pulumi-gcp 7.21.0__py3-none-any.whl → 7.21.0a1714149635__py3-none-any.whl

pulumi_gcp/filestore/instance.py

@@ -25,7 +25,6 @@ class InstanceArgs:
                  location: Optional[pulumi.Input[str]] = None,
                  name: Optional[pulumi.Input[str]] = None,
                  project: Optional[pulumi.Input[str]] = None,
-                 protocol: Optional[pulumi.Input[str]] = None,
                  zone: Optional[pulumi.Input[str]] = None):
         """
         The set of arguments for constructing a Instance resource.
@@ -44,9 +43,6 @@ class InstanceArgs:
                resource.
         :param pulumi.Input[str] location: The name of the location of the instance. This can be a region for ENTERPRISE tier instances.
         :param pulumi.Input[str] name: The resource name of the instance.
-        :param pulumi.Input[str] protocol: Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-               protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-               "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
         :param pulumi.Input[str] zone: The name of the Filestore zone of the instance.
         """
         pulumi.set(__self__, "file_shares", file_shares)
@@ -64,8 +60,6 @@ class InstanceArgs:
             pulumi.set(__self__, "name", name)
         if project is not None:
             pulumi.set(__self__, "project", project)
-        if protocol is not None:
-            pulumi.set(__self__, "protocol", protocol)
         if zone is not None:
             warnings.warn("""`zone` is deprecated and will be removed in a future major release. Use `location` instead.""", DeprecationWarning)
             pulumi.log.warn("""zone is deprecated: `zone` is deprecated and will be removed in a future major release. Use `location` instead.""")
@@ -184,20 +178,6 @@ class InstanceArgs:
     def project(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "project", value)
 
-    @property
-    @pulumi.getter
-    def protocol(self) -> Optional[pulumi.Input[str]]:
-        """
-        Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-        protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-        "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
-        """
-        return pulumi.get(self, "protocol")
-
-    @protocol.setter
-    def protocol(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "protocol", value)
-
     @property
     @pulumi.getter
     def zone(self) -> Optional[pulumi.Input[str]]:
@@ -228,7 +208,6 @@ class _InstanceState:
                  name: Optional[pulumi.Input[str]] = None,
                  networks: Optional[pulumi.Input[Sequence[pulumi.Input['InstanceNetworkArgs']]]] = None,
                  project: Optional[pulumi.Input[str]] = None,
-                 protocol: Optional[pulumi.Input[str]] = None,
                  pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                  tier: Optional[pulumi.Input[str]] = None,
                  zone: Optional[pulumi.Input[str]] = None):
@@ -251,9 +230,6 @@ class _InstanceState:
         :param pulumi.Input[Sequence[pulumi.Input['InstanceNetworkArgs']]] networks: VPC networks to which the instance is connected. For this version,
                only a single network is supported.
                Structure is documented below.
-        :param pulumi.Input[str] protocol: Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-               protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-               "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource
                and default labels configured on the provider.
         :param pulumi.Input[str] tier: The service tier of the instance.
@@ -282,8 +258,6 @@ class _InstanceState:
             pulumi.set(__self__, "networks", networks)
         if project is not None:
             pulumi.set(__self__, "project", project)
-        if protocol is not None:
-            pulumi.set(__self__, "protocol", protocol)
         if pulumi_labels is not None:
             pulumi.set(__self__, "pulumi_labels", pulumi_labels)
         if tier is not None:
@@ -430,20 +404,6 @@ class _InstanceState:
     def project(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "project", value)
 
-    @property
-    @pulumi.getter
-    def protocol(self) -> Optional[pulumi.Input[str]]:
-        """
-        Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-        protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-        "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
-        """
-        return pulumi.get(self, "protocol")
-
-    @protocol.setter
-    def protocol(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "protocol", value)
-
     @property
     @pulumi.getter(name="pulumiLabels")
     def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]:
@@ -499,7 +459,6 @@ class Instance(pulumi.CustomResource):
                  name: Optional[pulumi.Input[str]] = None,
                  networks: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['InstanceNetworkArgs']]]]] = None,
                  project: Optional[pulumi.Input[str]] = None,
-                 protocol: Optional[pulumi.Input[str]] = None,
                  tier: Optional[pulumi.Input[str]] = None,
                  zone: Optional[pulumi.Input[str]] = None,
                  __props__=None):
@@ -569,26 +528,6 @@ class Instance(pulumi.CustomResource):
                 connect_mode="DIRECT_PEERING",
             )])
         ```
-        ### Filestore Instance Protocol
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        instance = gcp.filestore.Instance("instance",
-            name="test-instance",
-            location="us-central1",
-            tier="ENTERPRISE",
-            protocol="NFS_V4_1",
-            file_shares=gcp.filestore.InstanceFileSharesArgs(
-                capacity_gb=1024,
-                name="share1",
-            ),
-            networks=[gcp.filestore.InstanceNetworkArgs(
-                network="default",
-                modes=["MODE_IPV4"],
-            )])
-        ```
         ### Filestore Instance Enterprise
 
         ```python
@@ -655,9 +594,6 @@ class Instance(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['InstanceNetworkArgs']]]] networks: VPC networks to which the instance is connected. For this version,
                only a single network is supported.
                Structure is documented below.
-        :param pulumi.Input[str] protocol: Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-               protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-               "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
         :param pulumi.Input[str] tier: The service tier of the instance.
                Possible values include: STANDARD, PREMIUM, BASIC_HDD, BASIC_SSD, HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE
         :param pulumi.Input[str] zone: The name of the Filestore zone of the instance.
@@ -734,26 +670,6 @@ class Instance(pulumi.CustomResource):
                 connect_mode="DIRECT_PEERING",
             )])
         ```
-        ### Filestore Instance Protocol
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        instance = gcp.filestore.Instance("instance",
-            name="test-instance",
-            location="us-central1",
-            tier="ENTERPRISE",
-            protocol="NFS_V4_1",
-            file_shares=gcp.filestore.InstanceFileSharesArgs(
-                capacity_gb=1024,
-                name="share1",
-            ),
-            networks=[gcp.filestore.InstanceNetworkArgs(
-                network="default",
-                modes=["MODE_IPV4"],
-            )])
-        ```
         ### Filestore Instance Enterprise
 
         ```python
@@ -828,7 +744,6 @@ class Instance(pulumi.CustomResource):
                  name: Optional[pulumi.Input[str]] = None,
                  networks: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['InstanceNetworkArgs']]]]] = None,
                  project: Optional[pulumi.Input[str]] = None,
-                 protocol: Optional[pulumi.Input[str]] = None,
                  tier: Optional[pulumi.Input[str]] = None,
                  zone: Optional[pulumi.Input[str]] = None,
                  __props__=None):
@@ -852,7 +767,6 @@ class Instance(pulumi.CustomResource):
                 raise TypeError("Missing required property 'networks'")
             __props__.__dict__["networks"] = networks
             __props__.__dict__["project"] = project
-            __props__.__dict__["protocol"] = protocol
             if tier is None and not opts.urn:
                 raise TypeError("Missing required property 'tier'")
             __props__.__dict__["tier"] = tier
@@ -884,7 +798,6 @@ class Instance(pulumi.CustomResource):
             name: Optional[pulumi.Input[str]] = None,
             networks: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['InstanceNetworkArgs']]]]] = None,
             project: Optional[pulumi.Input[str]] = None,
-            protocol: Optional[pulumi.Input[str]] = None,
             pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
             tier: Optional[pulumi.Input[str]] = None,
             zone: Optional[pulumi.Input[str]] = None) -> 'Instance':
@@ -912,9 +825,6 @@ class Instance(pulumi.CustomResource):
         :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['InstanceNetworkArgs']]]] networks: VPC networks to which the instance is connected. For this version,
                only a single network is supported.
                Structure is documented below.
-        :param pulumi.Input[str] protocol: Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-               protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-               "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
         :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource
                and default labels configured on the provider.
         :param pulumi.Input[str] tier: The service tier of the instance.
@@ -936,7 +846,6 @@ class Instance(pulumi.CustomResource):
         __props__.__dict__["name"] = name
         __props__.__dict__["networks"] = networks
         __props__.__dict__["project"] = project
-        __props__.__dict__["protocol"] = protocol
         __props__.__dict__["pulumi_labels"] = pulumi_labels
         __props__.__dict__["tier"] = tier
         __props__.__dict__["zone"] = zone
@@ -1034,16 +943,6 @@ class Instance(pulumi.CustomResource):
     def project(self) -> pulumi.Output[str]:
         return pulumi.get(self, "project")
 
-    @property
-    @pulumi.getter
-    def protocol(self) -> pulumi.Output[Optional[str]]:
-        """
-        Either NFSv3, for using NFS version 3 as file sharing protocol, or NFSv4.1, for using NFS version 4.1 as file sharing
-        protocol. NFSv4.1 can be used with HIGH_SCALE_SSD, ZONAL, REGIONAL and ENTERPRISE. The default is NFSv3. Default value:
-        "NFS_V3" Possible values: ["NFS_V3", "NFS_V4_1"]
-        """
-        return pulumi.get(self, "protocol")
-
     @property
     @pulumi.getter(name="pulumiLabels")
     def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]:

pulumi_gcp/firebase/_inputs.py

@@ -1385,13 +1385,11 @@ class HostingVersionConfigRewriteArgs:
     def __init__(__self__, *,
                  function: Optional[pulumi.Input[str]] = None,
                  glob: Optional[pulumi.Input[str]] = None,
-                 path: Optional[pulumi.Input[str]] = None,
                  regex: Optional[pulumi.Input[str]] = None,
                  run: Optional[pulumi.Input['HostingVersionConfigRewriteRunArgs']] = None):
         """
         :param pulumi.Input[str] function: The function to proxy requests to. Must match the exported function name exactly.
         :param pulumi.Input[str] glob: The user-supplied glob to match against the request URL path.
-        :param pulumi.Input[str] path: The URL path to rewrite the request to.
         :param pulumi.Input[str] regex: The user-supplied RE2 regular expression to match against the request URL path.
         :param pulumi.Input['HostingVersionConfigRewriteRunArgs'] run: The request will be forwarded to Cloud Run.
                Structure is documented below.
@@ -1400,8 +1398,6 @@ class HostingVersionConfigRewriteArgs:
             pulumi.set(__self__, "function", function)
         if glob is not None:
             pulumi.set(__self__, "glob", glob)
-        if path is not None:
-            pulumi.set(__self__, "path", path)
         if regex is not None:
             pulumi.set(__self__, "regex", regex)
         if run is not None:
@@ -1431,18 +1427,6 @@ class HostingVersionConfigRewriteArgs:
     def glob(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "glob", value)
 
-    @property
-    @pulumi.getter
-    def path(self) -> Optional[pulumi.Input[str]]:
-        """
-        The URL path to rewrite the request to.
-        """
-        return pulumi.get(self, "path")
-
-    @path.setter
-    def path(self, value: Optional[pulumi.Input[str]]):
-        pulumi.set(self, "path", value)
-
     @property
     @pulumi.getter
     def regex(self) -> Optional[pulumi.Input[str]]:

pulumi_gcp/firebase/android_app.py

@@ -32,6 +32,9 @@ class AndroidAppArgs:
         :param pulumi.Input[str] api_key_id: The globally unique, Google-assigned identifier (UID) for the Firebase API key associated with the AndroidApp.
                If apiKeyId is not set during creation, then Firebase automatically associates an apiKeyId with the AndroidApp.
                This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned.
+        :param pulumi.Input[str] deletion_policy: (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+               'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+               AndroidApp. Defaults to 'DELETE'.
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] sha1_hashes: The SHA1 certificate hashes for the AndroidApp.
@@ -95,6 +98,11 @@ class AndroidAppArgs:
     @property
     @pulumi.getter(name="deletionPolicy")
     def deletion_policy(self) -> Optional[pulumi.Input[str]]:
+        """
+        (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+        'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+        AndroidApp. Defaults to 'DELETE'.
+        """
         return pulumi.get(self, "deletion_policy")
 
     @deletion_policy.setter
@@ -159,6 +167,9 @@ class _AndroidAppState:
                This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned.
         :param pulumi.Input[str] app_id: The globally unique, Firebase-assigned identifier of the AndroidApp.
                This identifier should be treated as an opaque token, as the data format is not specified.
+        :param pulumi.Input[str] deletion_policy: (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+               'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+               AndroidApp. Defaults to 'DELETE'.
         :param pulumi.Input[str] display_name: The user-assigned display name of the AndroidApp.
         :param pulumi.Input[str] etag: This checksum is computed by the server based on the value of other fields, and it may be sent
                with update requests to ensure the client has an up-to-date value before proceeding.
@@ -225,6 +236,11 @@ class _AndroidAppState:
     @property
     @pulumi.getter(name="deletionPolicy")
     def deletion_policy(self) -> Optional[pulumi.Input[str]]:
+        """
+        (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+        'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+        AndroidApp. Defaults to 'DELETE'.
+        """
         return pulumi.get(self, "deletion_policy")
 
     @deletion_policy.setter
@@ -420,6 +436,9 @@ class AndroidApp(pulumi.CustomResource):
         :param pulumi.Input[str] api_key_id: The globally unique, Google-assigned identifier (UID) for the Firebase API key associated with the AndroidApp.
                If apiKeyId is not set during creation, then Firebase automatically associates an apiKeyId with the AndroidApp.
                This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned.
+        :param pulumi.Input[str] deletion_policy: (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+               'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+               AndroidApp. Defaults to 'DELETE'.
         :param pulumi.Input[str] display_name: The user-assigned display name of the AndroidApp.
         :param pulumi.Input[str] package_name: The canonical package name of the Android app as would appear in the Google Play
                Developer Console.
@@ -593,6 +612,9 @@ class AndroidApp(pulumi.CustomResource):
                This auto-associated key may be an existing valid key or, if no valid key exists, a new one will be provisioned.
         :param pulumi.Input[str] app_id: The globally unique, Firebase-assigned identifier of the AndroidApp.
                This identifier should be treated as an opaque token, as the data format is not specified.
+        :param pulumi.Input[str] deletion_policy: (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+               'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+               AndroidApp. Defaults to 'DELETE'.
         :param pulumi.Input[str] display_name: The user-assigned display name of the AndroidApp.
         :param pulumi.Input[str] etag: This checksum is computed by the server based on the value of other fields, and it may be sent
                with update requests to ensure the client has an up-to-date value before proceeding.
@@ -646,6 +668,11 @@ class AndroidApp(pulumi.CustomResource):
     @property
     @pulumi.getter(name="deletionPolicy")
     def deletion_policy(self) -> pulumi.Output[Optional[str]]:
+        """
+        (Optional) Set to 'ABANDON' to allow the AndroidApp to be untracked from terraform state rather than deleted upon
+        'terraform destroy'. This is useful because the AndroidApp may be serving traffic. Set to 'DELETE' to delete the
+        AndroidApp. Defaults to 'DELETE'.
+        """
         return pulumi.get(self, "deletion_policy")
 
     @property

pulumi_gcp/firebase/app_check_play_integrity_config.py

@@ -194,11 +194,6 @@ class AppCheckPlayIntegrityConfig(pulumi.CustomResource):
         import pulumi_gcp as gcp
         import pulumi_time as time
 
-        # Enables the Play Integrity API
-        play_integrity = gcp.projects.Service("play_integrity",
-            project="my-project-name",
-            service="playintegrity.googleapis.com",
-            disable_on_destroy=False)
         default = gcp.firebase.AndroidApp("default",
             project="my-project-name",
             display_name="Play Integrity app",
@@ -219,11 +214,6 @@ class AppCheckPlayIntegrityConfig(pulumi.CustomResource):
         import pulumi_gcp as gcp
         import pulumi_time as time
 
-        # Enables the Play Integrity API
-        play_integrity = gcp.projects.Service("play_integrity",
-            project="my-project-name",
-            service="playintegrity.googleapis.com",
-            disable_on_destroy=False)
         default = gcp.firebase.AndroidApp("default",
             project="my-project-name",
             display_name="Play Integrity app",
@@ -301,11 +291,6 @@ class AppCheckPlayIntegrityConfig(pulumi.CustomResource):
         import pulumi_gcp as gcp
         import pulumi_time as time
 
-        # Enables the Play Integrity API
-        play_integrity = gcp.projects.Service("play_integrity",
-            project="my-project-name",
-            service="playintegrity.googleapis.com",
-            disable_on_destroy=False)
         default = gcp.firebase.AndroidApp("default",
             project="my-project-name",
             display_name="Play Integrity app",
@@ -326,11 +311,6 @@ class AppCheckPlayIntegrityConfig(pulumi.CustomResource):
         import pulumi_gcp as gcp
         import pulumi_time as time
 
-        # Enables the Play Integrity API
-        play_integrity = gcp.projects.Service("play_integrity",
-            project="my-project-name",
-            service="playintegrity.googleapis.com",
-            disable_on_destroy=False)
         default = gcp.firebase.AndroidApp("default",
             project="my-project-name",
             display_name="Play Integrity app",

pulumi_gcp/firebase/app_check_recaptcha_enterprise_config.py

@@ -229,11 +229,6 @@ class AppCheckRecaptchaEnterpriseConfig(pulumi.CustomResource):
         import pulumi_gcp as gcp
         import pulumi_time as time
 
-        # Enables the reCAPTCHA Enterprise API
-        recaptcha_enterprise = gcp.projects.Service("recaptcha_enterprise",
-            project="my-project-name",
-            service="recaptchaenterprise.googleapis.com",
-            disable_on_destroy=False)
         default = gcp.firebase.WebApp("default",
             project="my-project-name",
             display_name="Web App for reCAPTCHA Enterprise")
@@ -310,11 +305,6 @@ class AppCheckRecaptchaEnterpriseConfig(pulumi.CustomResource):
         import pulumi_gcp as gcp
         import pulumi_time as time
 
-        # Enables the reCAPTCHA Enterprise API
-        recaptcha_enterprise = gcp.projects.Service("recaptcha_enterprise",
-            project="my-project-name",
-            service="recaptchaenterprise.googleapis.com",
-            disable_on_destroy=False)
         default = gcp.firebase.WebApp("default",
             project="my-project-name",
             display_name="Web App for reCAPTCHA Enterprise")

pulumi_gcp/firebase/app_check_service_config.py

@@ -27,6 +27,23 @@ class AppCheckServiceConfigArgs:
                
                
                - - -
+        :param pulumi.Input[str] enforcement_mode: The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+               enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+               mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+               mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+               enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+               are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+               Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+               Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+               if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+               services will still allow requests bearing the developer's privileged service account credentials without an App Check
+               token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+               the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+               authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+               service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+               to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+               Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+               there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         """
@@ -58,6 +75,25 @@ class AppCheckServiceConfigArgs:
     @property
     @pulumi.getter(name="enforcementMode")
     def enforcement_mode(self) -> Optional[pulumi.Input[str]]:
+        """
+        The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+        enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+        mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+        mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+        enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+        are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+        Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+        Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+        if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+        services will still allow requests bearing the developer's privileged service account credentials without an App Check
+        token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+        the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+        authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+        service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+        to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+        Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+        there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
+        """
         return pulumi.get(self, "enforcement_mode")
 
     @enforcement_mode.setter
@@ -87,6 +123,23 @@ class _AppCheckServiceConfigState:
                  service_id: Optional[pulumi.Input[str]] = None):
         """
         Input properties used for looking up and filtering AppCheckServiceConfig resources.
+        :param pulumi.Input[str] enforcement_mode: The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+               enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+               mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+               mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+               enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+               are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+               Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+               Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+               if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+               services will still allow requests bearing the developer's privileged service account credentials without an App Check
+               token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+               the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+               authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+               service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+               to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+               Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+               there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
         :param pulumi.Input[str] name: The fully-qualified resource name of the service enforcement configuration.
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
@@ -111,6 +164,25 @@ class _AppCheckServiceConfigState:
     @property
     @pulumi.getter(name="enforcementMode")
     def enforcement_mode(self) -> Optional[pulumi.Input[str]]:
+        """
+        The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+        enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+        mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+        mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+        enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+        are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+        Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+        Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+        if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+        services will still allow requests bearing the developer's privileged service account credentials without an App Check
+        token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+        the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+        authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+        service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+        to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+        Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+        there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
+        """
         return pulumi.get(self, "enforcement_mode")
 
     @enforcement_mode.setter
@@ -253,6 +325,23 @@ class AppCheckServiceConfig(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[str] enforcement_mode: The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+               enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+               mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+               mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+               enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+               are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+               Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+               Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+               if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+               services will still allow requests bearing the developer's privileged service account credentials without an App Check
+               token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+               the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+               authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+               service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+               to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+               Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+               there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[str] service_id: The identifier of the service to configure enforcement. Currently, the following service IDs are supported:
@@ -404,6 +493,23 @@ class AppCheckServiceConfig(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[str] enforcement_mode: The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+               enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+               mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+               mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+               enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+               are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+               Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+               Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+               if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+               services will still allow requests bearing the developer's privileged service account credentials without an App Check
+               token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+               the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+               authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+               service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+               to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+               Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+               there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
         :param pulumi.Input[str] name: The fully-qualified resource name of the service enforcement configuration.
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
@@ -429,6 +535,25 @@ class AppCheckServiceConfig(pulumi.CustomResource):
     @property
     @pulumi.getter(name="enforcementMode")
     def enforcement_mode(self) -> pulumi.Output[Optional[str]]:
+        """
+        The App Check enforcement mode for a service supported by App Check. Valid values are (Unset) Firebase App Check is not
+        enforced for the service, nor are App Check metrics collected. Though the service is not protected by App Check in this
+        mode, other applicable protections, such as user authorization, are still enforced. An unconfigured service is in this
+        mode by default. This is equivalent to OFF in the REST API. Deleting the Terraform resource will also switch the
+        enforcement to OFF for this service. UNENFORCED Firebase App Check is not enforced for the service. App Check metrics
+        are collected to help you decide when to turn on enforcement for the service. Though the service is not protected by App
+        Check in this mode, other applicable protections, such as user authorization, are still enforced. ENFORCED Firebase App
+        Check is enforced for the service. The service will reject any request that attempts to access your project's resources
+        if it does not have valid App Check token attached, with some exceptions depending on the service; for example, some
+        services will still allow requests bearing the developer's privileged service account credentials without an App Check
+        token. App Check metrics continue to be collected to help you detect issues with your App Check integration and monitor
+        the composition of your callers. While the service is protected by App Check, other applicable protections, such as user
+        authorization, continue to be enforced at the same time. Use caution when choosing to enforce App Check on a Firebase
+        service. If your users have not updated to an App Check capable version of your app, their apps will no longer be able
+        to use your Firebase services that are enforcing App Check. App Check metrics can help you decide whether to enforce App
+        Check on your Firebase services. If your app has not launched yet, you should enable enforcement immediately, since
+        there are no outdated clients in use. Possible values: ["UNENFORCED", "ENFORCED"]
+        """
         return pulumi.get(self, "enforcement_mode")
 
     @property