4
- pulumi_gcp/biglake/table.py +20 -6
- pulumi_gcp/bigquery/app_profile.py +8 -0
- pulumi_gcp/bigquery/capacity_commitment.py +4 -4
- pulumi_gcp/bigquery/connection.py +72 -54
- pulumi_gcp/bigquery/connection_iam_binding.py +18 -18
- pulumi_gcp/bigquery/connection_iam_member.py +18 -18
- pulumi_gcp/bigquery/connection_iam_policy.py +18 -18
- pulumi_gcp/bigquery/data_transfer_config.py +8 -12
- pulumi_gcp/bigquery/dataset.py +20 -14
- pulumi_gcp/bigquery/dataset_access.py +16 -16
- pulumi_gcp/bigquery/dataset_iam_binding.py +4 -4
- pulumi_gcp/bigquery/dataset_iam_member.py +4 -4
- pulumi_gcp/bigquery/dataset_iam_policy.py +4 -4
- pulumi_gcp/bigquery/get_connection_iam_policy.py +6 -6
- pulumi_gcp/bigquery/get_dataset_iam_policy.py +2 -2
- pulumi_gcp/bigquery/get_default_service_account.py +4 -4
- pulumi_gcp/bigquery/get_table_iam_policy.py +6 -6
- pulumi_gcp/bigquery/iam_binding.py +36 -36
- pulumi_gcp/bigquery/iam_member.py +36 -36
- pulumi_gcp/bigquery/iam_policy.py +36 -36
- pulumi_gcp/bigquery/job.py +326 -20
- pulumi_gcp/bigquery/reservation.py +14 -12
- pulumi_gcp/bigquery/reservation_assignment.py +2 -0
- pulumi_gcp/bigquery/routine.py +22 -22
- pulumi_gcp/bigquery/table.py +8 -8
- pulumi_gcp/bigqueryanalyticshub/data_exchange.py +6 -6
- pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_binding.py +18 -18
- pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_member.py +18 -18
- pulumi_gcp/bigqueryanalyticshub/data_exchange_iam_policy.py +18 -18
- pulumi_gcp/bigqueryanalyticshub/get_data_exchange_iam_policy.py +6 -6
- pulumi_gcp/bigqueryanalyticshub/get_listing_iam_policy.py +8 -8
- pulumi_gcp/bigqueryanalyticshub/listing.py +16 -16
- pulumi_gcp/bigqueryanalyticshub/listing_iam_binding.py +24 -24
- pulumi_gcp/bigqueryanalyticshub/listing_iam_member.py +24 -24
- pulumi_gcp/bigqueryanalyticshub/listing_iam_policy.py +24 -24
- pulumi_gcp/bigquerydatapolicy/data_policy.py +4 -4
- pulumi_gcp/bigquerydatapolicy/data_policy_iam_binding.py +18 -18
- pulumi_gcp/bigquerydatapolicy/data_policy_iam_member.py +18 -18
- pulumi_gcp/bigquerydatapolicy/data_policy_iam_policy.py +18 -18
- pulumi_gcp/bigquerydatapolicy/get_iam_policy.py +6 -6
- pulumi_gcp/bigtable/gc_policy.py +0 -208
- pulumi_gcp/bigtable/get_instance_iam_policy.py +2 -2
- pulumi_gcp/bigtable/get_table_iam_policy.py +4 -4
- pulumi_gcp/bigtable/instance.py +14 -10
- pulumi_gcp/bigtable/instance_iam_binding.py +8 -8
- pulumi_gcp/bigtable/instance_iam_member.py +8 -8
- pulumi_gcp/bigtable/instance_iam_policy.py +8 -8
- pulumi_gcp/bigtable/table.py +18 -12
- pulumi_gcp/bigtable/table_iam_binding.py +8 -8
- pulumi_gcp/bigtable/table_iam_member.py +8 -8
- pulumi_gcp/bigtable/table_iam_policy.py +8 -8
- pulumi_gcp/billing/account_iam_binding.py +8 -8
- pulumi_gcp/billing/account_iam_member.py +8 -8
- pulumi_gcp/billing/account_iam_policy.py +8 -8
- pulumi_gcp/billing/budget.py +2 -2
- pulumi_gcp/binaryauthorization/attestor.py +74 -52
- pulumi_gcp/binaryauthorization/attestor_iam_binding.py +12 -12
- pulumi_gcp/binaryauthorization/attestor_iam_member.py +12 -12
- pulumi_gcp/binaryauthorization/attestor_iam_policy.py +12 -12
- pulumi_gcp/binaryauthorization/get_attestor_iam_policy.py +4 -4
- pulumi_gcp/binaryauthorization/policy.py +48 -32
- pulumi_gcp/blockchainnodeengine/blockchain_nodes.py +38 -38
- pulumi_gcp/certificateauthority/authority.py +34 -42
- pulumi_gcp/certificateauthority/ca_pool.py +274 -6
- pulumi_gcp/certificateauthority/ca_pool_iam_binding.py +12 -12
- pulumi_gcp/certificateauthority/ca_pool_iam_member.py +12 -12
- pulumi_gcp/certificateauthority/ca_pool_iam_policy.py +12 -12
- pulumi_gcp/certificateauthority/certificate.py +264 -44
- pulumi_gcp/certificateauthority/certificate_template.py +168 -0
- pulumi_gcp/certificateauthority/certificate_template_iam_binding.py +12 -12
- pulumi_gcp/certificateauthority/certificate_template_iam_member.py +12 -12
- pulumi_gcp/certificateauthority/certificate_template_iam_policy.py +12 -12
- pulumi_gcp/certificateauthority/get_ca_pool_iam_policy.py +2 -2
- pulumi_gcp/certificateauthority/get_certificate_template_iam_policy.py +2 -2
- pulumi_gcp/certificatemanager/certificate.py +114 -84
- pulumi_gcp/certificatemanager/certificate_issuance_config.py +34 -32
- pulumi_gcp/certificatemanager/certificate_map.py +2 -0
- pulumi_gcp/certificatemanager/certificate_map_entry.py +12 -2
- pulumi_gcp/certificatemanager/dns_authorization.py +2 -0
- pulumi_gcp/certificatemanager/trust_config.py +8 -4
- pulumi_gcp/cloudasset/folder_feed.py +82 -0
- pulumi_gcp/cloudasset/organization_feed.py +74 -0
- pulumi_gcp/cloudasset/project_feed.py +70 -0
- pulumi_gcp/cloudbuild/bitbucket_server_config.py +98 -14
- pulumi_gcp/cloudbuild/get_trigger.py +2 -2
- pulumi_gcp/cloudbuild/trigger.py +650 -122
- pulumi_gcp/cloudbuild/worker_pool.py +20 -16
- pulumi_gcp/cloudbuildv2/connection.py +20 -18
- pulumi_gcp/cloudbuildv2/connection_iam_binding.py +18 -12
- pulumi_gcp/cloudbuildv2/connection_iam_member.py +18 -12
- pulumi_gcp/cloudbuildv2/connection_iam_policy.py +18 -12
- pulumi_gcp/cloudbuildv2/get_connection_iam_policy.py +6 -6
- pulumi_gcp/cloudbuildv2/repository.py +18 -14
- pulumi_gcp/clouddeploy/automation.py +16 -16
- pulumi_gcp/clouddeploy/custom_target_type.py +38 -32
- pulumi_gcp/clouddeploy/delivery_pipeline.py +40 -38
- pulumi_gcp/clouddeploy/get_delivery_pipeline_iam_policy.py +6 -6
- pulumi_gcp/clouddeploy/target.py +26 -24
- pulumi_gcp/clouddomains/registration.py +74 -74
- pulumi_gcp/cloudfunctions/function.py +20 -4
- pulumi_gcp/cloudfunctions/function_iam_binding.py +18 -18
- pulumi_gcp/cloudfunctions/function_iam_member.py +18 -18
- pulumi_gcp/cloudfunctions/function_iam_policy.py +18 -18
- pulumi_gcp/cloudfunctions/get_function_iam_policy.py +6 -6
- pulumi_gcp/cloudfunctionsv2/function.py +776 -42
- pulumi_gcp/cloudfunctionsv2/function_iam_binding.py +18 -18
- pulumi_gcp/cloudfunctionsv2/function_iam_member.py +18 -18
- pulumi_gcp/cloudfunctionsv2/function_iam_policy.py +18 -18
- pulumi_gcp/cloudfunctionsv2/get_function.py +4 -4
- pulumi_gcp/cloudfunctionsv2/get_function_iam_policy.py +6 -6
- pulumi_gcp/cloudidentity/group.py +8 -8
- pulumi_gcp/cloudidentity/group_membership.py +4 -4
- pulumi_gcp/cloudids/endpoint.py +12 -10
- pulumi_gcp/cloudrun/domain_mapping.py +10 -6
- pulumi_gcp/cloudrun/get_service.py +4 -4
- pulumi_gcp/cloudrun/get_service_iam_policy.py +6 -6
- pulumi_gcp/cloudrun/iam_binding.py +18 -18
- pulumi_gcp/cloudrun/iam_member.py +18 -18
- pulumi_gcp/cloudrun/iam_policy.py +18 -18
- pulumi_gcp/cloudrun/service.py +28 -14
- pulumi_gcp/cloudrunv2/get_job.py +4 -4
- pulumi_gcp/cloudrunv2/get_job_iam_policy.py +6 -6
- pulumi_gcp/cloudrunv2/get_service.py +4 -4
- pulumi_gcp/cloudrunv2/get_service_iam_policy.py +6 -6
- pulumi_gcp/cloudrunv2/job.py +56 -46
- pulumi_gcp/cloudrunv2/job_iam_binding.py +18 -12
- pulumi_gcp/cloudrunv2/job_iam_member.py +18 -12
- pulumi_gcp/cloudrunv2/job_iam_policy.py +18 -12
- pulumi_gcp/cloudrunv2/service.py +94 -68
- pulumi_gcp/cloudrunv2/service_iam_binding.py +18 -12
- pulumi_gcp/cloudrunv2/service_iam_member.py +18 -12
- pulumi_gcp/cloudrunv2/service_iam_policy.py +18 -12
- pulumi_gcp/cloudscheduler/job.py +168 -26
- pulumi_gcp/cloudtasks/get_queue_iam_policy.py +6 -6
- pulumi_gcp/cloudtasks/queue.py +18 -12
- pulumi_gcp/cloudtasks/queue_iam_binding.py +18 -12
- pulumi_gcp/cloudtasks/queue_iam_member.py +18 -12
- pulumi_gcp/cloudtasks/queue_iam_policy.py +18 -12
- pulumi_gcp/composer/get_environment.py +22 -0
- pulumi_gcp/composer/get_image_versions.py +2 -0
- pulumi_gcp/compute/address.py +32 -18
- pulumi_gcp/compute/attached_disk.py +8 -6
- pulumi_gcp/compute/autoscaler.py +34 -28
- pulumi_gcp/compute/backend_bucket.py +42 -16
- pulumi_gcp/compute/backend_bucket_signed_url_key.py +16 -8
- pulumi_gcp/compute/backend_service.py +350 -34
- pulumi_gcp/compute/backend_service_signed_url_key.py +98 -0
- pulumi_gcp/compute/disk.py +26 -18
- pulumi_gcp/compute/disk_async_replication.py +4 -0
- pulumi_gcp/compute/disk_iam_binding.py +18 -12
- pulumi_gcp/compute/disk_iam_member.py +18 -12
- pulumi_gcp/compute/disk_iam_policy.py +18 -12
- pulumi_gcp/compute/disk_resource_policy_attachment.py +12 -6
- pulumi_gcp/compute/external_vpn_gateway.py +40 -16
- pulumi_gcp/compute/firewall.py +16 -12
- pulumi_gcp/compute/firewall_policy.py +4 -4
- pulumi_gcp/compute/firewall_policy_association.py +10 -8
- pulumi_gcp/compute/firewall_policy_rule.py +4 -2
- pulumi_gcp/compute/forwarding_rule.py +1840 -22
- pulumi_gcp/compute/get_address.py +6 -2
- pulumi_gcp/compute/get_addresses.py +6 -2
- pulumi_gcp/compute/get_backend_service.py +32 -0
- pulumi_gcp/compute/get_disk.py +0 -2
- pulumi_gcp/compute/get_disk_iam_policy.py +6 -6
- pulumi_gcp/compute/get_global_address.py +6 -2
- pulumi_gcp/compute/get_image.py +0 -2
- pulumi_gcp/compute/get_image_iam_policy.py +4 -4
- pulumi_gcp/compute/get_instance_iam_policy.py +6 -6
- pulumi_gcp/compute/get_instance_serial_port.py +10 -8
- pulumi_gcp/compute/get_instance_template.py +0 -22
- pulumi_gcp/compute/get_lbip_ranges.py +4 -2
- pulumi_gcp/compute/get_machine_types.py +100 -0
- pulumi_gcp/compute/get_netblock_ip_ranges.py +4 -2
- pulumi_gcp/compute/get_network_peering.py +16 -4
- pulumi_gcp/compute/get_node_types.py +4 -2
- pulumi_gcp/compute/get_region_disk_iam_policy.py +6 -6
- pulumi_gcp/compute/get_region_instance_template.py +4 -0
- pulumi_gcp/compute/get_regions.py +2 -0
- pulumi_gcp/compute/get_snapshot.py +4 -0
- pulumi_gcp/compute/get_snapshot_iam_policy.py +4 -4
- pulumi_gcp/compute/get_subnetwork_iam_policy.py +6 -6
- pulumi_gcp/compute/global_address.py +12 -10
- pulumi_gcp/compute/global_forwarding_rule.py +1574 -56
- pulumi_gcp/compute/global_network_endpoint.py +2 -0
- pulumi_gcp/compute/global_network_endpoint_group.py +8 -4
- pulumi_gcp/compute/ha_vpn_gateway.py +38 -10
- pulumi_gcp/compute/health_check.py +114 -90
- pulumi_gcp/compute/http_health_check.py +6 -4
- pulumi_gcp/compute/https_health_check.py +6 -4
- pulumi_gcp/compute/image.py +22 -14
- pulumi_gcp/compute/image_iam_binding.py +24 -24
- pulumi_gcp/compute/image_iam_member.py +24 -24
- pulumi_gcp/compute/image_iam_policy.py +24 -24
- pulumi_gcp/compute/instance.py +16 -14
- pulumi_gcp/compute/instance_from_machine_image.py +4 -4
- pulumi_gcp/compute/instance_from_template.py +10 -6
- pulumi_gcp/compute/instance_group.py +108 -6
- pulumi_gcp/compute/instance_group_manager.py +16 -12
- pulumi_gcp/compute/instance_group_membership.py +6 -4
- pulumi_gcp/compute/instance_group_named_port.py +22 -10
- pulumi_gcp/compute/instance_iam_binding.py +36 -36
- pulumi_gcp/compute/instance_iam_member.py +36 -36
- pulumi_gcp/compute/instance_iam_policy.py +36 -36
- pulumi_gcp/compute/instance_settings.py +4 -6
- pulumi_gcp/compute/instance_template.py +150 -12
- pulumi_gcp/compute/interconnect_attachment.py +28 -10
- pulumi_gcp/compute/machine_image.py +30 -24
- pulumi_gcp/compute/machine_image_iam_binding.py +36 -48
- pulumi_gcp/compute/machine_image_iam_member.py +36 -48
- pulumi_gcp/compute/machine_image_iam_policy.py +36 -48
- pulumi_gcp/compute/managed_ssl_certificate.py +212 -0
- pulumi_gcp/compute/manged_ssl_certificate.py +212 -0
- pulumi_gcp/compute/network.py +18 -14
- pulumi_gcp/compute/network_attachment.py +60 -52
- pulumi_gcp/compute/network_edge_security_service.py +4 -4
- pulumi_gcp/compute/network_endpoint.py +32 -22
- pulumi_gcp/compute/network_endpoint_group.py +20 -10
- pulumi_gcp/compute/network_endpoint_list.py +44 -32
- pulumi_gcp/compute/network_firewall_policy.py +6 -2
- pulumi_gcp/compute/network_firewall_policy_association.py +8 -4
- pulumi_gcp/compute/network_firewall_policy_rule.py +14 -10
- pulumi_gcp/compute/network_peering.py +16 -4
- pulumi_gcp/compute/network_peering_routes_config.py +38 -18
- pulumi_gcp/compute/node_group.py +28 -10
- pulumi_gcp/compute/node_template.py +12 -8
- pulumi_gcp/compute/organization_security_policy.py +2 -4
- pulumi_gcp/compute/organization_security_policy_association.py +22 -28
- pulumi_gcp/compute/organization_security_policy_rule.py +10 -14
- pulumi_gcp/compute/packet_mirroring.py +128 -0
- pulumi_gcp/compute/per_instance_config.py +16 -8
- pulumi_gcp/compute/project_metadata.py +6 -8
- pulumi_gcp/compute/public_advertised_prefix.py +2 -0
- pulumi_gcp/compute/public_delegated_prefix.py +4 -0
- pulumi_gcp/compute/region_autoscaler.py +14 -8
- pulumi_gcp/compute/region_backend_service.py +462 -2
- pulumi_gcp/compute/region_commitment.py +20 -16
- pulumi_gcp/compute/region_disk.py +20 -8
- pulumi_gcp/compute/region_disk_iam_binding.py +18 -12
- pulumi_gcp/compute/region_disk_iam_member.py +18 -12
- pulumi_gcp/compute/region_disk_iam_policy.py +18 -12
- pulumi_gcp/compute/region_disk_resource_policy_attachment.py +16 -6
- pulumi_gcp/compute/region_health_check.py +114 -90
- pulumi_gcp/compute/region_instance_group_manager.py +14 -8
- pulumi_gcp/compute/region_network_endpoint.py +16 -4
- pulumi_gcp/compute/region_network_endpoint_group.py +166 -32
- pulumi_gcp/compute/region_network_firewall_policy.py +6 -2
- pulumi_gcp/compute/region_network_firewall_policy_association.py +8 -4
- pulumi_gcp/compute/region_network_firewall_policy_rule.py +14 -10
- pulumi_gcp/compute/region_per_instance_config.py +12 -4
- pulumi_gcp/compute/region_security_policy.py +12 -12
- pulumi_gcp/compute/region_security_policy_rule.py +38 -48
- pulumi_gcp/compute/region_ssl_certificate.py +138 -32
- pulumi_gcp/compute/region_target_http_proxy.py +88 -4
- pulumi_gcp/compute/region_target_https_proxy.py +96 -0
- pulumi_gcp/compute/region_target_tcp_proxy.py +52 -0
- pulumi_gcp/compute/region_url_map.py +1038 -0
- pulumi_gcp/compute/reservation.py +10 -8
- pulumi_gcp/compute/resource_policy.py +60 -48
- pulumi_gcp/compute/route.py +206 -4
- pulumi_gcp/compute/router.py +18 -6
- pulumi_gcp/compute/router_interface.py +6 -4
- pulumi_gcp/compute/router_nat.py +82 -42
- pulumi_gcp/compute/router_peer.py +72 -42
- pulumi_gcp/compute/security_policy.py +120 -108
- pulumi_gcp/compute/security_scan_config.py +4 -6
- pulumi_gcp/compute/service_attachment.py +376 -0
- pulumi_gcp/compute/snapshot.py +8 -0
- pulumi_gcp/compute/snapshot_iam_binding.py +12 -6
- pulumi_gcp/compute/snapshot_iam_member.py +12 -6
- pulumi_gcp/compute/snapshot_iam_policy.py +12 -6
- pulumi_gcp/compute/ssl_certificate.py +118 -30
- pulumi_gcp/compute/ssl_policy.py +20 -12
- pulumi_gcp/compute/subnetwork.py +58 -30
- pulumi_gcp/compute/subnetwork_iam_binding.py +36 -36
- pulumi_gcp/compute/subnetwork_iam_member.py +36 -36
- pulumi_gcp/compute/subnetwork_iam_policy.py +36 -36
- pulumi_gcp/compute/target_grpc_proxy.py +176 -0
- pulumi_gcp/compute/target_http_proxy.py +166 -10
- pulumi_gcp/compute/target_https_proxy.py +336 -14
- pulumi_gcp/compute/target_instance.py +22 -16
- pulumi_gcp/compute/target_pool.py +40 -0
- pulumi_gcp/compute/target_ssl_proxy.py +54 -0
- pulumi_gcp/compute/target_tcp_proxy.py +44 -0
- pulumi_gcp/compute/url_map.py +1146 -0
- pulumi_gcp/compute/vpn_gateway.py +28 -24
- pulumi_gcp/compute/vpn_tunnel.py +40 -36
- pulumi_gcp/container/_inputs.py +0 -188
- pulumi_gcp/container/attached_cluster.py +124 -0
- pulumi_gcp/container/aws_cluster.py +46 -42
- pulumi_gcp/container/aws_node_pool.py +34 -26
- pulumi_gcp/container/azure_client.py +6 -4
- pulumi_gcp/container/azure_cluster.py +30 -26
- pulumi_gcp/container/azure_node_pool.py +12 -6
- pulumi_gcp/container/cluster.py +62 -6
- pulumi_gcp/container/get_attached_versions.py +2 -2
- pulumi_gcp/container/get_aws_versions.py +2 -2
- pulumi_gcp/container/get_azure_versions.py +2 -2
- pulumi_gcp/container/get_engine_versions.py +2 -0
- pulumi_gcp/container/node_pool.py +68 -2
- pulumi_gcp/container/outputs.py +0 -188
- pulumi_gcp/container/registry.py +4 -4
- pulumi_gcp/containeranalysis/get_note_iam_policy.py +4 -4
- pulumi_gcp/containeranalysis/note.py +32 -26
- pulumi_gcp/containeranalysis/note_iam_binding.py +12 -12
- pulumi_gcp/containeranalysis/note_iam_member.py +12 -12
- pulumi_gcp/containeranalysis/note_iam_policy.py +12 -12
- pulumi_gcp/databasemigrationservice/connection_profile.py +40 -46
- pulumi_gcp/databasemigrationservice/private_connection.py +6 -6
- pulumi_gcp/datacatalog/entry.py +12 -12
- pulumi_gcp/datacatalog/entry_group.py +8 -8
- pulumi_gcp/datacatalog/entry_group_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/entry_group_iam_member.py +6 -6
- pulumi_gcp/datacatalog/entry_group_iam_policy.py +6 -6
- pulumi_gcp/datacatalog/get_entry_group_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/get_policy_tag_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/get_tag_template_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/get_taxonomy_iam_policy.py +2 -2
- pulumi_gcp/datacatalog/policy_tag.py +14 -16
- pulumi_gcp/datacatalog/policy_tag_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/policy_tag_iam_member.py +6 -6
- pulumi_gcp/datacatalog/policy_tag_iam_policy.py +6 -6
- pulumi_gcp/datacatalog/tag.py +22 -22
- pulumi_gcp/datacatalog/tag_template.py +16 -16
- pulumi_gcp/datacatalog/tag_template_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/tag_template_iam_member.py +6 -6
- pulumi_gcp/datacatalog/tag_template_iam_policy.py +6 -6
- pulumi_gcp/datacatalog/taxonomy.py +6 -6
- pulumi_gcp/datacatalog/taxonomy_iam_binding.py +6 -6
- pulumi_gcp/datacatalog/taxonomy_iam_member.py +6 -6
- pulumi_gcp/datacatalog/taxonomy_iam_policy.py +6 -6
- pulumi_gcp/dataflow/flex_template_job.py +18 -18
- pulumi_gcp/dataflow/job.py +34 -26
- pulumi_gcp/dataflow/pipeline.py +4 -2
- pulumi_gcp/dataform/repository.py +28 -36
- pulumi_gcp/dataform/repository_release_config.py +16 -20
- pulumi_gcp/dataform/repository_workflow_config.py +26 -32
- pulumi_gcp/datafusion/get_instance_iam_policy.py +6 -6
- pulumi_gcp/datafusion/instance.py +60 -40
- pulumi_gcp/dataloss/prevention_deidentify_template.py +206 -10
- pulumi_gcp/dataloss/prevention_inspect_template.py +270 -42
- pulumi_gcp/dataloss/prevention_job_trigger.py +368 -192
- pulumi_gcp/dataloss/prevention_stored_info_type.py +24 -20
- pulumi_gcp/dataplex/asset.py +16 -10
- pulumi_gcp/dataplex/asset_iam_binding.py +30 -30
- pulumi_gcp/dataplex/asset_iam_member.py +30 -30
- pulumi_gcp/dataplex/asset_iam_policy.py +30 -30
- pulumi_gcp/dataplex/datascan.py +90 -92
- pulumi_gcp/dataplex/datascan_iam_binding.py +18 -18
- pulumi_gcp/dataplex/datascan_iam_member.py +18 -18
- pulumi_gcp/dataplex/datascan_iam_policy.py +18 -18
- pulumi_gcp/dataplex/get_asset_iam_policy.py +10 -10
- pulumi_gcp/dataplex/get_datascan_iam_policy.py +6 -6
- pulumi_gcp/dataplex/get_lake_iam_policy.py +6 -6
- pulumi_gcp/dataplex/get_task_iam_policy.py +8 -8
- pulumi_gcp/dataplex/get_zone_iam_policy.py +8 -8
- pulumi_gcp/dataplex/lake.py +8 -6
- pulumi_gcp/dataplex/lake_iam_binding.py +18 -18
- pulumi_gcp/dataplex/lake_iam_member.py +18 -18
- pulumi_gcp/dataplex/lake_iam_policy.py +18 -18
- pulumi_gcp/dataplex/task_iam_binding.py +24 -24
- pulumi_gcp/dataplex/task_iam_member.py +24 -24
- pulumi_gcp/dataplex/task_iam_policy.py +24 -24
- pulumi_gcp/dataplex/zone.py +4 -0
- pulumi_gcp/dataplex/zone_iam_binding.py +24 -24
- pulumi_gcp/dataplex/zone_iam_member.py +24 -24
- pulumi_gcp/dataplex/zone_iam_policy.py +24 -24
- pulumi_gcp/dataproc/autoscaling_policy.py +2 -0
- pulumi_gcp/dataproc/autoscaling_policy_iam_binding.py +18 -18
- pulumi_gcp/dataproc/autoscaling_policy_iam_member.py +18 -18
- pulumi_gcp/dataproc/autoscaling_policy_iam_policy.py +18 -18
- pulumi_gcp/dataproc/cluster.py +18 -10
- pulumi_gcp/dataproc/cluster_iam_binding.py +8 -8
- pulumi_gcp/dataproc/cluster_iam_member.py +8 -8
- pulumi_gcp/dataproc/cluster_iam_policy.py +8 -8
- pulumi_gcp/dataproc/get_autoscaling_policy_iam_policy.py +6 -6
- pulumi_gcp/dataproc/get_cluster_iam_policy.py +2 -2
- pulumi_gcp/dataproc/get_job_iam_policy.py +2 -2
- pulumi_gcp/dataproc/get_metastore_service.py +4 -4
- pulumi_gcp/dataproc/get_metastore_service_iam_policy.py +6 -6
- pulumi_gcp/dataproc/job.py +6 -2
- pulumi_gcp/dataproc/job_iam_binding.py +8 -8
- pulumi_gcp/dataproc/job_iam_member.py +8 -8
- pulumi_gcp/dataproc/job_iam_policy.py +8 -8
- pulumi_gcp/dataproc/metastore_federation.py +16 -24
- pulumi_gcp/dataproc/metastore_service.py +64 -56
- pulumi_gcp/dataproc/metastore_service_iam_binding.py +18 -18
- pulumi_gcp/dataproc/metastore_service_iam_member.py +18 -18
- pulumi_gcp/dataproc/metastore_service_iam_policy.py +18 -18
- pulumi_gcp/dataproc/workflow_template.py +58 -56
- pulumi_gcp/datastore/data_store_index.py +4 -4
- pulumi_gcp/datastream/connection_profile.py +52 -36
- pulumi_gcp/datastream/private_connection.py +4 -4
- pulumi_gcp/datastream/stream.py +52 -30
- pulumi_gcp/deploymentmanager/deployment.py +6 -2
- pulumi_gcp/diagflow/agent.py +20 -20
- pulumi_gcp/diagflow/cx_agent.py +4 -2
- pulumi_gcp/diagflow/cx_entity_type.py +2 -2
- pulumi_gcp/diagflow/cx_environment.py +2 -2
- pulumi_gcp/diagflow/cx_flow.py +6 -4
- pulumi_gcp/diagflow/cx_intent.py +2 -2
- pulumi_gcp/diagflow/cx_page.py +6 -6
- pulumi_gcp/diagflow/cx_security_settings.py +6 -4
- pulumi_gcp/diagflow/cx_test_case.py +6 -6
- pulumi_gcp/diagflow/cx_version.py +2 -2
- pulumi_gcp/diagflow/cx_webhook.py +2 -2
- pulumi_gcp/diagflow/entity_type.py +6 -8
- pulumi_gcp/diagflow/fulfillment.py +6 -8
- pulumi_gcp/diagflow/intent.py +32 -30
- pulumi_gcp/discoveryengine/chat_engine.py +4 -4
- pulumi_gcp/discoveryengine/data_store.py +8 -8
- pulumi_gcp/discoveryengine/search_engine.py +8 -8
- pulumi_gcp/dns/dns_managed_zone_iam_binding.py +12 -12
- pulumi_gcp/dns/dns_managed_zone_iam_member.py +12 -12
- pulumi_gcp/dns/dns_managed_zone_iam_policy.py +12 -12
- pulumi_gcp/dns/get_keys.py +2 -0
- pulumi_gcp/dns/get_managed_zone_iam_policy.py +4 -4
- pulumi_gcp/dns/managed_zone.py +82 -38
- pulumi_gcp/dns/policy.py +14 -4
- pulumi_gcp/dns/record_set.py +76 -44
- pulumi_gcp/dns/response_policy.py +16 -4
- pulumi_gcp/dns/response_policy_rule.py +12 -4
- pulumi_gcp/edgecontainer/cluster.py +54 -48
- pulumi_gcp/edgecontainer/node_pool.py +34 -16
- pulumi_gcp/edgecontainer/vpn_connection.py +12 -8
- pulumi_gcp/edgenetwork/network.py +2 -2
- pulumi_gcp/edgenetwork/subnet.py +8 -8
- pulumi_gcp/endpoints/get_service_iam_policy.py +2 -2
- pulumi_gcp/endpoints/service.py +12 -12
- pulumi_gcp/endpoints/service_iam_binding.py +6 -6
- pulumi_gcp/endpoints/service_iam_member.py +6 -6
- pulumi_gcp/endpoints/service_iam_policy.py +6 -6
- pulumi_gcp/essentialcontacts/document_ai_processor.py +2 -2
- pulumi_gcp/essentialcontacts/document_ai_processor_default_version.py +8 -8
- pulumi_gcp/essentialcontacts/document_ai_warehouse_document_schema.py +18 -18
- pulumi_gcp/eventarc/channel.py +10 -10
- pulumi_gcp/eventarc/google_channel_config.py +8 -8
- pulumi_gcp/eventarc/trigger.py +6 -2
- pulumi_gcp/filestore/backup.py +4 -0
- pulumi_gcp/filestore/instance.py +44 -30
- pulumi_gcp/filestore/snapshot.py +8 -0
- pulumi_gcp/firebase/_inputs.py +0 -6
- pulumi_gcp/firebase/android_app.py +8 -12
- pulumi_gcp/firebase/app_check_debug_token.py +38 -0
- pulumi_gcp/firebase/app_check_service_config.py +6 -12
- pulumi_gcp/firebase/apple_app.py +8 -12
- pulumi_gcp/firebase/database_instance.py +26 -36
- pulumi_gcp/firebase/extensions_instance.py +8 -10
- pulumi_gcp/firebase/hosting_channel.py +14 -22
- pulumi_gcp/firebase/hosting_custom_domain.py +40 -54
- pulumi_gcp/firebase/hosting_release.py +48 -66
- pulumi_gcp/firebase/hosting_site.py +6 -12
- pulumi_gcp/firebase/hosting_version.py +66 -86
- pulumi_gcp/firebase/outputs.py +0 -6
- pulumi_gcp/firebase/project.py +10 -10
- pulumi_gcp/firebase/storage_bucket.py +10 -12
- pulumi_gcp/firebase/web_app.py +46 -40
- pulumi_gcp/firebaserules/release.py +20 -24
- pulumi_gcp/firebaserules/ruleset.py +10 -10
- pulumi_gcp/firestore/backup_schedule.py +4 -0
- pulumi_gcp/firestore/database.py +40 -32
- pulumi_gcp/firestore/document.py +132 -0
- pulumi_gcp/firestore/field.py +2 -0
- pulumi_gcp/firestore/index.py +94 -10
- pulumi_gcp/folder/access_approval_settings.py +26 -18
- pulumi_gcp/folder/get_iam_policy.py +2 -2
- pulumi_gcp/folder/iam_audit_config.py +42 -42
- pulumi_gcp/folder/iam_member.py +42 -42
- pulumi_gcp/folder/iam_policy.py +42 -42
- pulumi_gcp/folder/organization_policy.py +22 -22
- pulumi_gcp/gkebackup/backup_plan.py +28 -4
- pulumi_gcp/gkebackup/backup_plan_iam_binding.py +18 -12
- pulumi_gcp/gkebackup/backup_plan_iam_member.py +18 -12
- pulumi_gcp/gkebackup/backup_plan_iam_policy.py +18 -12
- pulumi_gcp/gkebackup/get_backup_plan_iam_policy.py +6 -6
- pulumi_gcp/gkebackup/get_restore_plan_iam_policy.py +6 -6
- pulumi_gcp/gkebackup/restore_plan.py +48 -12
- pulumi_gcp/gkebackup/restore_plan_iam_binding.py +48 -12
- pulumi_gcp/gkebackup/restore_plan_iam_member.py +48 -12
- pulumi_gcp/gkebackup/restore_plan_iam_policy.py +48 -12
- pulumi_gcp/gkehub/feature.py +200 -38
- pulumi_gcp/gkehub/feature_iam_binding.py +18 -12
- pulumi_gcp/gkehub/feature_iam_member.py +18 -12
- pulumi_gcp/gkehub/feature_iam_policy.py +18 -12
- pulumi_gcp/gkehub/feature_membership.py +54 -22
- pulumi_gcp/gkehub/fleet.py +4 -4
- pulumi_gcp/gkehub/get_feature_iam_policy.py +6 -6
- pulumi_gcp/gkehub/get_membership_iam_policy.py +6 -6
- pulumi_gcp/gkehub/get_scope_iam_policy.py +4 -4
- pulumi_gcp/gkehub/membership.py +24 -18
- pulumi_gcp/gkehub/membership_iam_binding.py +18 -18
- pulumi_gcp/gkehub/membership_iam_member.py +18 -18
- pulumi_gcp/gkehub/membership_iam_policy.py +18 -18
- pulumi_gcp/gkehub/scope.py +6 -6
- pulumi_gcp/gkehub/scope_iam_binding.py +12 -12
- pulumi_gcp/gkehub/scope_iam_member.py +12 -12
- pulumi_gcp/gkehub/scope_iam_policy.py +12 -12
- pulumi_gcp/gkeonprem/bare_metal_admin_cluster.py +126 -122
- pulumi_gcp/gkeonprem/bare_metal_cluster.py +242 -236
- pulumi_gcp/gkeonprem/bare_metal_node_pool.py +8 -0
- pulumi_gcp/gkeonprem/v_mware_cluster.py +242 -236
- pulumi_gcp/gkeonprem/v_mware_node_pool.py +4 -180
- pulumi_gcp/healthcare/consent_store.py +32 -10
- pulumi_gcp/healthcare/consent_store_iam_binding.py +12 -12
- pulumi_gcp/healthcare/consent_store_iam_member.py +12 -12
- pulumi_gcp/healthcare/consent_store_iam_policy.py +12 -12
- pulumi_gcp/healthcare/dataset.py +2 -0
- pulumi_gcp/healthcare/dataset_iam_binding.py +8 -8
- pulumi_gcp/healthcare/dataset_iam_member.py +8 -8
- pulumi_gcp/healthcare/dataset_iam_policy.py +8 -8
- pulumi_gcp/healthcare/dicom_store.py +30 -26
- pulumi_gcp/healthcare/dicom_store_iam_binding.py +14 -14
- pulumi_gcp/healthcare/dicom_store_iam_member.py +14 -14
- pulumi_gcp/healthcare/dicom_store_iam_policy.py +14 -14
- pulumi_gcp/healthcare/fhir_store.py +44 -24
- pulumi_gcp/healthcare/fhir_store_iam_binding.py +14 -14
- pulumi_gcp/healthcare/fhir_store_iam_member.py +14 -14
- pulumi_gcp/healthcare/fhir_store_iam_policy.py +14 -14
- pulumi_gcp/healthcare/get_consent_store_iam_policy.py +4 -4
- pulumi_gcp/healthcare/get_dataset_iam_policy.py +2 -2
- pulumi_gcp/healthcare/get_dicom_store_iam_policy.py +2 -2
- pulumi_gcp/healthcare/get_fhir_store_iam_policy.py +2 -2
- pulumi_gcp/healthcare/get_hl7_v2_store_iam_policy.py +2 -2
- pulumi_gcp/healthcare/hl7_store.py +30 -20
- pulumi_gcp/healthcare/hl7_store_iam_binding.py +14 -14
- pulumi_gcp/healthcare/hl7_store_iam_member.py +14 -14
- pulumi_gcp/healthcare/hl7_store_iam_policy.py +14 -14
- pulumi_gcp/iam/_inputs.py +0 -18
- pulumi_gcp/iam/access_boundary_policy.py +100 -0
- pulumi_gcp/iam/deny_policy.py +92 -0
- pulumi_gcp/iam/outputs.py +0 -18
- pulumi_gcp/iam/workforce_pool.py +20 -20
- pulumi_gcp/iam/workforce_pool_provider.py +0 -21
- pulumi_gcp/iam/workload_identity_pool.py +6 -6
- pulumi_gcp/iam/workload_identity_pool_provider.py +8 -46
- pulumi_gcp/iap/app_engine_service_iam_binding.py +56 -56
- pulumi_gcp/iap/app_engine_service_iam_member.py +56 -56
- pulumi_gcp/iap/app_engine_service_iam_policy.py +56 -56
- pulumi_gcp/iap/app_engine_version_iam_binding.py +68 -68
- pulumi_gcp/iap/app_engine_version_iam_member.py +68 -68
- pulumi_gcp/iap/app_engine_version_iam_policy.py +68 -68
- pulumi_gcp/iap/brand.py +12 -6
- pulumi_gcp/iap/client.py +14 -8
- pulumi_gcp/iap/get_app_engine_service_iam_policy.py +6 -6
- pulumi_gcp/iap/get_app_engine_version_iam_policy.py +8 -8
- pulumi_gcp/iap/get_client.py +2 -2
- pulumi_gcp/iap/get_tunnel_iam_policy.py +2 -2
- pulumi_gcp/iap/get_tunnel_instance_iam_policy.py +6 -6
- pulumi_gcp/iap/get_web_backend_service_iam_policy.py +4 -4
- pulumi_gcp/iap/get_web_iam_policy.py +2 -2
- pulumi_gcp/iap/get_web_region_backend_service_iam_policy.py +6 -6
- pulumi_gcp/iap/get_web_type_app_engine_iam_policy.py +4 -4
- pulumi_gcp/iap/get_web_type_compute_iam_policy.py +2 -2
- pulumi_gcp/iap/tunnel_iam_binding.py +12 -12
- pulumi_gcp/iap/tunnel_iam_member.py +12 -12
- pulumi_gcp/iap/tunnel_iam_policy.py +12 -12
- pulumi_gcp/iap/tunnel_instance_iam_binding.py +36 -36
- pulumi_gcp/iap/tunnel_instance_iam_member.py +36 -36
- pulumi_gcp/iap/tunnel_instance_iam_policy.py +36 -36
- pulumi_gcp/iap/web_backend_service_iam_binding.py +24 -24
- pulumi_gcp/iap/web_backend_service_iam_member.py +24 -24
- pulumi_gcp/iap/web_backend_service_iam_policy.py +24 -24
- pulumi_gcp/iap/web_iam_binding.py +12 -12
- pulumi_gcp/iap/web_iam_member.py +12 -12
- pulumi_gcp/iap/web_iam_policy.py +12 -12
- pulumi_gcp/iap/web_region_backend_service_iam_binding.py +36 -36
- pulumi_gcp/iap/web_region_backend_service_iam_member.py +36 -36
- pulumi_gcp/iap/web_region_backend_service_iam_policy.py +36 -36
- pulumi_gcp/iap/web_type_app_enging_iam_binding.py +24 -24
- pulumi_gcp/iap/web_type_app_enging_iam_member.py +24 -24
- pulumi_gcp/iap/web_type_app_enging_iam_policy.py +24 -24
- pulumi_gcp/iap/web_type_compute_iam_binding.py +12 -12
- pulumi_gcp/iap/web_type_compute_iam_member.py +12 -12
- pulumi_gcp/iap/web_type_compute_iam_policy.py +12 -12
- pulumi_gcp/identityplatform/config.py +12 -8
- pulumi_gcp/identityplatform/default_supported_idp_config.py +8 -8
- pulumi_gcp/identityplatform/inbound_saml_config.py +8 -4
- pulumi_gcp/identityplatform/oauth_idp_config.py +10 -8
- pulumi_gcp/identityplatform/tenant.py +4 -4
- pulumi_gcp/identityplatform/tenant_default_supported_idp_config.py +2 -2
- pulumi_gcp/identityplatform/tenant_inbound_saml_config.py +8 -4
- pulumi_gcp/identityplatform/tenant_oauth_idp_config.py +4 -2
- pulumi_gcp/integrationconnectors/connection.py +16 -14
- pulumi_gcp/integrationconnectors/endpoint_attachment.py +8 -6
- pulumi_gcp/kms/crypto_key.py +16 -4
- pulumi_gcp/kms/crypto_key_iam_binding.py +32 -26
- pulumi_gcp/kms/crypto_key_iam_member.py +32 -26
- pulumi_gcp/kms/crypto_key_iam_policy.py +32 -26
- pulumi_gcp/kms/crypto_key_version.py +8 -2
- pulumi_gcp/kms/get_crypto_key_iam_policy.py +2 -2
- pulumi_gcp/kms/get_kms_crypto_key_version.py +2 -2
- pulumi_gcp/kms/get_kms_key_ring.py +4 -4
- pulumi_gcp/kms/key_ring.py +6 -2
- pulumi_gcp/kms/key_ring_iam_binding.py +52 -44
- pulumi_gcp/kms/key_ring_iam_member.py +52 -44
- pulumi_gcp/kms/key_ring_iam_policy.py +52 -44
- pulumi_gcp/kms/secret_ciphertext.py +20 -12
- pulumi_gcp/logging/billing_account_exclusion.py +2 -0
- pulumi_gcp/logging/billing_account_sink.py +8 -2
- pulumi_gcp/logging/folder_exclusion.py +2 -0
- pulumi_gcp/logging/folder_settings.py +12 -14
- pulumi_gcp/logging/folder_sink.py +8 -2
- pulumi_gcp/logging/linked_dataset.py +22 -24
- pulumi_gcp/logging/log_view.py +8 -6
- pulumi_gcp/logging/metric.py +78 -68
- pulumi_gcp/logging/organization_exclusion.py +6 -4
- pulumi_gcp/logging/organization_settings.py +10 -12
- pulumi_gcp/logging/organization_sink.py +8 -2
- pulumi_gcp/logging/project_bucket_config.py +178 -0
- pulumi_gcp/logging/project_exclusion.py +2 -0
- pulumi_gcp/looker/instance.py +76 -70
- pulumi_gcp/memcache/instance.py +10 -6
- pulumi_gcp/migrationcenter/group.py +6 -6
- pulumi_gcp/ml/engine_model.py +8 -4
- pulumi_gcp/monitoring/alert_policy.py +58 -58
- pulumi_gcp/monitoring/custom_service.py +2 -2
- pulumi_gcp/monitoring/dashboard.py +0 -4
- pulumi_gcp/monitoring/generic_service.py +18 -18
- pulumi_gcp/monitoring/get_app_engine_service.py +10 -2
- pulumi_gcp/monitoring/get_cluster_istio_service.py +10 -8
- pulumi_gcp/monitoring/get_istio_canonical_service.py +6 -4
- pulumi_gcp/monitoring/get_mesh_istio_service.py +6 -4
- pulumi_gcp/monitoring/get_notification_channel.py +2 -2
- pulumi_gcp/monitoring/metric_descriptor.py +34 -34
- pulumi_gcp/monitoring/monitored_project.py +14 -4
- pulumi_gcp/monitoring/notification_channel.py +8 -8
- pulumi_gcp/monitoring/slo.py +238 -4
- pulumi_gcp/monitoring/uptime_check_config.py +106 -102
- pulumi_gcp/netapp/active_directory.py +4 -2
- pulumi_gcp/netapp/backup_policy.py +12 -10
- pulumi_gcp/netapp/backup_vault.py +4 -2
- pulumi_gcp/netapp/kmsconfig.py +14 -6
- pulumi_gcp/netapp/storage_pool.py +12 -8
- pulumi_gcp/netapp/volume.py +12 -8
- pulumi_gcp/netapp/volume_snapshot.py +16 -12
- pulumi_gcp/networkconnectivity/hub.py +6 -4
- pulumi_gcp/networkconnectivity/policy_based_route.py +18 -6
- pulumi_gcp/networkconnectivity/service_connection_policy.py +12 -4
- pulumi_gcp/networkconnectivity/spoke.py +28 -8
- pulumi_gcp/networkmanagement/connectivity_test.py +36 -22
- pulumi_gcp/networksecurity/address_group.py +32 -26
- pulumi_gcp/networksecurity/authorization_policy.py +8 -8
- pulumi_gcp/networksecurity/client_tls_policy.py +8 -8
- pulumi_gcp/networksecurity/firewall_endpoint.py +4 -4
- pulumi_gcp/networksecurity/gateway_security_policy.py +38 -54
- pulumi_gcp/networksecurity/gateway_security_policy_rule.py +20 -12
- pulumi_gcp/networksecurity/security_profile.py +8 -8
- pulumi_gcp/networksecurity/security_profile_group.py +10 -10
- pulumi_gcp/networksecurity/server_tls_policy.py +30 -28
- pulumi_gcp/networksecurity/tls_inspection_policy.py +28 -44
- pulumi_gcp/networksecurity/url_list.py +6 -2
- pulumi_gcp/networkservices/edge_cache_keyset.py +4 -0
- pulumi_gcp/networkservices/edge_cache_origin.py +12 -4
- pulumi_gcp/networkservices/edge_cache_service.py +270 -16
- pulumi_gcp/networkservices/endpoint_policy.py +8 -8
- pulumi_gcp/networkservices/gateway.py +96 -60
- pulumi_gcp/networkservices/grpc_route.py +12 -12
- pulumi_gcp/networkservices/http_route.py +26 -26
- pulumi_gcp/networkservices/mesh.py +8 -8
- pulumi_gcp/networkservices/service_binding.py +16 -20
- pulumi_gcp/networkservices/tcp_route.py +298 -0
- pulumi_gcp/networkservices/tls_route.py +214 -0
- pulumi_gcp/notebooks/environment.py +6 -4
- pulumi_gcp/notebooks/get_instance_iam_policy.py +6 -6
- pulumi_gcp/notebooks/get_runtime_iam_policy.py +6 -6
- pulumi_gcp/notebooks/instance.py +38 -28
- pulumi_gcp/notebooks/instance_iam_binding.py +18 -18
- pulumi_gcp/notebooks/instance_iam_member.py +18 -18
- pulumi_gcp/notebooks/instance_iam_policy.py +18 -18
- pulumi_gcp/notebooks/runtime.py +74 -64
- pulumi_gcp/notebooks/runtime_iam_binding.py +18 -18
- pulumi_gcp/notebooks/runtime_iam_member.py +18 -18
- pulumi_gcp/notebooks/runtime_iam_policy.py +18 -18
- pulumi_gcp/organizations/access_approval_settings.py +34 -26
- pulumi_gcp/organizations/get_billing_account.py +6 -2
- pulumi_gcp/organizations/get_folders.py +2 -2
- pulumi_gcp/organizations/get_iam_policy.py +0 -62
- pulumi_gcp/organizations/iam_audit_config.py +8 -8
- pulumi_gcp/organizations/iam_binding.py +4 -4
- pulumi_gcp/organizations/iam_custom_role.py +8 -8
- pulumi_gcp/organizations/iam_member.py +42 -42
- pulumi_gcp/organizations/iam_policy.py +42 -42
- pulumi_gcp/organizations/policy.py +26 -26
- pulumi_gcp/organizations/project.py +16 -4
- pulumi_gcp/orgpolicy/custom_constraint.py +14 -8
- pulumi_gcp/orgpolicy/policy.py +24 -60
- pulumi_gcp/osconfig/guest_policies.py +16 -22
- pulumi_gcp/osconfig/os_policy_assignment.py +42 -40
- pulumi_gcp/osconfig/patch_deployment.py +122 -120
- pulumi_gcp/oslogin/ssh_public_key.py +4 -2
- pulumi_gcp/projects/access_approval_settings.py +24 -22
- pulumi_gcp/projects/api_key.py +50 -10
- pulumi_gcp/projects/default_service_accounts.py +10 -10
- pulumi_gcp/projects/iam_audit_config.py +46 -46
- pulumi_gcp/projects/iam_binding.py +46 -46
- pulumi_gcp/projects/iam_custom_role.py +6 -6
- pulumi_gcp/projects/iam_member.py +46 -46
- pulumi_gcp/projects/iam_policy.py +46 -46
- pulumi_gcp/projects/organization_policy.py +26 -26
- pulumi_gcp/projects/service.py +4 -4
- pulumi_gcp/projects/service_identity.py +6 -8
- pulumi_gcp/projects/usage_export_bucket.py +16 -4
- pulumi_gcp/pubsub/get_schema_iam_policy.py +4 -4
- pulumi_gcp/pubsub/get_subscription_iam_policy.py +2 -2
- pulumi_gcp/pubsub/get_topic_iam_policy.py +4 -4
- pulumi_gcp/pubsub/lite_reservation.py +2 -0
- pulumi_gcp/pubsub/lite_subscription.py +10 -6
- pulumi_gcp/pubsub/lite_topic.py +10 -6
- pulumi_gcp/pubsub/schema.py +22 -18
- pulumi_gcp/pubsub/schema_iam_binding.py +12 -12
- pulumi_gcp/pubsub/schema_iam_member.py +12 -12
- pulumi_gcp/pubsub/schema_iam_policy.py +12 -12
- pulumi_gcp/pubsub/subscription.py +90 -96
- pulumi_gcp/pubsub/subscription_iam_binding.py +8 -8
- pulumi_gcp/pubsub/subscription_iam_member.py +8 -8
- pulumi_gcp/pubsub/subscription_iam_policy.py +8 -8
- pulumi_gcp/pubsub/topic.py +46 -24
- pulumi_gcp/pubsub/topic_iam_binding.py +12 -12
- pulumi_gcp/pubsub/topic_iam_member.py +12 -12
- pulumi_gcp/pubsub/topic_iam_policy.py +12 -12
- pulumi_gcp/recaptcha/enterprise_key.py +54 -54
- pulumi_gcp/redis/cluster.py +32 -24
- pulumi_gcp/redis/instance.py +132 -14
- pulumi_gcp/resourcemanager/lien.py +12 -8
- pulumi_gcp/runtimeconfig/config.py +6 -2
- pulumi_gcp/runtimeconfig/get_variable.py +4 -4
- pulumi_gcp/runtimeconfig/variable.py +20 -8
- pulumi_gcp/secretmanager/get_secret_iam_policy.py +4 -4
- pulumi_gcp/secretmanager/secret.py +16 -18
- pulumi_gcp/secretmanager/secret_iam_binding.py +12 -12
- pulumi_gcp/secretmanager/secret_iam_member.py +12 -12
- pulumi_gcp/secretmanager/secret_iam_policy.py +12 -12
- pulumi_gcp/secretmanager/secret_version.py +4 -4
- pulumi_gcp/securesourcemanager/get_instance_iam_policy.py +6 -6
- pulumi_gcp/securesourcemanager/instance.py +144 -14
- pulumi_gcp/securitycenter/get_source_iam_policy.py +2 -2
- pulumi_gcp/securitycenter/instance_iam_binding.py +60 -40
- pulumi_gcp/securitycenter/instance_iam_member.py +60 -40
- pulumi_gcp/securitycenter/instance_iam_policy.py +60 -40
- pulumi_gcp/securitycenter/mute_config.py +6 -6
- pulumi_gcp/securitycenter/notification_config.py +4 -4
- pulumi_gcp/securitycenter/organization_custom_module.py +40 -40
- pulumi_gcp/securitycenter/project_custom_module.py +36 -36
- pulumi_gcp/securitycenter/source.py +6 -6
- pulumi_gcp/securitycenter/source_iam_binding.py +6 -6
- pulumi_gcp/securitycenter/source_iam_member.py +6 -6
- pulumi_gcp/securitycenter/source_iam_policy.py +6 -6
- pulumi_gcp/securityposture/posture.py +46 -46
- pulumi_gcp/serviceaccount/account.py +2 -2
- pulumi_gcp/serviceaccount/get_account.py +34 -0
- pulumi_gcp/serviceaccount/get_account_access_token.py +8 -10
- pulumi_gcp/serviceaccount/get_account_key.py +4 -4
- pulumi_gcp/serviceaccount/get_iam_policy.py +2 -2
- pulumi_gcp/serviceaccount/key.py +46 -2
- pulumi_gcp/servicedirectory/endpoint.py +28 -40
- pulumi_gcp/servicedirectory/namespace.py +2 -4
- pulumi_gcp/servicedirectory/namespace_iam_binding.py +14 -12
- pulumi_gcp/servicedirectory/namespace_iam_member.py +14 -12
- pulumi_gcp/servicedirectory/namespace_iam_policy.py +14 -12
- pulumi_gcp/servicedirectory/service.py +10 -14
- pulumi_gcp/servicedirectory/service_iam_binding.py +14 -12
- pulumi_gcp/servicedirectory/service_iam_member.py +14 -12
- pulumi_gcp/servicedirectory/service_iam_policy.py +14 -12
- pulumi_gcp/servicenetworking/connection.py +8 -6
- pulumi_gcp/servicenetworking/peered_dns_domain.py +6 -4
- pulumi_gcp/serviceusage/consumer_quota_override.py +126 -0
- pulumi_gcp/sourcerepo/get_repository_iam_policy.py +4 -4
- pulumi_gcp/sourcerepo/repository.py +20 -16
- pulumi_gcp/sourcerepo/repository_iam_binding.py +12 -12
- pulumi_gcp/sourcerepo/repository_iam_member.py +12 -12
- pulumi_gcp/sourcerepo/repository_iam_policy.py +12 -12
- pulumi_gcp/spanner/database.py +2 -0
- pulumi_gcp/spanner/database_iam_binding.py +12 -12
- pulumi_gcp/spanner/database_iam_member.py +12 -12
- pulumi_gcp/spanner/database_iam_policy.py +12 -12
- pulumi_gcp/spanner/get_database_iam_policy.py +6 -6
- pulumi_gcp/spanner/get_instance_iam_policy.py +4 -4
- pulumi_gcp/spanner/instance.py +16 -16
- pulumi_gcp/spanner/instance_iam_binding.py +8 -8
- pulumi_gcp/spanner/instance_iam_member.py +8 -8
- pulumi_gcp/spanner/instance_iam_policy.py +8 -8
- pulumi_gcp/sql/database.py +14 -4
- pulumi_gcp/sql/database_instance.py +76 -26
- pulumi_gcp/sql/get_backup_run.py +2 -2
- pulumi_gcp/sql/get_ca_certs.py +32 -0
- pulumi_gcp/sql/get_database.py +2 -2
- pulumi_gcp/sql/get_databases.py +2 -2
- pulumi_gcp/sql/source_representation_instance.py +20 -16
- pulumi_gcp/sql/ssl_cert.py +6 -4
- pulumi_gcp/sql/user.py +154 -0
- pulumi_gcp/storage/bucket.py +44 -38
- pulumi_gcp/storage/bucket_access_control.py +8 -4
- pulumi_gcp/storage/bucket_acl.py +6 -2
- pulumi_gcp/storage/bucket_iam_binding.py +12 -12
- pulumi_gcp/storage/bucket_iam_member.py +12 -12
- pulumi_gcp/storage/bucket_iam_policy.py +12 -12
- pulumi_gcp/storage/bucket_object.py +14 -12
- pulumi_gcp/storage/default_object_access_control.py +8 -4
- pulumi_gcp/storage/default_object_acl.py +6 -2
- pulumi_gcp/storage/get_bucket_iam_policy.py +2 -2
- pulumi_gcp/storage/get_bucket_object.py +4 -4
- pulumi_gcp/storage/get_object_signed_url.py +6 -4
- pulumi_gcp/storage/get_project_service_account.py +6 -6
- pulumi_gcp/storage/hmac_key.py +2 -2
- pulumi_gcp/storage/insights_report_config.py +14 -14
- pulumi_gcp/storage/notification.py +20 -18
- pulumi_gcp/storage/object_access_control.py +10 -4
- pulumi_gcp/storage/object_acl.py +8 -2
- pulumi_gcp/storage/transfer_agent_pool.py +6 -6
- pulumi_gcp/storage/transfer_job.py +30 -38
- pulumi_gcp/tags/get_tag_key_iam_policy.py +2 -2
- pulumi_gcp/tags/get_tag_value_iam_policy.py +2 -2
- pulumi_gcp/tags/location_tag_binding.py +44 -32
- pulumi_gcp/tags/tag_binding.py +16 -10
- pulumi_gcp/tags/tag_key.py +4 -4
- pulumi_gcp/tags/tag_key_iam_binding.py +6 -6
- pulumi_gcp/tags/tag_key_iam_member.py +6 -6
- pulumi_gcp/tags/tag_key_iam_policy.py +6 -6
- pulumi_gcp/tags/tag_value.py +8 -8
- pulumi_gcp/tags/tag_value_iam_binding.py +6 -6
- pulumi_gcp/tags/tag_value_iam_member.py +6 -6
- pulumi_gcp/tags/tag_value_iam_policy.py +6 -6
- pulumi_gcp/tpu/get_tensorflow_versions.py +2 -0
- pulumi_gcp/tpu/get_v2_accelerator_types.py +10 -8
- pulumi_gcp/tpu/get_v2_runtime_versions.py +2 -0
- pulumi_gcp/tpu/node.py +12 -6
- pulumi_gcp/tpu/v2_vm.py +134 -2
- pulumi_gcp/vertex/ai_dataset.py +6 -6
- pulumi_gcp/vertex/ai_endpoint.py +28 -26
- pulumi_gcp/vertex/ai_feature_group.py +8 -6
- pulumi_gcp/vertex/ai_feature_group_feature.py +12 -8
- pulumi_gcp/vertex/ai_feature_online_store.py +26 -24
- pulumi_gcp/vertex/ai_feature_online_store_featureview.py +36 -28
- pulumi_gcp/vertex/ai_feature_store.py +30 -26
- pulumi_gcp/vertex/ai_feature_store_entity_type.py +12 -8
- pulumi_gcp/vertex/ai_feature_store_entity_type_feature.py +18 -12
- pulumi_gcp/vertex/ai_index.py +8 -0
- pulumi_gcp/vertex/ai_index_endpoint.py +36 -36
- pulumi_gcp/vertex/ai_metadata_store.py +2 -0
- pulumi_gcp/vertex/ai_tensorboard.py +12 -14
- pulumi_gcp/vmwareengine/cluster.py +12 -0
- pulumi_gcp/vmwareengine/external_access_rule.py +16 -0
- pulumi_gcp/vmwareengine/external_address.py +10 -4
- pulumi_gcp/vmwareengine/get_network.py +4 -4
- pulumi_gcp/vmwareengine/get_network_policy.py +4 -4
- pulumi_gcp/vmwareengine/get_private_cloud.py +4 -4
- pulumi_gcp/vmwareengine/network.py +56 -4
- pulumi_gcp/vmwareengine/network_peering.py +12 -2
- pulumi_gcp/vmwareengine/network_policy.py +8 -0
- pulumi_gcp/vmwareengine/private_cloud.py +8 -0
- pulumi_gcp/vmwareengine/subnet.py +6 -0
- pulumi_gcp/vpcaccess/connector.py +16 -6
- pulumi_gcp/vpcaccess/get_connector.py +2 -0
- pulumi_gcp/workbench/get_instance_iam_policy.py +6 -6
- pulumi_gcp/workbench/instance.py +42 -26
- pulumi_gcp/workflows/workflow.py +98 -0
- pulumi_gcp/workstations/workstation.py +26 -30
- pulumi_gcp/workstations/workstation_cluster.py +48 -48
- pulumi_gcp/workstations/workstation_config.py +182 -194
- {pulumi_gcp-7.12.0a1709102105.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/METADATA +1 -1
- pulumi_gcp-7.12.0a1709133800.dist-info/RECORD +1489 -0
- pulumi_gcp-7.12.0a1709102105.dist-info/RECORD +0 -1489
- {pulumi_gcp-7.12.0a1709102105.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/WHEEL +0 -0
- {pulumi_gcp-7.12.0a1709102105.dist-info → pulumi_gcp-7.12.0a1709133800.dist-info}/top_level.txt +0 -0
|
@@ -493,6 +493,164 @@ class Function(pulumi.CustomResource):
|
|
|
493
493
|
* [API documentation](https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions)
|
|
494
494
|
|
|
495
495
|
## Example Usage
|
|
496
|
+
### Cloudfunctions2 Basic
|
|
497
|
+
|
|
498
|
+
```python
|
|
499
|
+
import pulumi
|
|
500
|
+
import pulumi_gcp as gcp
|
|
501
|
+
|
|
502
|
+
project = "my-project-name"
|
|
503
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
504
|
+
name=f"{project}-gcf-source",
|
|
505
|
+
location="US",
|
|
506
|
+
uniform_bucket_level_access=True)
|
|
507
|
+
object = gcp.storage.BucketObject("object",
|
|
508
|
+
name="function-source.zip",
|
|
509
|
+
bucket=bucket.name,
|
|
510
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
511
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
512
|
+
name="function-v2",
|
|
513
|
+
location="us-central1",
|
|
514
|
+
description="a new function",
|
|
515
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
516
|
+
runtime="nodejs16",
|
|
517
|
+
entry_point="helloHttp",
|
|
518
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
519
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
520
|
+
bucket=bucket.name,
|
|
521
|
+
object=object.name,
|
|
522
|
+
),
|
|
523
|
+
),
|
|
524
|
+
),
|
|
525
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
526
|
+
max_instance_count=1,
|
|
527
|
+
available_memory="256M",
|
|
528
|
+
timeout_seconds=60,
|
|
529
|
+
))
|
|
530
|
+
pulumi.export("functionUri", function.service_config.uri)
|
|
531
|
+
```
|
|
532
|
+
### Cloudfunctions2 Full
|
|
533
|
+
|
|
534
|
+
```python
|
|
535
|
+
import pulumi
|
|
536
|
+
import pulumi_gcp as gcp
|
|
537
|
+
|
|
538
|
+
project = "my-project-name"
|
|
539
|
+
account = gcp.serviceaccount.Account("account",
|
|
540
|
+
account_id="gcf-sa",
|
|
541
|
+
display_name="Test Service Account")
|
|
542
|
+
topic = gcp.pubsub.Topic("topic", name="functions2-topic")
|
|
543
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
544
|
+
name=f"{project}-gcf-source",
|
|
545
|
+
location="US",
|
|
546
|
+
uniform_bucket_level_access=True)
|
|
547
|
+
object = gcp.storage.BucketObject("object",
|
|
548
|
+
name="function-source.zip",
|
|
549
|
+
bucket=bucket.name,
|
|
550
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
551
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
552
|
+
name="gcf-function",
|
|
553
|
+
location="us-central1",
|
|
554
|
+
description="a new function",
|
|
555
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
556
|
+
runtime="nodejs16",
|
|
557
|
+
entry_point="helloPubSub",
|
|
558
|
+
environment_variables={
|
|
559
|
+
"BUILD_CONFIG_TEST": "build_test",
|
|
560
|
+
},
|
|
561
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
562
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
563
|
+
bucket=bucket.name,
|
|
564
|
+
object=object.name,
|
|
565
|
+
),
|
|
566
|
+
),
|
|
567
|
+
),
|
|
568
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
569
|
+
max_instance_count=3,
|
|
570
|
+
min_instance_count=1,
|
|
571
|
+
available_memory="4Gi",
|
|
572
|
+
timeout_seconds=60,
|
|
573
|
+
max_instance_request_concurrency=80,
|
|
574
|
+
available_cpu="4",
|
|
575
|
+
environment_variables={
|
|
576
|
+
"SERVICE_CONFIG_TEST": "config_test",
|
|
577
|
+
},
|
|
578
|
+
ingress_settings="ALLOW_INTERNAL_ONLY",
|
|
579
|
+
all_traffic_on_latest_revision=True,
|
|
580
|
+
service_account_email=account.email,
|
|
581
|
+
),
|
|
582
|
+
event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(
|
|
583
|
+
trigger_region="us-central1",
|
|
584
|
+
event_type="google.cloud.pubsub.topic.v1.messagePublished",
|
|
585
|
+
pubsub_topic=topic.id,
|
|
586
|
+
retry_policy="RETRY_POLICY_RETRY",
|
|
587
|
+
))
|
|
588
|
+
```
|
|
589
|
+
### Cloudfunctions2 Scheduler Auth
|
|
590
|
+
|
|
591
|
+
```python
|
|
592
|
+
import pulumi
|
|
593
|
+
import pulumi_gcp as gcp
|
|
594
|
+
|
|
595
|
+
project = "my-project-name"
|
|
596
|
+
account = gcp.serviceaccount.Account("account",
|
|
597
|
+
account_id="gcf-sa",
|
|
598
|
+
display_name="Test Service Account")
|
|
599
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
600
|
+
name=f"{project}-gcf-source",
|
|
601
|
+
location="US",
|
|
602
|
+
uniform_bucket_level_access=True)
|
|
603
|
+
object = gcp.storage.BucketObject("object",
|
|
604
|
+
name="function-source.zip",
|
|
605
|
+
bucket=bucket.name,
|
|
606
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
607
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
608
|
+
name="gcf-function",
|
|
609
|
+
location="us-central1",
|
|
610
|
+
description="a new function",
|
|
611
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
612
|
+
runtime="nodejs16",
|
|
613
|
+
entry_point="helloHttp",
|
|
614
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
615
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
616
|
+
bucket=bucket.name,
|
|
617
|
+
object=object.name,
|
|
618
|
+
),
|
|
619
|
+
),
|
|
620
|
+
),
|
|
621
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
622
|
+
min_instance_count=1,
|
|
623
|
+
available_memory="256M",
|
|
624
|
+
timeout_seconds=60,
|
|
625
|
+
service_account_email=account.email,
|
|
626
|
+
))
|
|
627
|
+
invoker = gcp.cloudfunctionsv2.FunctionIamMember("invoker",
|
|
628
|
+
project=function.project,
|
|
629
|
+
location=function.location,
|
|
630
|
+
cloud_function=function.name,
|
|
631
|
+
role="roles/cloudfunctions.invoker",
|
|
632
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
633
|
+
cloud_run_invoker = gcp.cloudrun.IamMember("cloud_run_invoker",
|
|
634
|
+
project=function.project,
|
|
635
|
+
location=function.location,
|
|
636
|
+
service=function.name,
|
|
637
|
+
role="roles/run.invoker",
|
|
638
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
639
|
+
invoke_cloud_function = gcp.cloudscheduler.Job("invoke_cloud_function",
|
|
640
|
+
name="invoke-gcf-function",
|
|
641
|
+
description="Schedule the HTTPS trigger for cloud function",
|
|
642
|
+
schedule="0 0 * * *",
|
|
643
|
+
project=function.project,
|
|
644
|
+
region=function.location,
|
|
645
|
+
http_target=gcp.cloudscheduler.JobHttpTargetArgs(
|
|
646
|
+
uri=function.service_config.uri,
|
|
647
|
+
http_method="POST",
|
|
648
|
+
oidc_token=gcp.cloudscheduler.JobHttpTargetOidcTokenArgs(
|
|
649
|
+
audience=function.service_config.apply(lambda service_config: f"{service_config.uri}/"),
|
|
650
|
+
service_account_email=account.email,
|
|
651
|
+
),
|
|
652
|
+
))
|
|
653
|
+
```
|
|
496
654
|
### Cloudfunctions2 Basic Gcs
|
|
497
655
|
|
|
498
656
|
```python
|
|
@@ -500,13 +658,15 @@ class Function(pulumi.CustomResource):
|
|
|
500
658
|
import pulumi_gcp as gcp
|
|
501
659
|
|
|
502
660
|
source_bucket = gcp.storage.Bucket("source-bucket",
|
|
661
|
+
name="gcf-source-bucket",
|
|
503
662
|
location="US",
|
|
504
663
|
uniform_bucket_level_access=True)
|
|
505
664
|
object = gcp.storage.BucketObject("object",
|
|
665
|
+
name="function-source.zip",
|
|
506
666
|
bucket=source_bucket.name,
|
|
507
667
|
source=pulumi.FileAsset("function-source.zip"))
|
|
508
|
-
# Add path to the zipped function source code
|
|
509
668
|
trigger_bucket = gcp.storage.Bucket("trigger-bucket",
|
|
669
|
+
name="gcf-trigger-bucket",
|
|
510
670
|
location="us-central1",
|
|
511
671
|
uniform_bucket_level_access=True)
|
|
512
672
|
gcs_account = gcp.storage.get_project_service_account()
|
|
@@ -523,19 +683,17 @@ class Function(pulumi.CustomResource):
|
|
|
523
683
|
invoking = gcp.projects.IAMMember("invoking",
|
|
524
684
|
project="my-project-name",
|
|
525
685
|
role="roles/run.invoker",
|
|
526
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
527
|
-
opts=pulumi.ResourceOptions(depends_on=[gcs_pubsub_publishing]))
|
|
686
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
528
687
|
event_receiving = gcp.projects.IAMMember("event-receiving",
|
|
529
688
|
project="my-project-name",
|
|
530
689
|
role="roles/eventarc.eventReceiver",
|
|
531
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
532
|
-
opts=pulumi.ResourceOptions(depends_on=[invoking]))
|
|
690
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
533
691
|
artifactregistry_reader = gcp.projects.IAMMember("artifactregistry-reader",
|
|
534
692
|
project="my-project-name",
|
|
535
693
|
role="roles/artifactregistry.reader",
|
|
536
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
537
|
-
opts=pulumi.ResourceOptions(depends_on=[event_receiving]))
|
|
694
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
538
695
|
function = gcp.cloudfunctionsv2.Function("function",
|
|
696
|
+
name="gcf-function",
|
|
539
697
|
location="us-central1",
|
|
540
698
|
description="a new function",
|
|
541
699
|
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
@@ -572,11 +730,7 @@ class Function(pulumi.CustomResource):
|
|
|
572
730
|
attribute="bucket",
|
|
573
731
|
value=trigger_bucket.name,
|
|
574
732
|
)],
|
|
575
|
-
)
|
|
576
|
-
opts=pulumi.ResourceOptions(depends_on=[
|
|
577
|
-
event_receiving,
|
|
578
|
-
artifactregistry_reader,
|
|
579
|
-
]))
|
|
733
|
+
))
|
|
580
734
|
```
|
|
581
735
|
### Cloudfunctions2 Basic Auditlogs
|
|
582
736
|
|
|
@@ -589,12 +743,13 @@ class Function(pulumi.CustomResource):
|
|
|
589
743
|
# and the docs:
|
|
590
744
|
# https://cloud.google.com/eventarc/docs/path-patterns
|
|
591
745
|
source_bucket = gcp.storage.Bucket("source-bucket",
|
|
746
|
+
name="gcf-source-bucket",
|
|
592
747
|
location="US",
|
|
593
748
|
uniform_bucket_level_access=True)
|
|
594
749
|
object = gcp.storage.BucketObject("object",
|
|
750
|
+
name="function-source.zip",
|
|
595
751
|
bucket=source_bucket.name,
|
|
596
752
|
source=pulumi.FileAsset("function-source.zip"))
|
|
597
|
-
# Add path to the zipped function source code
|
|
598
753
|
account = gcp.serviceaccount.Account("account",
|
|
599
754
|
account_id="gcf-sa",
|
|
600
755
|
display_name="Test Service Account - used for both the cloud function and eventarc trigger in the test")
|
|
@@ -602,6 +757,7 @@ class Function(pulumi.CustomResource):
|
|
|
602
757
|
# Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of
|
|
603
758
|
# google_cloudfunctions2_function below (Audit Log events have path pattern support)
|
|
604
759
|
audit_log_bucket = gcp.storage.Bucket("audit-log-bucket",
|
|
760
|
+
name="gcf-auditlog-bucket",
|
|
605
761
|
location="us-central1",
|
|
606
762
|
uniform_bucket_level_access=True)
|
|
607
763
|
# Permissions on the service account used by the function and Eventarc trigger
|
|
@@ -612,14 +768,13 @@ class Function(pulumi.CustomResource):
|
|
|
612
768
|
event_receiving = gcp.projects.IAMMember("event-receiving",
|
|
613
769
|
project="my-project-name",
|
|
614
770
|
role="roles/eventarc.eventReceiver",
|
|
615
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
616
|
-
opts=pulumi.ResourceOptions(depends_on=[invoking]))
|
|
771
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
617
772
|
artifactregistry_reader = gcp.projects.IAMMember("artifactregistry-reader",
|
|
618
773
|
project="my-project-name",
|
|
619
774
|
role="roles/artifactregistry.reader",
|
|
620
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
621
|
-
opts=pulumi.ResourceOptions(depends_on=[event_receiving]))
|
|
775
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
622
776
|
function = gcp.cloudfunctionsv2.Function("function",
|
|
777
|
+
name="gcf-function",
|
|
623
778
|
location="us-central1",
|
|
624
779
|
description="a new function",
|
|
625
780
|
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
@@ -667,11 +822,223 @@ class Function(pulumi.CustomResource):
|
|
|
667
822
|
operator="match-path-pattern",
|
|
668
823
|
),
|
|
669
824
|
],
|
|
825
|
+
))
|
|
826
|
+
```
|
|
827
|
+
### Cloudfunctions2 Secret Env
|
|
828
|
+
|
|
829
|
+
```python
|
|
830
|
+
import pulumi
|
|
831
|
+
import pulumi_gcp as gcp
|
|
832
|
+
|
|
833
|
+
project = "my-project-name"
|
|
834
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
835
|
+
name=f"{project}-gcf-source",
|
|
836
|
+
location="US",
|
|
837
|
+
uniform_bucket_level_access=True)
|
|
838
|
+
object = gcp.storage.BucketObject("object",
|
|
839
|
+
name="function-source.zip",
|
|
840
|
+
bucket=bucket.name,
|
|
841
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
842
|
+
secret = gcp.secretmanager.Secret("secret",
|
|
843
|
+
secret_id="secret",
|
|
844
|
+
replication=gcp.secretmanager.SecretReplicationArgs(
|
|
845
|
+
user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(
|
|
846
|
+
replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(
|
|
847
|
+
location="us-central1",
|
|
848
|
+
)],
|
|
849
|
+
),
|
|
850
|
+
))
|
|
851
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
852
|
+
name="function-secret",
|
|
853
|
+
location="us-central1",
|
|
854
|
+
description="a new function",
|
|
855
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
856
|
+
runtime="nodejs16",
|
|
857
|
+
entry_point="helloHttp",
|
|
858
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
859
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
860
|
+
bucket=bucket.name,
|
|
861
|
+
object=object.name,
|
|
862
|
+
),
|
|
863
|
+
),
|
|
864
|
+
),
|
|
865
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
866
|
+
max_instance_count=1,
|
|
867
|
+
available_memory="256M",
|
|
868
|
+
timeout_seconds=60,
|
|
869
|
+
secret_environment_variables=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArgs(
|
|
870
|
+
key="TEST",
|
|
871
|
+
project_id=project,
|
|
872
|
+
secret=secret.secret_id,
|
|
873
|
+
version="latest",
|
|
874
|
+
)],
|
|
875
|
+
))
|
|
876
|
+
secret_secret_version = gcp.secretmanager.SecretVersion("secret",
|
|
877
|
+
secret=secret.name,
|
|
878
|
+
secret_data="secret",
|
|
879
|
+
enabled=True)
|
|
880
|
+
```
|
|
881
|
+
### Cloudfunctions2 Secret Volume
|
|
882
|
+
|
|
883
|
+
```python
|
|
884
|
+
import pulumi
|
|
885
|
+
import pulumi_gcp as gcp
|
|
886
|
+
|
|
887
|
+
project = "my-project-name"
|
|
888
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
889
|
+
name=f"{project}-gcf-source",
|
|
890
|
+
location="US",
|
|
891
|
+
uniform_bucket_level_access=True)
|
|
892
|
+
object = gcp.storage.BucketObject("object",
|
|
893
|
+
name="function-source.zip",
|
|
894
|
+
bucket=bucket.name,
|
|
895
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
896
|
+
secret = gcp.secretmanager.Secret("secret",
|
|
897
|
+
secret_id="secret",
|
|
898
|
+
replication=gcp.secretmanager.SecretReplicationArgs(
|
|
899
|
+
user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(
|
|
900
|
+
replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(
|
|
901
|
+
location="us-central1",
|
|
902
|
+
)],
|
|
903
|
+
),
|
|
904
|
+
))
|
|
905
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
906
|
+
name="function-secret",
|
|
907
|
+
location="us-central1",
|
|
908
|
+
description="a new function",
|
|
909
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
910
|
+
runtime="nodejs16",
|
|
911
|
+
entry_point="helloHttp",
|
|
912
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
913
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
914
|
+
bucket=bucket.name,
|
|
915
|
+
object=object.name,
|
|
916
|
+
),
|
|
917
|
+
),
|
|
918
|
+
),
|
|
919
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
920
|
+
max_instance_count=1,
|
|
921
|
+
available_memory="256M",
|
|
922
|
+
timeout_seconds=60,
|
|
923
|
+
secret_volumes=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretVolumeArgs(
|
|
924
|
+
mount_path="/etc/secrets",
|
|
925
|
+
project_id=project,
|
|
926
|
+
secret=secret.secret_id,
|
|
927
|
+
)],
|
|
928
|
+
))
|
|
929
|
+
secret_secret_version = gcp.secretmanager.SecretVersion("secret",
|
|
930
|
+
secret=secret.name,
|
|
931
|
+
secret_data="secret",
|
|
932
|
+
enabled=True)
|
|
933
|
+
```
|
|
934
|
+
### Cloudfunctions2 Private Workerpool
|
|
935
|
+
|
|
936
|
+
```python
|
|
937
|
+
import pulumi
|
|
938
|
+
import pulumi_gcp as gcp
|
|
939
|
+
|
|
940
|
+
project = "my-project-name"
|
|
941
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
942
|
+
name=f"{project}-gcf-source",
|
|
943
|
+
location="US",
|
|
944
|
+
uniform_bucket_level_access=True)
|
|
945
|
+
object = gcp.storage.BucketObject("object",
|
|
946
|
+
name="function-source.zip",
|
|
947
|
+
bucket=bucket.name,
|
|
948
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
949
|
+
pool = gcp.cloudbuild.WorkerPool("pool",
|
|
950
|
+
name="workerpool",
|
|
951
|
+
location="us-central1",
|
|
952
|
+
worker_config=gcp.cloudbuild.WorkerPoolWorkerConfigArgs(
|
|
953
|
+
disk_size_gb=100,
|
|
954
|
+
machine_type="e2-standard-8",
|
|
955
|
+
no_external_ip=False,
|
|
956
|
+
))
|
|
957
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
958
|
+
name="function-workerpool",
|
|
959
|
+
location="us-central1",
|
|
960
|
+
description="a new function",
|
|
961
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
962
|
+
runtime="nodejs16",
|
|
963
|
+
entry_point="helloHttp",
|
|
964
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
965
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
966
|
+
bucket=bucket.name,
|
|
967
|
+
object=object.name,
|
|
968
|
+
),
|
|
969
|
+
),
|
|
970
|
+
worker_pool=pool.id,
|
|
670
971
|
),
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
972
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
973
|
+
max_instance_count=1,
|
|
974
|
+
available_memory="256M",
|
|
975
|
+
timeout_seconds=60,
|
|
976
|
+
))
|
|
977
|
+
```
|
|
978
|
+
### Cloudfunctions2 Cmek Docs
|
|
979
|
+
|
|
980
|
+
```python
|
|
981
|
+
import pulumi
|
|
982
|
+
import pulumi_gcp as gcp
|
|
983
|
+
|
|
984
|
+
project = "my-project-name"
|
|
985
|
+
project_get_project = gcp.organizations.get_project()
|
|
986
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
987
|
+
name=f"{project}-gcf-source",
|
|
988
|
+
location="US",
|
|
989
|
+
uniform_bucket_level_access=True)
|
|
990
|
+
object = gcp.storage.BucketObject("object",
|
|
991
|
+
name="function-source.zip",
|
|
992
|
+
bucket=bucket.name,
|
|
993
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
994
|
+
ea_sa = gcp.projects.ServiceIdentity("ea_sa",
|
|
995
|
+
project=project_get_project.project_id,
|
|
996
|
+
service="eventarc.googleapis.com")
|
|
997
|
+
unencoded_ar_repo = gcp.artifactregistry.Repository("unencoded-ar-repo",
|
|
998
|
+
repository_id="ar-repo",
|
|
999
|
+
location="us-central1",
|
|
1000
|
+
format="DOCKER")
|
|
1001
|
+
encoded_ar_repo = gcp.artifactregistry.Repository("encoded-ar-repo",
|
|
1002
|
+
location="us-central1",
|
|
1003
|
+
repository_id="cmek-repo",
|
|
1004
|
+
format="DOCKER",
|
|
1005
|
+
kms_key_name="cmek-key")
|
|
1006
|
+
binding = gcp.artifactregistry.RepositoryIamBinding("binding",
|
|
1007
|
+
location=encoded_ar_repo.location,
|
|
1008
|
+
repository=encoded_ar_repo.name,
|
|
1009
|
+
role="roles/artifactregistry.admin",
|
|
1010
|
+
members=[f"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com"])
|
|
1011
|
+
gcf_cmek_keyuser = gcp.kms.CryptoKeyIAMBinding("gcf_cmek_keyuser",
|
|
1012
|
+
crypto_key_id="cmek-key",
|
|
1013
|
+
role="roles/cloudkms.cryptoKeyEncrypterDecrypter",
|
|
1014
|
+
members=[
|
|
1015
|
+
f"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com",
|
|
1016
|
+
f"serviceAccount:service-{project_get_project.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com",
|
|
1017
|
+
f"serviceAccount:service-{project_get_project.number}@gs-project-accounts.iam.gserviceaccount.com",
|
|
1018
|
+
f"serviceAccount:service-{project_get_project.number}@serverless-robot-prod.iam.gserviceaccount.com",
|
|
1019
|
+
ea_sa.email.apply(lambda email: f"serviceAccount:{email}"),
|
|
1020
|
+
])
|
|
1021
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1022
|
+
name="function-cmek",
|
|
1023
|
+
location="us-central1",
|
|
1024
|
+
description="CMEK function",
|
|
1025
|
+
kms_key_name="cmek-key",
|
|
1026
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1027
|
+
runtime="nodejs16",
|
|
1028
|
+
entry_point="helloHttp",
|
|
1029
|
+
docker_repository=encoded_ar_repo.id,
|
|
1030
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1031
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1032
|
+
bucket=bucket.name,
|
|
1033
|
+
object=object.name,
|
|
1034
|
+
),
|
|
1035
|
+
),
|
|
1036
|
+
),
|
|
1037
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1038
|
+
max_instance_count=1,
|
|
1039
|
+
available_memory="256M",
|
|
1040
|
+
timeout_seconds=60,
|
|
1041
|
+
))
|
|
675
1042
|
```
|
|
676
1043
|
|
|
677
1044
|
## Import
|
|
@@ -738,6 +1105,164 @@ class Function(pulumi.CustomResource):
|
|
|
738
1105
|
* [API documentation](https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions)
|
|
739
1106
|
|
|
740
1107
|
## Example Usage
|
|
1108
|
+
### Cloudfunctions2 Basic
|
|
1109
|
+
|
|
1110
|
+
```python
|
|
1111
|
+
import pulumi
|
|
1112
|
+
import pulumi_gcp as gcp
|
|
1113
|
+
|
|
1114
|
+
project = "my-project-name"
|
|
1115
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1116
|
+
name=f"{project}-gcf-source",
|
|
1117
|
+
location="US",
|
|
1118
|
+
uniform_bucket_level_access=True)
|
|
1119
|
+
object = gcp.storage.BucketObject("object",
|
|
1120
|
+
name="function-source.zip",
|
|
1121
|
+
bucket=bucket.name,
|
|
1122
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1123
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1124
|
+
name="function-v2",
|
|
1125
|
+
location="us-central1",
|
|
1126
|
+
description="a new function",
|
|
1127
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1128
|
+
runtime="nodejs16",
|
|
1129
|
+
entry_point="helloHttp",
|
|
1130
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1131
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1132
|
+
bucket=bucket.name,
|
|
1133
|
+
object=object.name,
|
|
1134
|
+
),
|
|
1135
|
+
),
|
|
1136
|
+
),
|
|
1137
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1138
|
+
max_instance_count=1,
|
|
1139
|
+
available_memory="256M",
|
|
1140
|
+
timeout_seconds=60,
|
|
1141
|
+
))
|
|
1142
|
+
pulumi.export("functionUri", function.service_config.uri)
|
|
1143
|
+
```
|
|
1144
|
+
### Cloudfunctions2 Full
|
|
1145
|
+
|
|
1146
|
+
```python
|
|
1147
|
+
import pulumi
|
|
1148
|
+
import pulumi_gcp as gcp
|
|
1149
|
+
|
|
1150
|
+
project = "my-project-name"
|
|
1151
|
+
account = gcp.serviceaccount.Account("account",
|
|
1152
|
+
account_id="gcf-sa",
|
|
1153
|
+
display_name="Test Service Account")
|
|
1154
|
+
topic = gcp.pubsub.Topic("topic", name="functions2-topic")
|
|
1155
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1156
|
+
name=f"{project}-gcf-source",
|
|
1157
|
+
location="US",
|
|
1158
|
+
uniform_bucket_level_access=True)
|
|
1159
|
+
object = gcp.storage.BucketObject("object",
|
|
1160
|
+
name="function-source.zip",
|
|
1161
|
+
bucket=bucket.name,
|
|
1162
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1163
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1164
|
+
name="gcf-function",
|
|
1165
|
+
location="us-central1",
|
|
1166
|
+
description="a new function",
|
|
1167
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1168
|
+
runtime="nodejs16",
|
|
1169
|
+
entry_point="helloPubSub",
|
|
1170
|
+
environment_variables={
|
|
1171
|
+
"BUILD_CONFIG_TEST": "build_test",
|
|
1172
|
+
},
|
|
1173
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1174
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1175
|
+
bucket=bucket.name,
|
|
1176
|
+
object=object.name,
|
|
1177
|
+
),
|
|
1178
|
+
),
|
|
1179
|
+
),
|
|
1180
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1181
|
+
max_instance_count=3,
|
|
1182
|
+
min_instance_count=1,
|
|
1183
|
+
available_memory="4Gi",
|
|
1184
|
+
timeout_seconds=60,
|
|
1185
|
+
max_instance_request_concurrency=80,
|
|
1186
|
+
available_cpu="4",
|
|
1187
|
+
environment_variables={
|
|
1188
|
+
"SERVICE_CONFIG_TEST": "config_test",
|
|
1189
|
+
},
|
|
1190
|
+
ingress_settings="ALLOW_INTERNAL_ONLY",
|
|
1191
|
+
all_traffic_on_latest_revision=True,
|
|
1192
|
+
service_account_email=account.email,
|
|
1193
|
+
),
|
|
1194
|
+
event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(
|
|
1195
|
+
trigger_region="us-central1",
|
|
1196
|
+
event_type="google.cloud.pubsub.topic.v1.messagePublished",
|
|
1197
|
+
pubsub_topic=topic.id,
|
|
1198
|
+
retry_policy="RETRY_POLICY_RETRY",
|
|
1199
|
+
))
|
|
1200
|
+
```
|
|
1201
|
+
### Cloudfunctions2 Scheduler Auth
|
|
1202
|
+
|
|
1203
|
+
```python
|
|
1204
|
+
import pulumi
|
|
1205
|
+
import pulumi_gcp as gcp
|
|
1206
|
+
|
|
1207
|
+
project = "my-project-name"
|
|
1208
|
+
account = gcp.serviceaccount.Account("account",
|
|
1209
|
+
account_id="gcf-sa",
|
|
1210
|
+
display_name="Test Service Account")
|
|
1211
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1212
|
+
name=f"{project}-gcf-source",
|
|
1213
|
+
location="US",
|
|
1214
|
+
uniform_bucket_level_access=True)
|
|
1215
|
+
object = gcp.storage.BucketObject("object",
|
|
1216
|
+
name="function-source.zip",
|
|
1217
|
+
bucket=bucket.name,
|
|
1218
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1219
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1220
|
+
name="gcf-function",
|
|
1221
|
+
location="us-central1",
|
|
1222
|
+
description="a new function",
|
|
1223
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1224
|
+
runtime="nodejs16",
|
|
1225
|
+
entry_point="helloHttp",
|
|
1226
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1227
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1228
|
+
bucket=bucket.name,
|
|
1229
|
+
object=object.name,
|
|
1230
|
+
),
|
|
1231
|
+
),
|
|
1232
|
+
),
|
|
1233
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1234
|
+
min_instance_count=1,
|
|
1235
|
+
available_memory="256M",
|
|
1236
|
+
timeout_seconds=60,
|
|
1237
|
+
service_account_email=account.email,
|
|
1238
|
+
))
|
|
1239
|
+
invoker = gcp.cloudfunctionsv2.FunctionIamMember("invoker",
|
|
1240
|
+
project=function.project,
|
|
1241
|
+
location=function.location,
|
|
1242
|
+
cloud_function=function.name,
|
|
1243
|
+
role="roles/cloudfunctions.invoker",
|
|
1244
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
1245
|
+
cloud_run_invoker = gcp.cloudrun.IamMember("cloud_run_invoker",
|
|
1246
|
+
project=function.project,
|
|
1247
|
+
location=function.location,
|
|
1248
|
+
service=function.name,
|
|
1249
|
+
role="roles/run.invoker",
|
|
1250
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
1251
|
+
invoke_cloud_function = gcp.cloudscheduler.Job("invoke_cloud_function",
|
|
1252
|
+
name="invoke-gcf-function",
|
|
1253
|
+
description="Schedule the HTTPS trigger for cloud function",
|
|
1254
|
+
schedule="0 0 * * *",
|
|
1255
|
+
project=function.project,
|
|
1256
|
+
region=function.location,
|
|
1257
|
+
http_target=gcp.cloudscheduler.JobHttpTargetArgs(
|
|
1258
|
+
uri=function.service_config.uri,
|
|
1259
|
+
http_method="POST",
|
|
1260
|
+
oidc_token=gcp.cloudscheduler.JobHttpTargetOidcTokenArgs(
|
|
1261
|
+
audience=function.service_config.apply(lambda service_config: f"{service_config.uri}/"),
|
|
1262
|
+
service_account_email=account.email,
|
|
1263
|
+
),
|
|
1264
|
+
))
|
|
1265
|
+
```
|
|
741
1266
|
### Cloudfunctions2 Basic Gcs
|
|
742
1267
|
|
|
743
1268
|
```python
|
|
@@ -745,13 +1270,15 @@ class Function(pulumi.CustomResource):
|
|
|
745
1270
|
import pulumi_gcp as gcp
|
|
746
1271
|
|
|
747
1272
|
source_bucket = gcp.storage.Bucket("source-bucket",
|
|
1273
|
+
name="gcf-source-bucket",
|
|
748
1274
|
location="US",
|
|
749
1275
|
uniform_bucket_level_access=True)
|
|
750
1276
|
object = gcp.storage.BucketObject("object",
|
|
1277
|
+
name="function-source.zip",
|
|
751
1278
|
bucket=source_bucket.name,
|
|
752
1279
|
source=pulumi.FileAsset("function-source.zip"))
|
|
753
|
-
# Add path to the zipped function source code
|
|
754
1280
|
trigger_bucket = gcp.storage.Bucket("trigger-bucket",
|
|
1281
|
+
name="gcf-trigger-bucket",
|
|
755
1282
|
location="us-central1",
|
|
756
1283
|
uniform_bucket_level_access=True)
|
|
757
1284
|
gcs_account = gcp.storage.get_project_service_account()
|
|
@@ -768,19 +1295,17 @@ class Function(pulumi.CustomResource):
|
|
|
768
1295
|
invoking = gcp.projects.IAMMember("invoking",
|
|
769
1296
|
project="my-project-name",
|
|
770
1297
|
role="roles/run.invoker",
|
|
771
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
772
|
-
opts=pulumi.ResourceOptions(depends_on=[gcs_pubsub_publishing]))
|
|
1298
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
773
1299
|
event_receiving = gcp.projects.IAMMember("event-receiving",
|
|
774
1300
|
project="my-project-name",
|
|
775
1301
|
role="roles/eventarc.eventReceiver",
|
|
776
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
777
|
-
opts=pulumi.ResourceOptions(depends_on=[invoking]))
|
|
1302
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
778
1303
|
artifactregistry_reader = gcp.projects.IAMMember("artifactregistry-reader",
|
|
779
1304
|
project="my-project-name",
|
|
780
1305
|
role="roles/artifactregistry.reader",
|
|
781
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
782
|
-
opts=pulumi.ResourceOptions(depends_on=[event_receiving]))
|
|
1306
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
783
1307
|
function = gcp.cloudfunctionsv2.Function("function",
|
|
1308
|
+
name="gcf-function",
|
|
784
1309
|
location="us-central1",
|
|
785
1310
|
description="a new function",
|
|
786
1311
|
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
@@ -817,11 +1342,7 @@ class Function(pulumi.CustomResource):
|
|
|
817
1342
|
attribute="bucket",
|
|
818
1343
|
value=trigger_bucket.name,
|
|
819
1344
|
)],
|
|
820
|
-
)
|
|
821
|
-
opts=pulumi.ResourceOptions(depends_on=[
|
|
822
|
-
event_receiving,
|
|
823
|
-
artifactregistry_reader,
|
|
824
|
-
]))
|
|
1345
|
+
))
|
|
825
1346
|
```
|
|
826
1347
|
### Cloudfunctions2 Basic Auditlogs
|
|
827
1348
|
|
|
@@ -834,12 +1355,13 @@ class Function(pulumi.CustomResource):
|
|
|
834
1355
|
# and the docs:
|
|
835
1356
|
# https://cloud.google.com/eventarc/docs/path-patterns
|
|
836
1357
|
source_bucket = gcp.storage.Bucket("source-bucket",
|
|
1358
|
+
name="gcf-source-bucket",
|
|
837
1359
|
location="US",
|
|
838
1360
|
uniform_bucket_level_access=True)
|
|
839
1361
|
object = gcp.storage.BucketObject("object",
|
|
1362
|
+
name="function-source.zip",
|
|
840
1363
|
bucket=source_bucket.name,
|
|
841
1364
|
source=pulumi.FileAsset("function-source.zip"))
|
|
842
|
-
# Add path to the zipped function source code
|
|
843
1365
|
account = gcp.serviceaccount.Account("account",
|
|
844
1366
|
account_id="gcf-sa",
|
|
845
1367
|
display_name="Test Service Account - used for both the cloud function and eventarc trigger in the test")
|
|
@@ -847,6 +1369,7 @@ class Function(pulumi.CustomResource):
|
|
|
847
1369
|
# Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of
|
|
848
1370
|
# google_cloudfunctions2_function below (Audit Log events have path pattern support)
|
|
849
1371
|
audit_log_bucket = gcp.storage.Bucket("audit-log-bucket",
|
|
1372
|
+
name="gcf-auditlog-bucket",
|
|
850
1373
|
location="us-central1",
|
|
851
1374
|
uniform_bucket_level_access=True)
|
|
852
1375
|
# Permissions on the service account used by the function and Eventarc trigger
|
|
@@ -857,14 +1380,13 @@ class Function(pulumi.CustomResource):
|
|
|
857
1380
|
event_receiving = gcp.projects.IAMMember("event-receiving",
|
|
858
1381
|
project="my-project-name",
|
|
859
1382
|
role="roles/eventarc.eventReceiver",
|
|
860
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
861
|
-
opts=pulumi.ResourceOptions(depends_on=[invoking]))
|
|
1383
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
862
1384
|
artifactregistry_reader = gcp.projects.IAMMember("artifactregistry-reader",
|
|
863
1385
|
project="my-project-name",
|
|
864
1386
|
role="roles/artifactregistry.reader",
|
|
865
|
-
member=account.email.apply(lambda email: f"serviceAccount:{email}")
|
|
866
|
-
opts=pulumi.ResourceOptions(depends_on=[event_receiving]))
|
|
1387
|
+
member=account.email.apply(lambda email: f"serviceAccount:{email}"))
|
|
867
1388
|
function = gcp.cloudfunctionsv2.Function("function",
|
|
1389
|
+
name="gcf-function",
|
|
868
1390
|
location="us-central1",
|
|
869
1391
|
description="a new function",
|
|
870
1392
|
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
@@ -912,11 +1434,223 @@ class Function(pulumi.CustomResource):
|
|
|
912
1434
|
operator="match-path-pattern",
|
|
913
1435
|
),
|
|
914
1436
|
],
|
|
1437
|
+
))
|
|
1438
|
+
```
|
|
1439
|
+
### Cloudfunctions2 Secret Env
|
|
1440
|
+
|
|
1441
|
+
```python
|
|
1442
|
+
import pulumi
|
|
1443
|
+
import pulumi_gcp as gcp
|
|
1444
|
+
|
|
1445
|
+
project = "my-project-name"
|
|
1446
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1447
|
+
name=f"{project}-gcf-source",
|
|
1448
|
+
location="US",
|
|
1449
|
+
uniform_bucket_level_access=True)
|
|
1450
|
+
object = gcp.storage.BucketObject("object",
|
|
1451
|
+
name="function-source.zip",
|
|
1452
|
+
bucket=bucket.name,
|
|
1453
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1454
|
+
secret = gcp.secretmanager.Secret("secret",
|
|
1455
|
+
secret_id="secret",
|
|
1456
|
+
replication=gcp.secretmanager.SecretReplicationArgs(
|
|
1457
|
+
user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(
|
|
1458
|
+
replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(
|
|
1459
|
+
location="us-central1",
|
|
1460
|
+
)],
|
|
1461
|
+
),
|
|
1462
|
+
))
|
|
1463
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1464
|
+
name="function-secret",
|
|
1465
|
+
location="us-central1",
|
|
1466
|
+
description="a new function",
|
|
1467
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1468
|
+
runtime="nodejs16",
|
|
1469
|
+
entry_point="helloHttp",
|
|
1470
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1471
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1472
|
+
bucket=bucket.name,
|
|
1473
|
+
object=object.name,
|
|
1474
|
+
),
|
|
1475
|
+
),
|
|
1476
|
+
),
|
|
1477
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1478
|
+
max_instance_count=1,
|
|
1479
|
+
available_memory="256M",
|
|
1480
|
+
timeout_seconds=60,
|
|
1481
|
+
secret_environment_variables=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArgs(
|
|
1482
|
+
key="TEST",
|
|
1483
|
+
project_id=project,
|
|
1484
|
+
secret=secret.secret_id,
|
|
1485
|
+
version="latest",
|
|
1486
|
+
)],
|
|
1487
|
+
))
|
|
1488
|
+
secret_secret_version = gcp.secretmanager.SecretVersion("secret",
|
|
1489
|
+
secret=secret.name,
|
|
1490
|
+
secret_data="secret",
|
|
1491
|
+
enabled=True)
|
|
1492
|
+
```
|
|
1493
|
+
### Cloudfunctions2 Secret Volume
|
|
1494
|
+
|
|
1495
|
+
```python
|
|
1496
|
+
import pulumi
|
|
1497
|
+
import pulumi_gcp as gcp
|
|
1498
|
+
|
|
1499
|
+
project = "my-project-name"
|
|
1500
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1501
|
+
name=f"{project}-gcf-source",
|
|
1502
|
+
location="US",
|
|
1503
|
+
uniform_bucket_level_access=True)
|
|
1504
|
+
object = gcp.storage.BucketObject("object",
|
|
1505
|
+
name="function-source.zip",
|
|
1506
|
+
bucket=bucket.name,
|
|
1507
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1508
|
+
secret = gcp.secretmanager.Secret("secret",
|
|
1509
|
+
secret_id="secret",
|
|
1510
|
+
replication=gcp.secretmanager.SecretReplicationArgs(
|
|
1511
|
+
user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(
|
|
1512
|
+
replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(
|
|
1513
|
+
location="us-central1",
|
|
1514
|
+
)],
|
|
1515
|
+
),
|
|
1516
|
+
))
|
|
1517
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1518
|
+
name="function-secret",
|
|
1519
|
+
location="us-central1",
|
|
1520
|
+
description="a new function",
|
|
1521
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1522
|
+
runtime="nodejs16",
|
|
1523
|
+
entry_point="helloHttp",
|
|
1524
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1525
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1526
|
+
bucket=bucket.name,
|
|
1527
|
+
object=object.name,
|
|
1528
|
+
),
|
|
1529
|
+
),
|
|
1530
|
+
),
|
|
1531
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1532
|
+
max_instance_count=1,
|
|
1533
|
+
available_memory="256M",
|
|
1534
|
+
timeout_seconds=60,
|
|
1535
|
+
secret_volumes=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretVolumeArgs(
|
|
1536
|
+
mount_path="/etc/secrets",
|
|
1537
|
+
project_id=project,
|
|
1538
|
+
secret=secret.secret_id,
|
|
1539
|
+
)],
|
|
1540
|
+
))
|
|
1541
|
+
secret_secret_version = gcp.secretmanager.SecretVersion("secret",
|
|
1542
|
+
secret=secret.name,
|
|
1543
|
+
secret_data="secret",
|
|
1544
|
+
enabled=True)
|
|
1545
|
+
```
|
|
1546
|
+
### Cloudfunctions2 Private Workerpool
|
|
1547
|
+
|
|
1548
|
+
```python
|
|
1549
|
+
import pulumi
|
|
1550
|
+
import pulumi_gcp as gcp
|
|
1551
|
+
|
|
1552
|
+
project = "my-project-name"
|
|
1553
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1554
|
+
name=f"{project}-gcf-source",
|
|
1555
|
+
location="US",
|
|
1556
|
+
uniform_bucket_level_access=True)
|
|
1557
|
+
object = gcp.storage.BucketObject("object",
|
|
1558
|
+
name="function-source.zip",
|
|
1559
|
+
bucket=bucket.name,
|
|
1560
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1561
|
+
pool = gcp.cloudbuild.WorkerPool("pool",
|
|
1562
|
+
name="workerpool",
|
|
1563
|
+
location="us-central1",
|
|
1564
|
+
worker_config=gcp.cloudbuild.WorkerPoolWorkerConfigArgs(
|
|
1565
|
+
disk_size_gb=100,
|
|
1566
|
+
machine_type="e2-standard-8",
|
|
1567
|
+
no_external_ip=False,
|
|
1568
|
+
))
|
|
1569
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1570
|
+
name="function-workerpool",
|
|
1571
|
+
location="us-central1",
|
|
1572
|
+
description="a new function",
|
|
1573
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1574
|
+
runtime="nodejs16",
|
|
1575
|
+
entry_point="helloHttp",
|
|
1576
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1577
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1578
|
+
bucket=bucket.name,
|
|
1579
|
+
object=object.name,
|
|
1580
|
+
),
|
|
1581
|
+
),
|
|
1582
|
+
worker_pool=pool.id,
|
|
915
1583
|
),
|
|
916
|
-
|
|
917
|
-
|
|
918
|
-
|
|
919
|
-
|
|
1584
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1585
|
+
max_instance_count=1,
|
|
1586
|
+
available_memory="256M",
|
|
1587
|
+
timeout_seconds=60,
|
|
1588
|
+
))
|
|
1589
|
+
```
|
|
1590
|
+
### Cloudfunctions2 Cmek Docs
|
|
1591
|
+
|
|
1592
|
+
```python
|
|
1593
|
+
import pulumi
|
|
1594
|
+
import pulumi_gcp as gcp
|
|
1595
|
+
|
|
1596
|
+
project = "my-project-name"
|
|
1597
|
+
project_get_project = gcp.organizations.get_project()
|
|
1598
|
+
bucket = gcp.storage.Bucket("bucket",
|
|
1599
|
+
name=f"{project}-gcf-source",
|
|
1600
|
+
location="US",
|
|
1601
|
+
uniform_bucket_level_access=True)
|
|
1602
|
+
object = gcp.storage.BucketObject("object",
|
|
1603
|
+
name="function-source.zip",
|
|
1604
|
+
bucket=bucket.name,
|
|
1605
|
+
source=pulumi.FileAsset("function-source.zip"))
|
|
1606
|
+
ea_sa = gcp.projects.ServiceIdentity("ea_sa",
|
|
1607
|
+
project=project_get_project.project_id,
|
|
1608
|
+
service="eventarc.googleapis.com")
|
|
1609
|
+
unencoded_ar_repo = gcp.artifactregistry.Repository("unencoded-ar-repo",
|
|
1610
|
+
repository_id="ar-repo",
|
|
1611
|
+
location="us-central1",
|
|
1612
|
+
format="DOCKER")
|
|
1613
|
+
encoded_ar_repo = gcp.artifactregistry.Repository("encoded-ar-repo",
|
|
1614
|
+
location="us-central1",
|
|
1615
|
+
repository_id="cmek-repo",
|
|
1616
|
+
format="DOCKER",
|
|
1617
|
+
kms_key_name="cmek-key")
|
|
1618
|
+
binding = gcp.artifactregistry.RepositoryIamBinding("binding",
|
|
1619
|
+
location=encoded_ar_repo.location,
|
|
1620
|
+
repository=encoded_ar_repo.name,
|
|
1621
|
+
role="roles/artifactregistry.admin",
|
|
1622
|
+
members=[f"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com"])
|
|
1623
|
+
gcf_cmek_keyuser = gcp.kms.CryptoKeyIAMBinding("gcf_cmek_keyuser",
|
|
1624
|
+
crypto_key_id="cmek-key",
|
|
1625
|
+
role="roles/cloudkms.cryptoKeyEncrypterDecrypter",
|
|
1626
|
+
members=[
|
|
1627
|
+
f"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com",
|
|
1628
|
+
f"serviceAccount:service-{project_get_project.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com",
|
|
1629
|
+
f"serviceAccount:service-{project_get_project.number}@gs-project-accounts.iam.gserviceaccount.com",
|
|
1630
|
+
f"serviceAccount:service-{project_get_project.number}@serverless-robot-prod.iam.gserviceaccount.com",
|
|
1631
|
+
ea_sa.email.apply(lambda email: f"serviceAccount:{email}"),
|
|
1632
|
+
])
|
|
1633
|
+
function = gcp.cloudfunctionsv2.Function("function",
|
|
1634
|
+
name="function-cmek",
|
|
1635
|
+
location="us-central1",
|
|
1636
|
+
description="CMEK function",
|
|
1637
|
+
kms_key_name="cmek-key",
|
|
1638
|
+
build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(
|
|
1639
|
+
runtime="nodejs16",
|
|
1640
|
+
entry_point="helloHttp",
|
|
1641
|
+
docker_repository=encoded_ar_repo.id,
|
|
1642
|
+
source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(
|
|
1643
|
+
storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(
|
|
1644
|
+
bucket=bucket.name,
|
|
1645
|
+
object=object.name,
|
|
1646
|
+
),
|
|
1647
|
+
),
|
|
1648
|
+
),
|
|
1649
|
+
service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(
|
|
1650
|
+
max_instance_count=1,
|
|
1651
|
+
available_memory="256M",
|
|
1652
|
+
timeout_seconds=60,
|
|
1653
|
+
))
|
|
920
1654
|
```
|
|
921
1655
|
|
|
922
1656
|
## Import
|