pulumi-gcp 7.36.0a1723631483__py3-none-any.whl → 7.37.0a1723638212__py3-none-any.whl

pulumi_gcp/accesscontextmanager/service_perimeter_egress_policy.py

@@ -163,6 +163,7 @@ class ServicePerimeterEgressPolicy(pulumi.CustomResource):
                  perimeter: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
+        Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter.
         EgressPolicies match requests based on egressFrom and egressTo stanzas.
         For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched.
         If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter
@@ -181,18 +182,6 @@ class ServicePerimeterEgressPolicy(pulumi.CustomResource):
 
         ## Example Usage
 
-        ## Import
-
-        ServicePerimeterEgressPolicy can be imported using any of these accepted formats:
-
-        * `{{perimeter}}`
-
-        When using the `pulumi import` command, ServicePerimeterEgressPolicy can be imported using one of the formats above. For example:
-
-        ```sh
-        $ pulumi import gcp:accesscontextmanager/servicePerimeterEgressPolicy:ServicePerimeterEgressPolicy default {{perimeter}}
-        ```
-
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Union['ServicePerimeterEgressPolicyEgressFromArgs', 'ServicePerimeterEgressPolicyEgressFromArgsDict']] egress_from: Defines conditions on the source of a request causing this `EgressPolicy` to apply.
@@ -212,6 +201,7 @@ class ServicePerimeterEgressPolicy(pulumi.CustomResource):
                  args: ServicePerimeterEgressPolicyArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        Manage a single EgressPolicy in the status (enforced) configuration for a service perimeter.
         EgressPolicies match requests based on egressFrom and egressTo stanzas.
         For an EgressPolicy to match, both egressFrom and egressTo stanzas must be matched.
         If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter
@@ -230,18 +220,6 @@ class ServicePerimeterEgressPolicy(pulumi.CustomResource):
 
         ## Example Usage
 
-        ## Import
-
-        ServicePerimeterEgressPolicy can be imported using any of these accepted formats:
-
-        * `{{perimeter}}`
-
-        When using the `pulumi import` command, ServicePerimeterEgressPolicy can be imported using one of the formats above. For example:
-
-        ```sh
-        $ pulumi import gcp:accesscontextmanager/servicePerimeterEgressPolicy:ServicePerimeterEgressPolicy default {{perimeter}}
-        ```
-
         :param str resource_name: The name of the resource.
         :param ServicePerimeterEgressPolicyArgs args: The arguments to use to populate this resource's properties.
         :param pulumi.ResourceOptions opts: Options for the resource.

pulumi_gcp/accesscontextmanager/service_perimeter_ingress_policy.py

@@ -167,6 +167,7 @@ class ServicePerimeterIngressPolicy(pulumi.CustomResource):
                  perimeter: Optional[pulumi.Input[str]] = None,
                  __props__=None):
         """
+        Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter.
         IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match,
         both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request,
         the request is allowed through the perimeter boundary from outside the perimeter.
@@ -186,18 +187,6 @@ class ServicePerimeterIngressPolicy(pulumi.CustomResource):
 
         ## Example Usage
 
-        ## Import
-
-        ServicePerimeterIngressPolicy can be imported using any of these accepted formats:
-
-        * `{{perimeter}}`
-
-        When using the `pulumi import` command, ServicePerimeterIngressPolicy can be imported using one of the formats above. For example:
-
-        ```sh
-        $ pulumi import gcp:accesscontextmanager/servicePerimeterIngressPolicy:ServicePerimeterIngressPolicy default {{perimeter}}
-        ```
-
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Union['ServicePerimeterIngressPolicyIngressFromArgs', 'ServicePerimeterIngressPolicyIngressFromArgsDict']] ingress_from: Defines the conditions on the source of a request causing this `IngressPolicy`
@@ -218,6 +207,7 @@ class ServicePerimeterIngressPolicy(pulumi.CustomResource):
                  args: ServicePerimeterIngressPolicyArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        Manage a single IngressPolicy in the status (enforced) configuration for a service perimeter.
         IngressPolicies match requests based on ingressFrom and ingressTo stanzas. For an ingress policy to match,
         both the ingressFrom and ingressTo stanzas must be matched. If an IngressPolicy matches a request,
         the request is allowed through the perimeter boundary from outside the perimeter.
@@ -237,18 +227,6 @@ class ServicePerimeterIngressPolicy(pulumi.CustomResource):
 
         ## Example Usage
 
-        ## Import
-
-        ServicePerimeterIngressPolicy can be imported using any of these accepted formats:
-
-        * `{{perimeter}}`
-
-        When using the `pulumi import` command, ServicePerimeterIngressPolicy can be imported using one of the formats above. For example:
-
-        ```sh
-        $ pulumi import gcp:accesscontextmanager/servicePerimeterIngressPolicy:ServicePerimeterIngressPolicy default {{perimeter}}
-        ```
-
         :param str resource_name: The name of the resource.
         :param ServicePerimeterIngressPolicyArgs args: The arguments to use to populate this resource's properties.
         :param pulumi.ResourceOptions opts: Options for the resource.

pulumi_gcp/applicationintegration/client.py

@@ -366,7 +366,7 @@ class Client(pulumi.CustomResource):
             rotation_period="7776000s")
         test_key = gcp.kms.CryptoKeyVersion("test_key", crypto_key=cryptokey.id)
         service_account = gcp.serviceaccount.Account("service_account",
-            account_id="service-account-id",
+            account_id="my-service-acc",
             display_name="Service Account")
         example = gcp.applicationintegration.Client("example",
             location="us-east1",
@@ -468,7 +468,7 @@ class Client(pulumi.CustomResource):
             rotation_period="7776000s")
         test_key = gcp.kms.CryptoKeyVersion("test_key", crypto_key=cryptokey.id)
         service_account = gcp.serviceaccount.Account("service_account",
-            account_id="service-account-id",
+            account_id="my-service-acc",
             display_name="Service Account")
         example = gcp.applicationintegration.Client("example",
             location="us-east1",

pulumi_gcp/clouddeploy/_inputs.py

@@ -2627,6 +2627,10 @@ if not MYPY:
         """
         Optional. If true, `cluster` is accessed using the private IP address of the control plane endpoint. Otherwise, the default IP address of the control plane endpoint is used. The default IP address is the private IP address for clusters with private control-plane endpoints and the public IP address otherwise. Only specify this option when `cluster` is a [private GKE cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept).
         """
+        proxy_url: NotRequired[pulumi.Input[str]]
+        """
+        Optional. If set, used to configure a [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) to the Kubernetes server.
+        """
 elif False:
     TargetGkeArgsDict: TypeAlias = Mapping[str, Any]
 
@@ -2634,15 +2638,19 @@ elif False:
 class TargetGkeArgs:
     def __init__(__self__, *,
                  cluster: Optional[pulumi.Input[str]] = None,
-                 internal_ip: Optional[pulumi.Input[bool]] = None):
+                 internal_ip: Optional[pulumi.Input[bool]] = None,
+                 proxy_url: Optional[pulumi.Input[str]] = None):
         """
         :param pulumi.Input[str] cluster: Information specifying a GKE Cluster. Format is `projects/{project_id}/locations/{location_id}/clusters/{cluster_id}.
         :param pulumi.Input[bool] internal_ip: Optional. If true, `cluster` is accessed using the private IP address of the control plane endpoint. Otherwise, the default IP address of the control plane endpoint is used. The default IP address is the private IP address for clusters with private control-plane endpoints and the public IP address otherwise. Only specify this option when `cluster` is a [private GKE cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept).
+        :param pulumi.Input[str] proxy_url: Optional. If set, used to configure a [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) to the Kubernetes server.
         """
         if cluster is not None:
             pulumi.set(__self__, "cluster", cluster)
         if internal_ip is not None:
             pulumi.set(__self__, "internal_ip", internal_ip)
+        if proxy_url is not None:
+            pulumi.set(__self__, "proxy_url", proxy_url)
 
     @property
     @pulumi.getter
@@ -2668,6 +2676,18 @@ class TargetGkeArgs:
     def internal_ip(self, value: Optional[pulumi.Input[bool]]):
         pulumi.set(self, "internal_ip", value)
 
+    @property
+    @pulumi.getter(name="proxyUrl")
+    def proxy_url(self) -> Optional[pulumi.Input[str]]:
+        """
+        Optional. If set, used to configure a [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) to the Kubernetes server.
+        """
+        return pulumi.get(self, "proxy_url")
+
+    @proxy_url.setter
+    def proxy_url(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "proxy_url", value)
+
 
 if not MYPY:
     class TargetIamBindingConditionArgsDict(TypedDict):

pulumi_gcp/clouddeploy/outputs.py

@@ -1954,6 +1954,8 @@ class TargetGke(dict):
         suggest = None
         if key == "internalIp":
             suggest = "internal_ip"
+        elif key == "proxyUrl":
+            suggest = "proxy_url"
 
         if suggest:
             pulumi.log.warn(f"Key '{key}' not found in TargetGke. Access the value via the '{suggest}' property getter instead.")
@@ -1968,15 +1970,19 @@ class TargetGke(dict):
 
     def __init__(__self__, *,
                  cluster: Optional[str] = None,
-                 internal_ip: Optional[bool] = None):
+                 internal_ip: Optional[bool] = None,
+                 proxy_url: Optional[str] = None):
         """
         :param str cluster: Information specifying a GKE Cluster. Format is `projects/{project_id}/locations/{location_id}/clusters/{cluster_id}.
         :param bool internal_ip: Optional. If true, `cluster` is accessed using the private IP address of the control plane endpoint. Otherwise, the default IP address of the control plane endpoint is used. The default IP address is the private IP address for clusters with private control-plane endpoints and the public IP address otherwise. Only specify this option when `cluster` is a [private GKE cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept).
+        :param str proxy_url: Optional. If set, used to configure a [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) to the Kubernetes server.
         """
         if cluster is not None:
             pulumi.set(__self__, "cluster", cluster)
         if internal_ip is not None:
             pulumi.set(__self__, "internal_ip", internal_ip)
+        if proxy_url is not None:
+            pulumi.set(__self__, "proxy_url", proxy_url)
 
     @property
     @pulumi.getter
@@ -1994,6 +2000,14 @@ class TargetGke(dict):
         """
         return pulumi.get(self, "internal_ip")
 
+    @property
+    @pulumi.getter(name="proxyUrl")
+    def proxy_url(self) -> Optional[str]:
+        """
+        Optional. If set, used to configure a [proxy](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#proxy) to the Kubernetes server.
+        """
+        return pulumi.get(self, "proxy_url")
+
 
 @pulumi.output_type
 class TargetIamBindingCondition(dict):

pulumi_gcp/cloudrunv2/_inputs.py

@@ -145,6 +145,10 @@ if not MYPY:
         """
         If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
         """
+        policy: NotRequired[pulumi.Input[str]]
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
         use_default: NotRequired[pulumi.Input[bool]]
         """
         If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
@@ -156,13 +160,17 @@ elif False:
 class JobBinaryAuthorizationArgs:
     def __init__(__self__, *,
                  breakglass_justification: Optional[pulumi.Input[str]] = None,
+                 policy: Optional[pulumi.Input[str]] = None,
                  use_default: Optional[pulumi.Input[bool]] = None):
         """
         :param pulumi.Input[str] breakglass_justification: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
+        :param pulumi.Input[str] policy: The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
         :param pulumi.Input[bool] use_default: If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
         """
         if breakglass_justification is not None:
             pulumi.set(__self__, "breakglass_justification", breakglass_justification)
+        if policy is not None:
+            pulumi.set(__self__, "policy", policy)
         if use_default is not None:
             pulumi.set(__self__, "use_default", use_default)
 
@@ -178,6 +186,18 @@ class JobBinaryAuthorizationArgs:
     def breakglass_justification(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "breakglass_justification", value)
 
+    @property
+    @pulumi.getter
+    def policy(self) -> Optional[pulumi.Input[str]]:
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
+        return pulumi.get(self, "policy")
+
+    @policy.setter
+    def policy(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "policy", value)
+
     @property
     @pulumi.getter(name="useDefault")
     def use_default(self) -> Optional[pulumi.Input[bool]]:
@@ -2264,6 +2284,10 @@ if not MYPY:
         """
         If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
         """
+        policy: NotRequired[pulumi.Input[str]]
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
         use_default: NotRequired[pulumi.Input[bool]]
         """
         If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
@@ -2275,13 +2299,17 @@ elif False:
 class ServiceBinaryAuthorizationArgs:
     def __init__(__self__, *,
                  breakglass_justification: Optional[pulumi.Input[str]] = None,
+                 policy: Optional[pulumi.Input[str]] = None,
                  use_default: Optional[pulumi.Input[bool]] = None):
         """
         :param pulumi.Input[str] breakglass_justification: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
+        :param pulumi.Input[str] policy: The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
         :param pulumi.Input[bool] use_default: If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
         """
         if breakglass_justification is not None:
             pulumi.set(__self__, "breakglass_justification", breakglass_justification)
+        if policy is not None:
+            pulumi.set(__self__, "policy", policy)
         if use_default is not None:
             pulumi.set(__self__, "use_default", use_default)
 
@@ -2297,6 +2325,18 @@ class ServiceBinaryAuthorizationArgs:
     def breakglass_justification(self, value: Optional[pulumi.Input[str]]):
         pulumi.set(self, "breakglass_justification", value)
 
+    @property
+    @pulumi.getter
+    def policy(self) -> Optional[pulumi.Input[str]]:
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
+        return pulumi.get(self, "policy")
+
+    @policy.setter
+    def policy(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "policy", value)
+
     @property
     @pulumi.getter(name="useDefault")
     def use_default(self) -> Optional[pulumi.Input[bool]]:

pulumi_gcp/cloudrunv2/outputs.py

@@ -157,13 +157,17 @@ class JobBinaryAuthorization(dict):
 
     def __init__(__self__, *,
                  breakglass_justification: Optional[str] = None,
+                 policy: Optional[str] = None,
                  use_default: Optional[bool] = None):
         """
         :param str breakglass_justification: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
+        :param str policy: The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
         :param bool use_default: If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
         """
         if breakglass_justification is not None:
             pulumi.set(__self__, "breakglass_justification", breakglass_justification)
+        if policy is not None:
+            pulumi.set(__self__, "policy", policy)
         if use_default is not None:
             pulumi.set(__self__, "use_default", use_default)
 
@@ -175,6 +179,14 @@ class JobBinaryAuthorization(dict):
         """
         return pulumi.get(self, "breakglass_justification")
 
+    @property
+    @pulumi.getter
+    def policy(self) -> Optional[str]:
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
+        return pulumi.get(self, "policy")
+
     @property
     @pulumi.getter(name="useDefault")
     def use_default(self) -> Optional[bool]:
@@ -1741,13 +1753,17 @@ class ServiceBinaryAuthorization(dict):
 
     def __init__(__self__, *,
                  breakglass_justification: Optional[str] = None,
+                 policy: Optional[str] = None,
                  use_default: Optional[bool] = None):
         """
         :param str breakglass_justification: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
+        :param str policy: The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
         :param bool use_default: If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
         """
         if breakglass_justification is not None:
             pulumi.set(__self__, "breakglass_justification", breakglass_justification)
+        if policy is not None:
+            pulumi.set(__self__, "policy", policy)
         if use_default is not None:
             pulumi.set(__self__, "use_default", use_default)
 
@@ -1759,6 +1775,14 @@ class ServiceBinaryAuthorization(dict):
         """
         return pulumi.get(self, "breakglass_justification")
 
+    @property
+    @pulumi.getter
+    def policy(self) -> Optional[str]:
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
+        return pulumi.get(self, "policy")
+
     @property
     @pulumi.getter(name="useDefault")
     def use_default(self) -> Optional[bool]:
@@ -4078,12 +4102,15 @@ class ServiceTrafficStatus(dict):
 class GetJobBinaryAuthorizationResult(dict):
     def __init__(__self__, *,
                  breakglass_justification: str,
+                 policy: str,
                  use_default: bool):
         """
         :param str breakglass_justification: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
+        :param str policy: The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
         :param bool use_default: If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
         """
         pulumi.set(__self__, "breakglass_justification", breakglass_justification)
+        pulumi.set(__self__, "policy", policy)
         pulumi.set(__self__, "use_default", use_default)
 
     @property
@@ -4094,6 +4121,14 @@ class GetJobBinaryAuthorizationResult(dict):
         """
         return pulumi.get(self, "breakglass_justification")
 
+    @property
+    @pulumi.getter
+    def policy(self) -> str:
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
+        return pulumi.get(self, "policy")
+
     @property
     @pulumi.getter(name="useDefault")
     def use_default(self) -> bool:
@@ -5164,12 +5199,15 @@ class GetJobTerminalConditionResult(dict):
 class GetServiceBinaryAuthorizationResult(dict):
     def __init__(__self__, *,
                  breakglass_justification: str,
+                 policy: str,
                  use_default: bool):
         """
         :param str breakglass_justification: If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
+        :param str policy: The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
         :param bool use_default: If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
         """
         pulumi.set(__self__, "breakglass_justification", breakglass_justification)
+        pulumi.set(__self__, "policy", policy)
         pulumi.set(__self__, "use_default", use_default)
 
     @property
@@ -5180,6 +5218,14 @@ class GetServiceBinaryAuthorizationResult(dict):
         """
         return pulumi.get(self, "breakglass_justification")
 
+    @property
+    @pulumi.getter
+    def policy(self) -> str:
+        """
+        The path to a binary authorization policy. Format: projects/{project}/platforms/cloudRun/{policy-name}
+        """
+        return pulumi.get(self, "policy")
+
     @property
     @pulumi.getter(name="useDefault")
     def use_default(self) -> bool:

pulumi_gcp/compute/region_target_https_proxy.py

@@ -59,6 +59,10 @@ class RegionTargetHttpsProxyArgs:
                INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
                loadBalancingScheme consult ServerTlsPolicy documentation.
                If left blank, communications are not encrypted.
+               If you remove this field from your configuration at the same time as
+               deleting or recreating a referenced ServerTlsPolicy resource, you will
+               receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+               within the ServerTlsPolicy resource to avoid this.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ssl_certificates: URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
                At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates.
                sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
@@ -183,6 +187,10 @@ class RegionTargetHttpsProxyArgs:
         INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
         loadBalancingScheme consult ServerTlsPolicy documentation.
         If left blank, communications are not encrypted.
+        If you remove this field from your configuration at the same time as
+        deleting or recreating a referenced ServerTlsPolicy resource, you will
+        receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+        within the ServerTlsPolicy resource to avoid this.
         """
         return pulumi.get(self, "server_tls_policy")
 
@@ -263,6 +271,10 @@ class _RegionTargetHttpsProxyState:
                INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
                loadBalancingScheme consult ServerTlsPolicy documentation.
                If left blank, communications are not encrypted.
+               If you remove this field from your configuration at the same time as
+               deleting or recreating a referenced ServerTlsPolicy resource, you will
+               receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+               within the ServerTlsPolicy resource to avoid this.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ssl_certificates: URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
                At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates.
                sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
@@ -419,6 +431,10 @@ class _RegionTargetHttpsProxyState:
         INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
         loadBalancingScheme consult ServerTlsPolicy documentation.
         If left blank, communications are not encrypted.
+        If you remove this field from your configuration at the same time as
+        deleting or recreating a referenced ServerTlsPolicy resource, you will
+        receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+        within the ServerTlsPolicy resource to avoid this.
         """
         return pulumi.get(self, "server_tls_policy")
 
@@ -709,6 +725,10 @@ class RegionTargetHttpsProxy(pulumi.CustomResource):
                INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
                loadBalancingScheme consult ServerTlsPolicy documentation.
                If left blank, communications are not encrypted.
+               If you remove this field from your configuration at the same time as
+               deleting or recreating a referenced ServerTlsPolicy resource, you will
+               receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+               within the ServerTlsPolicy resource to avoid this.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ssl_certificates: URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
                At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates.
                sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
@@ -1027,6 +1047,10 @@ class RegionTargetHttpsProxy(pulumi.CustomResource):
                INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
                loadBalancingScheme consult ServerTlsPolicy documentation.
                If left blank, communications are not encrypted.
+               If you remove this field from your configuration at the same time as
+               deleting or recreating a referenced ServerTlsPolicy resource, you will
+               receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+               within the ServerTlsPolicy resource to avoid this.
         :param pulumi.Input[Sequence[pulumi.Input[str]]] ssl_certificates: URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
                At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates.
                sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
@@ -1144,6 +1168,10 @@ class RegionTargetHttpsProxy(pulumi.CustomResource):
         INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
         loadBalancingScheme consult ServerTlsPolicy documentation.
         If left blank, communications are not encrypted.
+        If you remove this field from your configuration at the same time as
+        deleting or recreating a referenced ServerTlsPolicy resource, you will
+        receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
+        within the ServerTlsPolicy resource to avoid this.
         """
         return pulumi.get(self, "server_tls_policy")
 

pulumi_gcp/container/_inputs.py

@@ -5424,6 +5424,12 @@ if not MYPY:
         GKE Autopilot clusters.
         Structure is documented below.
         """
+        auto_provisioning_locations: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        The list of Google Compute Engine 
+        [zones](https://cloud.google.com/compute/docs/zones#available) in which the
+        NodePool's nodes can be created by NAP.
+        """
         autoscaling_profile: NotRequired[pulumi.Input[str]]
         """
         Configuration
@@ -5450,6 +5456,7 @@ elif False:
 class ClusterClusterAutoscalingArgs:
     def __init__(__self__, *,
                  auto_provisioning_defaults: Optional[pulumi.Input['ClusterClusterAutoscalingAutoProvisioningDefaultsArgs']] = None,
+                 auto_provisioning_locations: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  autoscaling_profile: Optional[pulumi.Input[str]] = None,
                  enabled: Optional[pulumi.Input[bool]] = None,
                  resource_limits: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterClusterAutoscalingResourceLimitArgs']]]] = None):
@@ -5457,6 +5464,9 @@ class ClusterClusterAutoscalingArgs:
         :param pulumi.Input['ClusterClusterAutoscalingAutoProvisioningDefaultsArgs'] auto_provisioning_defaults: Contains defaults for a node pool created by NAP. A subset of fields also apply to
                GKE Autopilot clusters.
                Structure is documented below.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] auto_provisioning_locations: The list of Google Compute Engine 
+               [zones](https://cloud.google.com/compute/docs/zones#available) in which the
+               NodePool's nodes can be created by NAP.
         :param pulumi.Input[str] autoscaling_profile: Configuration
                options for the [Autoscaling profile](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-autoscaler#autoscaling_profiles)
                feature, which lets you choose whether the cluster autoscaler should optimize for resource utilization or resource availability
@@ -5470,6 +5480,8 @@ class ClusterClusterAutoscalingArgs:
         """
         if auto_provisioning_defaults is not None:
             pulumi.set(__self__, "auto_provisioning_defaults", auto_provisioning_defaults)
+        if auto_provisioning_locations is not None:
+            pulumi.set(__self__, "auto_provisioning_locations", auto_provisioning_locations)
         if autoscaling_profile is not None:
             pulumi.set(__self__, "autoscaling_profile", autoscaling_profile)
         if enabled is not None:
@@ -5491,6 +5503,20 @@ class ClusterClusterAutoscalingArgs:
     def auto_provisioning_defaults(self, value: Optional[pulumi.Input['ClusterClusterAutoscalingAutoProvisioningDefaultsArgs']]):
         pulumi.set(self, "auto_provisioning_defaults", value)
 
+    @property
+    @pulumi.getter(name="autoProvisioningLocations")
+    def auto_provisioning_locations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        The list of Google Compute Engine 
+        [zones](https://cloud.google.com/compute/docs/zones#available) in which the
+        NodePool's nodes can be created by NAP.
+        """
+        return pulumi.get(self, "auto_provisioning_locations")
+
+    @auto_provisioning_locations.setter
+    def auto_provisioning_locations(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "auto_provisioning_locations", value)
+
     @property
     @pulumi.getter(name="autoscalingProfile")
     def autoscaling_profile(self) -> Optional[pulumi.Input[str]]: