pulumi-gcp 7.36.0a1723105270__py3-none-any.whl → 7.36.0a1723631483__py3-none-any.whl

pulumi_gcp/notebooks/instance_iam_member.py

@@ -363,6 +363,25 @@ class InstanceIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Instance
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Instance. Each of these resources serves a different use case:
+
+        * `notebooks.InstanceIamPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.
+        * `notebooks.InstanceIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved.
+        * `notebooks.InstanceIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.InstanceIamPolicy`: Retrieves the IAM policy for the instance
+
+        > **Note:** `notebooks.InstanceIamPolicy` **cannot** be used in conjunction with `notebooks.InstanceIamBinding` and `notebooks.InstanceIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.InstanceIamBinding` resources **can be** used in conjunction with `notebooks.InstanceIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.InstanceIamPolicy
 
         ```python
@@ -535,6 +554,25 @@ class InstanceIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Instance
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Instance. Each of these resources serves a different use case:
+
+        * `notebooks.InstanceIamPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.
+        * `notebooks.InstanceIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved.
+        * `notebooks.InstanceIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.InstanceIamPolicy`: Retrieves the IAM policy for the instance
+
+        > **Note:** `notebooks.InstanceIamPolicy` **cannot** be used in conjunction with `notebooks.InstanceIamBinding` and `notebooks.InstanceIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.InstanceIamBinding` resources **can be** used in conjunction with `notebooks.InstanceIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.InstanceIamPolicy
 
         ```python

pulumi_gcp/notebooks/instance_iam_policy.py

@@ -260,6 +260,25 @@ class InstanceIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Instance
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Instance. Each of these resources serves a different use case:
+
+        * `notebooks.InstanceIamPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.
+        * `notebooks.InstanceIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved.
+        * `notebooks.InstanceIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.InstanceIamPolicy`: Retrieves the IAM policy for the instance
+
+        > **Note:** `notebooks.InstanceIamPolicy` **cannot** be used in conjunction with `notebooks.InstanceIamBinding` and `notebooks.InstanceIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.InstanceIamBinding` resources **can be** used in conjunction with `notebooks.InstanceIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.InstanceIamPolicy
 
         ```python
@@ -420,6 +439,25 @@ class InstanceIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Instance
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Instance. Each of these resources serves a different use case:
+
+        * `notebooks.InstanceIamPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.
+        * `notebooks.InstanceIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved.
+        * `notebooks.InstanceIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.InstanceIamPolicy`: Retrieves the IAM policy for the instance
+
+        > **Note:** `notebooks.InstanceIamPolicy` **cannot** be used in conjunction with `notebooks.InstanceIamBinding` and `notebooks.InstanceIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.InstanceIamBinding` resources **can be** used in conjunction with `notebooks.InstanceIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.InstanceIamPolicy
 
         ```python

pulumi_gcp/notebooks/runtime_iam_binding.py

@@ -363,6 +363,25 @@ class RuntimeIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Runtime
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Runtime. Each of these resources serves a different use case:
+
+        * `notebooks.RuntimeIamPolicy`: Authoritative. Sets the IAM policy for the runtime and replaces any existing policy already attached.
+        * `notebooks.RuntimeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtime are preserved.
+        * `notebooks.RuntimeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtime are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.RuntimeIamPolicy`: Retrieves the IAM policy for the runtime
+
+        > **Note:** `notebooks.RuntimeIamPolicy` **cannot** be used in conjunction with `notebooks.RuntimeIamBinding` and `notebooks.RuntimeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.RuntimeIamBinding` resources **can be** used in conjunction with `notebooks.RuntimeIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.RuntimeIamPolicy
 
         ```python
@@ -535,6 +554,25 @@ class RuntimeIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Runtime
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Runtime. Each of these resources serves a different use case:
+
+        * `notebooks.RuntimeIamPolicy`: Authoritative. Sets the IAM policy for the runtime and replaces any existing policy already attached.
+        * `notebooks.RuntimeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtime are preserved.
+        * `notebooks.RuntimeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtime are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.RuntimeIamPolicy`: Retrieves the IAM policy for the runtime
+
+        > **Note:** `notebooks.RuntimeIamPolicy` **cannot** be used in conjunction with `notebooks.RuntimeIamBinding` and `notebooks.RuntimeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.RuntimeIamBinding` resources **can be** used in conjunction with `notebooks.RuntimeIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.RuntimeIamPolicy
 
         ```python

pulumi_gcp/notebooks/runtime_iam_member.py

@@ -363,6 +363,25 @@ class RuntimeIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Runtime
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Runtime. Each of these resources serves a different use case:
+
+        * `notebooks.RuntimeIamPolicy`: Authoritative. Sets the IAM policy for the runtime and replaces any existing policy already attached.
+        * `notebooks.RuntimeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtime are preserved.
+        * `notebooks.RuntimeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtime are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.RuntimeIamPolicy`: Retrieves the IAM policy for the runtime
+
+        > **Note:** `notebooks.RuntimeIamPolicy` **cannot** be used in conjunction with `notebooks.RuntimeIamBinding` and `notebooks.RuntimeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.RuntimeIamBinding` resources **can be** used in conjunction with `notebooks.RuntimeIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.RuntimeIamPolicy
 
         ```python
@@ -535,6 +554,25 @@ class RuntimeIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Runtime
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Runtime. Each of these resources serves a different use case:
+
+        * `notebooks.RuntimeIamPolicy`: Authoritative. Sets the IAM policy for the runtime and replaces any existing policy already attached.
+        * `notebooks.RuntimeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtime are preserved.
+        * `notebooks.RuntimeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtime are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.RuntimeIamPolicy`: Retrieves the IAM policy for the runtime
+
+        > **Note:** `notebooks.RuntimeIamPolicy` **cannot** be used in conjunction with `notebooks.RuntimeIamBinding` and `notebooks.RuntimeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.RuntimeIamBinding` resources **can be** used in conjunction with `notebooks.RuntimeIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.RuntimeIamPolicy
 
         ```python

pulumi_gcp/notebooks/runtime_iam_policy.py

@@ -260,6 +260,25 @@ class RuntimeIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Runtime
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Runtime. Each of these resources serves a different use case:
+
+        * `notebooks.RuntimeIamPolicy`: Authoritative. Sets the IAM policy for the runtime and replaces any existing policy already attached.
+        * `notebooks.RuntimeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtime are preserved.
+        * `notebooks.RuntimeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtime are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.RuntimeIamPolicy`: Retrieves the IAM policy for the runtime
+
+        > **Note:** `notebooks.RuntimeIamPolicy` **cannot** be used in conjunction with `notebooks.RuntimeIamBinding` and `notebooks.RuntimeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.RuntimeIamBinding` resources **can be** used in conjunction with `notebooks.RuntimeIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.RuntimeIamPolicy
 
         ```python
@@ -420,6 +439,25 @@ class RuntimeIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud AI Notebooks Runtime
+        Three different resources help you manage your IAM policy for Cloud AI Notebooks Runtime. Each of these resources serves a different use case:
+
+        * `notebooks.RuntimeIamPolicy`: Authoritative. Sets the IAM policy for the runtime and replaces any existing policy already attached.
+        * `notebooks.RuntimeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the runtime are preserved.
+        * `notebooks.RuntimeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the runtime are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `notebooks.RuntimeIamPolicy`: Retrieves the IAM policy for the runtime
+
+        > **Note:** `notebooks.RuntimeIamPolicy` **cannot** be used in conjunction with `notebooks.RuntimeIamBinding` and `notebooks.RuntimeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `notebooks.RuntimeIamBinding` resources **can be** used in conjunction with `notebooks.RuntimeIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## notebooks.RuntimeIamPolicy
 
         ```python

pulumi_gcp/organizations/iam_member.py

@@ -356,53 +356,6 @@ class IAMMember(pulumi.CustomResource):
             ])
         ```
 
-        ## organizations.IAMPolicy
-
-        !> **Warning:** New organizations have several default policies which will,
-           without extreme caution, be **overwritten** by use of this resource.
-           The safest alternative is to use multiple `organizations.IAMBinding`
-           resources. This resource makes it easy to remove your own access to
-           an organization, which will require a call to Google Support to have
-           fixed, and can take multiple days to resolve.
-
-           In general, this resource should only be used with organizations
-           fully managed by this provider.I f you do use this resource,
-           the best way to be sure that you are not making dangerous changes is to start
-           by **importing** your existing policy, and examining the diff very closely.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
         ## organizations.IAMBinding
 
         > **Note:** If `role` is set to `roles/owner` and you don't specify a user or service account you have access to in `members`, you can lock yourself out of your organization.
@@ -669,53 +622,6 @@ class IAMMember(pulumi.CustomResource):
             ])
         ```
 
-        ## organizations.IAMPolicy
-
-        !> **Warning:** New organizations have several default policies which will,
-           without extreme caution, be **overwritten** by use of this resource.
-           The safest alternative is to use multiple `organizations.IAMBinding`
-           resources. This resource makes it easy to remove your own access to
-           an organization, which will require a call to Google Support to have
-           fixed, and can take multiple days to resolve.
-
-           In general, this resource should only be used with organizations
-           fully managed by this provider.I f you do use this resource,
-           the best way to be sure that you are not making dangerous changes is to start
-           by **importing** your existing policy, and examining the diff very closely.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
         ## organizations.IAMBinding
 
         > **Note:** If `role` is set to `roles/owner` and you don't specify a user or service account you have access to in `members`, you can lock yourself out of your organization.

pulumi_gcp/organizations/iam_policy.py

@@ -285,53 +285,6 @@ class IAMPolicy(pulumi.CustomResource):
             ])
         ```
 
-        ## organizations.IAMPolicy
-
-        !> **Warning:** New organizations have several default policies which will,
-           without extreme caution, be **overwritten** by use of this resource.
-           The safest alternative is to use multiple `organizations.IAMBinding`
-           resources. This resource makes it easy to remove your own access to
-           an organization, which will require a call to Google Support to have
-           fixed, and can take multiple days to resolve.
-
-           In general, this resource should only be used with organizations
-           fully managed by this provider.I f you do use this resource,
-           the best way to be sure that you are not making dangerous changes is to start
-           by **importing** your existing policy, and examining the diff very closely.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
         ## organizations.IAMBinding
 
         > **Note:** If `role` is set to `roles/owner` and you don't specify a user or service account you have access to in `members`, you can lock yourself out of your organization.
@@ -595,53 +548,6 @@ class IAMPolicy(pulumi.CustomResource):
             ])
         ```
 
-        ## organizations.IAMPolicy
-
-        !> **Warning:** New organizations have several default policies which will,
-           without extreme caution, be **overwritten** by use of this resource.
-           The safest alternative is to use multiple `organizations.IAMBinding`
-           resources. This resource makes it easy to remove your own access to
-           an organization, which will require a call to Google Support to have
-           fixed, and can take multiple days to resolve.
-
-           In general, this resource should only be used with organizations
-           fully managed by this provider.I f you do use this resource,
-           the best way to be sure that you are not making dangerous changes is to start
-           by **importing** your existing policy, and examining the diff very closely.
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        organization = gcp.organizations.IAMPolicy("organization",
-            org_id="1234567890",
-            policy_data=admin.policy_data)
-        ```
-
         ## organizations.IAMBinding
 
         > **Note:** If `role` is set to `roles/owner` and you don't specify a user or service account you have access to in `members`, you can lock yourself out of your organization.

pulumi_gcp/pubsub/schema_iam_binding.py

@@ -319,6 +319,25 @@ class SchemaIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud Pub/Sub Schema
+        Three different resources help you manage your IAM policy for Cloud Pub/Sub Schema. Each of these resources serves a different use case:
+
+        * `pubsub.SchemaIamPolicy`: Authoritative. Sets the IAM policy for the schema and replaces any existing policy already attached.
+        * `pubsub.SchemaIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the schema are preserved.
+        * `pubsub.SchemaIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the schema are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `pubsub.SchemaIamPolicy`: Retrieves the IAM policy for the schema
+
+        > **Note:** `pubsub.SchemaIamPolicy` **cannot** be used in conjunction with `pubsub.SchemaIamBinding` and `pubsub.SchemaIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `pubsub.SchemaIamBinding` resources **can be** used in conjunction with `pubsub.SchemaIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## pubsub.SchemaIamPolicy
 
         ```python
@@ -480,6 +499,25 @@ class SchemaIamBinding(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud Pub/Sub Schema
+        Three different resources help you manage your IAM policy for Cloud Pub/Sub Schema. Each of these resources serves a different use case:
+
+        * `pubsub.SchemaIamPolicy`: Authoritative. Sets the IAM policy for the schema and replaces any existing policy already attached.
+        * `pubsub.SchemaIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the schema are preserved.
+        * `pubsub.SchemaIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the schema are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `pubsub.SchemaIamPolicy`: Retrieves the IAM policy for the schema
+
+        > **Note:** `pubsub.SchemaIamPolicy` **cannot** be used in conjunction with `pubsub.SchemaIamBinding` and `pubsub.SchemaIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `pubsub.SchemaIamBinding` resources **can be** used in conjunction with `pubsub.SchemaIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## pubsub.SchemaIamPolicy
 
         ```python

pulumi_gcp/pubsub/schema_iam_member.py

@@ -319,6 +319,25 @@ class SchemaIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud Pub/Sub Schema
+        Three different resources help you manage your IAM policy for Cloud Pub/Sub Schema. Each of these resources serves a different use case:
+
+        * `pubsub.SchemaIamPolicy`: Authoritative. Sets the IAM policy for the schema and replaces any existing policy already attached.
+        * `pubsub.SchemaIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the schema are preserved.
+        * `pubsub.SchemaIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the schema are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `pubsub.SchemaIamPolicy`: Retrieves the IAM policy for the schema
+
+        > **Note:** `pubsub.SchemaIamPolicy` **cannot** be used in conjunction with `pubsub.SchemaIamBinding` and `pubsub.SchemaIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `pubsub.SchemaIamBinding` resources **can be** used in conjunction with `pubsub.SchemaIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## pubsub.SchemaIamPolicy
 
         ```python
@@ -480,6 +499,25 @@ class SchemaIamMember(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud Pub/Sub Schema
+        Three different resources help you manage your IAM policy for Cloud Pub/Sub Schema. Each of these resources serves a different use case:
+
+        * `pubsub.SchemaIamPolicy`: Authoritative. Sets the IAM policy for the schema and replaces any existing policy already attached.
+        * `pubsub.SchemaIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the schema are preserved.
+        * `pubsub.SchemaIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the schema are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `pubsub.SchemaIamPolicy`: Retrieves the IAM policy for the schema
+
+        > **Note:** `pubsub.SchemaIamPolicy` **cannot** be used in conjunction with `pubsub.SchemaIamBinding` and `pubsub.SchemaIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `pubsub.SchemaIamBinding` resources **can be** used in conjunction with `pubsub.SchemaIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## pubsub.SchemaIamPolicy
 
         ```python

pulumi_gcp/pubsub/schema_iam_policy.py

@@ -216,6 +216,25 @@ class SchemaIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud Pub/Sub Schema
+        Three different resources help you manage your IAM policy for Cloud Pub/Sub Schema. Each of these resources serves a different use case:
+
+        * `pubsub.SchemaIamPolicy`: Authoritative. Sets the IAM policy for the schema and replaces any existing policy already attached.
+        * `pubsub.SchemaIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the schema are preserved.
+        * `pubsub.SchemaIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the schema are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `pubsub.SchemaIamPolicy`: Retrieves the IAM policy for the schema
+
+        > **Note:** `pubsub.SchemaIamPolicy` **cannot** be used in conjunction with `pubsub.SchemaIamBinding` and `pubsub.SchemaIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `pubsub.SchemaIamBinding` resources **can be** used in conjunction with `pubsub.SchemaIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## pubsub.SchemaIamPolicy
 
         ```python
@@ -365,6 +384,25 @@ class SchemaIamPolicy(pulumi.CustomResource):
             member="user:jane@example.com")
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Cloud Pub/Sub Schema
+        Three different resources help you manage your IAM policy for Cloud Pub/Sub Schema. Each of these resources serves a different use case:
+
+        * `pubsub.SchemaIamPolicy`: Authoritative. Sets the IAM policy for the schema and replaces any existing policy already attached.
+        * `pubsub.SchemaIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the schema are preserved.
+        * `pubsub.SchemaIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the schema are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `pubsub.SchemaIamPolicy`: Retrieves the IAM policy for the schema
+
+        > **Note:** `pubsub.SchemaIamPolicy` **cannot** be used in conjunction with `pubsub.SchemaIamBinding` and `pubsub.SchemaIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `pubsub.SchemaIamBinding` resources **can be** used in conjunction with `pubsub.SchemaIamMember` resources **only if** they do not grant privilege to the same role.
+
         ## pubsub.SchemaIamPolicy
 
         ```python