pulumi-gcp 7.35.0a1722940030__py3-none-any.whl → 7.36.0__py3-none-any.whl

pulumi_gcp/folder/iam_audit_config.py

@@ -288,49 +288,6 @@ class IamAuditConfig(pulumi.CustomResource):
             ])
         ```
 
-        ## folder.IAMPolicy
-
-        !> **Be careful!** You can accidentally lock yourself out of your folder
-           using this resource. Deleting a `folder.IAMPolicy` removes access
-           from anyone without permissions on its parent folder/organization. Proceed with caution.
-           It's not recommended to use `folder.IAMPolicy` with your provider folder
-           to avoid locking yourself out, and it should generally only be used with folders
-           fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before
-           applying the change.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/compute.admin",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
         ## folder.IAMBinding
 
         ```python
@@ -583,49 +540,6 @@ class IamAuditConfig(pulumi.CustomResource):
             ])
         ```
 
-        ## folder.IAMPolicy
-
-        !> **Be careful!** You can accidentally lock yourself out of your folder
-           using this resource. Deleting a `folder.IAMPolicy` removes access
-           from anyone without permissions on its parent folder/organization. Proceed with caution.
-           It's not recommended to use `folder.IAMPolicy` with your provider folder
-           to avoid locking yourself out, and it should generally only be used with folders
-           fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before
-           applying the change.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/compute.admin",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
         ## folder.IAMBinding
 
         ```python

pulumi_gcp/folder/iam_member.py

@@ -353,49 +353,6 @@ class IAMMember(pulumi.CustomResource):
             ])
         ```
 
-        ## folder.IAMPolicy
-
-        !> **Be careful!** You can accidentally lock yourself out of your folder
-           using this resource. Deleting a `folder.IAMPolicy` removes access
-           from anyone without permissions on its parent folder/organization. Proceed with caution.
-           It's not recommended to use `folder.IAMPolicy` with your provider folder
-           to avoid locking yourself out, and it should generally only be used with folders
-           fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before
-           applying the change.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/compute.admin",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
         ## folder.IAMBinding
 
         ```python
@@ -657,49 +614,6 @@ class IAMMember(pulumi.CustomResource):
             ])
         ```
 
-        ## folder.IAMPolicy
-
-        !> **Be careful!** You can accidentally lock yourself out of your folder
-           using this resource. Deleting a `folder.IAMPolicy` removes access
-           from anyone without permissions on its parent folder/organization. Proceed with caution.
-           It's not recommended to use `folder.IAMPolicy` with your provider folder
-           to avoid locking yourself out, and it should generally only be used with folders
-           fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before
-           applying the change.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/compute.admin",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
         ## folder.IAMBinding
 
         ```python

pulumi_gcp/folder/iam_policy.py

@@ -282,49 +282,6 @@ class IAMPolicy(pulumi.CustomResource):
             ])
         ```
 
-        ## folder.IAMPolicy
-
-        !> **Be careful!** You can accidentally lock yourself out of your folder
-           using this resource. Deleting a `folder.IAMPolicy` removes access
-           from anyone without permissions on its parent folder/organization. Proceed with caution.
-           It's not recommended to use `folder.IAMPolicy` with your provider folder
-           to avoid locking yourself out, and it should generally only be used with folders
-           fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before
-           applying the change.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/compute.admin",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
         ## folder.IAMBinding
 
         ```python
@@ -583,49 +540,6 @@ class IAMPolicy(pulumi.CustomResource):
             ])
         ```
 
-        ## folder.IAMPolicy
-
-        !> **Be careful!** You can accidentally lock yourself out of your folder
-           using this resource. Deleting a `folder.IAMPolicy` removes access
-           from anyone without permissions on its parent folder/organization. Proceed with caution.
-           It's not recommended to use `folder.IAMPolicy` with your provider folder
-           to avoid locking yourself out, and it should generally only be used with folders
-           fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before
-           applying the change.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/compute.admin",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        folder = gcp.folder.IAMPolicy("folder",
-            folder="folders/1234567",
-            policy_data=admin.policy_data)
-        ```
-
         ## folder.IAMBinding
 
         ```python

pulumi_gcp/gkebackup/backup_plan_iam_binding.py

@@ -368,6 +368,25 @@ class BackupPlanIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE BackupPlan
+        Three different resources help you manage your IAM policy for Backup for GKE BackupPlan. Each of these resources serves a different use case:
+
+        * `gkebackup.BackupPlanIamPolicy`: Authoritative. Sets the IAM policy for the backupplan and replaces any existing policy already attached.
+        * `gkebackup.BackupPlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the backupplan are preserved.
+        * `gkebackup.BackupPlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the backupplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.BackupPlanIamPolicy`: Retrieves the IAM policy for the backupplan
+
+        > **Note:** `gkebackup.BackupPlanIamPolicy` **cannot** be used in conjunction with `gkebackup.BackupPlanIamBinding` and `gkebackup.BackupPlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.BackupPlanIamBinding` resources **can be** used in conjunction with `gkebackup.BackupPlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.BackupPlanIamPolicy
 
         ```python
@@ -541,6 +560,25 @@ class BackupPlanIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE BackupPlan
+        Three different resources help you manage your IAM policy for Backup for GKE BackupPlan. Each of these resources serves a different use case:
+
+        * `gkebackup.BackupPlanIamPolicy`: Authoritative. Sets the IAM policy for the backupplan and replaces any existing policy already attached.
+        * `gkebackup.BackupPlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the backupplan are preserved.
+        * `gkebackup.BackupPlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the backupplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.BackupPlanIamPolicy`: Retrieves the IAM policy for the backupplan
+
+        > **Note:** `gkebackup.BackupPlanIamPolicy` **cannot** be used in conjunction with `gkebackup.BackupPlanIamBinding` and `gkebackup.BackupPlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.BackupPlanIamBinding` resources **can be** used in conjunction with `gkebackup.BackupPlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.BackupPlanIamPolicy
 
         ```python

pulumi_gcp/gkebackup/backup_plan_iam_member.py

@@ -368,6 +368,25 @@ class BackupPlanIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE BackupPlan
+        Three different resources help you manage your IAM policy for Backup for GKE BackupPlan. Each of these resources serves a different use case:
+
+        * `gkebackup.BackupPlanIamPolicy`: Authoritative. Sets the IAM policy for the backupplan and replaces any existing policy already attached.
+        * `gkebackup.BackupPlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the backupplan are preserved.
+        * `gkebackup.BackupPlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the backupplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.BackupPlanIamPolicy`: Retrieves the IAM policy for the backupplan
+
+        > **Note:** `gkebackup.BackupPlanIamPolicy` **cannot** be used in conjunction with `gkebackup.BackupPlanIamBinding` and `gkebackup.BackupPlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.BackupPlanIamBinding` resources **can be** used in conjunction with `gkebackup.BackupPlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.BackupPlanIamPolicy
 
         ```python
@@ -541,6 +560,25 @@ class BackupPlanIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE BackupPlan
+        Three different resources help you manage your IAM policy for Backup for GKE BackupPlan. Each of these resources serves a different use case:
+
+        * `gkebackup.BackupPlanIamPolicy`: Authoritative. Sets the IAM policy for the backupplan and replaces any existing policy already attached.
+        * `gkebackup.BackupPlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the backupplan are preserved.
+        * `gkebackup.BackupPlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the backupplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.BackupPlanIamPolicy`: Retrieves the IAM policy for the backupplan
+
+        > **Note:** `gkebackup.BackupPlanIamPolicy` **cannot** be used in conjunction with `gkebackup.BackupPlanIamBinding` and `gkebackup.BackupPlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.BackupPlanIamBinding` resources **can be** used in conjunction with `gkebackup.BackupPlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.BackupPlanIamPolicy
 
         ```python

pulumi_gcp/gkebackup/backup_plan_iam_policy.py

@@ -265,6 +265,25 @@ class BackupPlanIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE BackupPlan
+        Three different resources help you manage your IAM policy for Backup for GKE BackupPlan. Each of these resources serves a different use case:
+
+        * `gkebackup.BackupPlanIamPolicy`: Authoritative. Sets the IAM policy for the backupplan and replaces any existing policy already attached.
+        * `gkebackup.BackupPlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the backupplan are preserved.
+        * `gkebackup.BackupPlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the backupplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.BackupPlanIamPolicy`: Retrieves the IAM policy for the backupplan
+
+        > **Note:** `gkebackup.BackupPlanIamPolicy` **cannot** be used in conjunction with `gkebackup.BackupPlanIamBinding` and `gkebackup.BackupPlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.BackupPlanIamBinding` resources **can be** used in conjunction with `gkebackup.BackupPlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.BackupPlanIamPolicy
 
         ```python
@@ -426,6 +445,25 @@ class BackupPlanIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE BackupPlan
+        Three different resources help you manage your IAM policy for Backup for GKE BackupPlan. Each of these resources serves a different use case:
+
+        * `gkebackup.BackupPlanIamPolicy`: Authoritative. Sets the IAM policy for the backupplan and replaces any existing policy already attached.
+        * `gkebackup.BackupPlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the backupplan are preserved.
+        * `gkebackup.BackupPlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the backupplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.BackupPlanIamPolicy`: Retrieves the IAM policy for the backupplan
+
+        > **Note:** `gkebackup.BackupPlanIamPolicy` **cannot** be used in conjunction with `gkebackup.BackupPlanIamBinding` and `gkebackup.BackupPlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.BackupPlanIamBinding` resources **can be** used in conjunction with `gkebackup.BackupPlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.BackupPlanIamPolicy
 
         ```python

pulumi_gcp/gkebackup/restore_plan_iam_binding.py

@@ -368,6 +368,25 @@ class RestorePlanIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE RestorePlan
+        Three different resources help you manage your IAM policy for Backup for GKE RestorePlan. Each of these resources serves a different use case:
+
+        * `gkebackup.RestorePlanIamPolicy`: Authoritative. Sets the IAM policy for the restoreplan and replaces any existing policy already attached.
+        * `gkebackup.RestorePlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the restoreplan are preserved.
+        * `gkebackup.RestorePlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the restoreplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.RestorePlanIamPolicy`: Retrieves the IAM policy for the restoreplan
+
+        > **Note:** `gkebackup.RestorePlanIamPolicy` **cannot** be used in conjunction with `gkebackup.RestorePlanIamBinding` and `gkebackup.RestorePlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.RestorePlanIamBinding` resources **can be** used in conjunction with `gkebackup.RestorePlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.RestorePlanIamPolicy
 
         ```python
@@ -541,6 +560,25 @@ class RestorePlanIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE RestorePlan
+        Three different resources help you manage your IAM policy for Backup for GKE RestorePlan. Each of these resources serves a different use case:
+
+        * `gkebackup.RestorePlanIamPolicy`: Authoritative. Sets the IAM policy for the restoreplan and replaces any existing policy already attached.
+        * `gkebackup.RestorePlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the restoreplan are preserved.
+        * `gkebackup.RestorePlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the restoreplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.RestorePlanIamPolicy`: Retrieves the IAM policy for the restoreplan
+
+        > **Note:** `gkebackup.RestorePlanIamPolicy` **cannot** be used in conjunction with `gkebackup.RestorePlanIamBinding` and `gkebackup.RestorePlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.RestorePlanIamBinding` resources **can be** used in conjunction with `gkebackup.RestorePlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.RestorePlanIamPolicy
 
         ```python

pulumi_gcp/gkebackup/restore_plan_iam_member.py

@@ -368,6 +368,25 @@ class RestorePlanIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE RestorePlan
+        Three different resources help you manage your IAM policy for Backup for GKE RestorePlan. Each of these resources serves a different use case:
+
+        * `gkebackup.RestorePlanIamPolicy`: Authoritative. Sets the IAM policy for the restoreplan and replaces any existing policy already attached.
+        * `gkebackup.RestorePlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the restoreplan are preserved.
+        * `gkebackup.RestorePlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the restoreplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.RestorePlanIamPolicy`: Retrieves the IAM policy for the restoreplan
+
+        > **Note:** `gkebackup.RestorePlanIamPolicy` **cannot** be used in conjunction with `gkebackup.RestorePlanIamBinding` and `gkebackup.RestorePlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.RestorePlanIamBinding` resources **can be** used in conjunction with `gkebackup.RestorePlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.RestorePlanIamPolicy
 
         ```python
@@ -541,6 +560,25 @@ class RestorePlanIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE RestorePlan
+        Three different resources help you manage your IAM policy for Backup for GKE RestorePlan. Each of these resources serves a different use case:
+
+        * `gkebackup.RestorePlanIamPolicy`: Authoritative. Sets the IAM policy for the restoreplan and replaces any existing policy already attached.
+        * `gkebackup.RestorePlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the restoreplan are preserved.
+        * `gkebackup.RestorePlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the restoreplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.RestorePlanIamPolicy`: Retrieves the IAM policy for the restoreplan
+
+        > **Note:** `gkebackup.RestorePlanIamPolicy` **cannot** be used in conjunction with `gkebackup.RestorePlanIamBinding` and `gkebackup.RestorePlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.RestorePlanIamBinding` resources **can be** used in conjunction with `gkebackup.RestorePlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.RestorePlanIamPolicy
 
         ```python

pulumi_gcp/gkebackup/restore_plan_iam_policy.py

@@ -265,6 +265,25 @@ class RestorePlanIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE RestorePlan
+        Three different resources help you manage your IAM policy for Backup for GKE RestorePlan. Each of these resources serves a different use case:
+
+        * `gkebackup.RestorePlanIamPolicy`: Authoritative. Sets the IAM policy for the restoreplan and replaces any existing policy already attached.
+        * `gkebackup.RestorePlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the restoreplan are preserved.
+        * `gkebackup.RestorePlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the restoreplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.RestorePlanIamPolicy`: Retrieves the IAM policy for the restoreplan
+
+        > **Note:** `gkebackup.RestorePlanIamPolicy` **cannot** be used in conjunction with `gkebackup.RestorePlanIamBinding` and `gkebackup.RestorePlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.RestorePlanIamBinding` resources **can be** used in conjunction with `gkebackup.RestorePlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.RestorePlanIamPolicy
 
         ```python
@@ -426,6 +445,25 @@ class RestorePlanIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Backup for GKE RestorePlan
+        Three different resources help you manage your IAM policy for Backup for GKE RestorePlan. Each of these resources serves a different use case:
+
+        * `gkebackup.RestorePlanIamPolicy`: Authoritative. Sets the IAM policy for the restoreplan and replaces any existing policy already attached.
+        * `gkebackup.RestorePlanIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the restoreplan are preserved.
+        * `gkebackup.RestorePlanIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the restoreplan are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkebackup.RestorePlanIamPolicy`: Retrieves the IAM policy for the restoreplan
+
+        > **Note:** `gkebackup.RestorePlanIamPolicy` **cannot** be used in conjunction with `gkebackup.RestorePlanIamBinding` and `gkebackup.RestorePlanIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkebackup.RestorePlanIamBinding` resources **can be** used in conjunction with `gkebackup.RestorePlanIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkebackup.RestorePlanIamPolicy
 
         ```python

pulumi_gcp/gkehub/feature_iam_binding.py

@@ -364,6 +364,25 @@ class FeatureIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for GKEHub Feature
+        Three different resources help you manage your IAM policy for GKEHub Feature. Each of these resources serves a different use case:
+
+        * `gkehub.FeatureIamPolicy`: Authoritative. Sets the IAM policy for the feature and replaces any existing policy already attached.
+        * `gkehub.FeatureIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the feature are preserved.
+        * `gkehub.FeatureIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the feature are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkehub.FeatureIamPolicy`: Retrieves the IAM policy for the feature
+
+        > **Note:** `gkehub.FeatureIamPolicy` **cannot** be used in conjunction with `gkehub.FeatureIamBinding` and `gkehub.FeatureIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkehub.FeatureIamBinding` resources **can be** used in conjunction with `gkehub.FeatureIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkehub.FeatureIamPolicy
 
         ```python
@@ -536,6 +555,25 @@ class FeatureIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for GKEHub Feature
+        Three different resources help you manage your IAM policy for GKEHub Feature. Each of these resources serves a different use case:
+
+        * `gkehub.FeatureIamPolicy`: Authoritative. Sets the IAM policy for the feature and replaces any existing policy already attached.
+        * `gkehub.FeatureIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the feature are preserved.
+        * `gkehub.FeatureIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the feature are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `gkehub.FeatureIamPolicy`: Retrieves the IAM policy for the feature
+
+        > **Note:** `gkehub.FeatureIamPolicy` **cannot** be used in conjunction with `gkehub.FeatureIamBinding` and `gkehub.FeatureIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `gkehub.FeatureIamBinding` resources **can be** used in conjunction with `gkehub.FeatureIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## gkehub.FeatureIamPolicy
 
         ```python