PyPI - pulumi-gcp - Versions diffs - 8.0.0a1726253601__py3-none-any.whl → 8.1.0__py3-none-any.whl - Mend

pulumi-gcp 8.0.0a1726253601py3-none-any.whl → 8.1.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (101) hide show

pulumi_gcp/__init__.py +24 -0
pulumi_gcp/alloydb/_inputs.py +94 -0
pulumi_gcp/alloydb/cluster.py +94 -1
pulumi_gcp/alloydb/outputs.py +79 -0
pulumi_gcp/assuredworkloads/workload.py +135 -16
pulumi_gcp/backupdisasterrecovery/__init__.py +1 -0
pulumi_gcp/backupdisasterrecovery/backup_vault.py +1203 -0
pulumi_gcp/bigquery/_inputs.py +33 -0
pulumi_gcp/bigquery/data_transfer_config.py +134 -6
pulumi_gcp/bigquery/outputs.py +36 -0
pulumi_gcp/bigqueryanalyticshub/_inputs.py +169 -7
pulumi_gcp/bigqueryanalyticshub/data_exchange.py +96 -3
pulumi_gcp/bigqueryanalyticshub/listing.py +114 -0
pulumi_gcp/bigqueryanalyticshub/outputs.py +138 -5
pulumi_gcp/bigtable/_inputs.py +21 -1
pulumi_gcp/bigtable/outputs.py +13 -1
pulumi_gcp/bigtable/table.py +34 -0
pulumi_gcp/certificateauthority/authority.py +14 -7
pulumi_gcp/certificatemanager/__init__.py +1 -0
pulumi_gcp/certificatemanager/certificate.py +28 -0
pulumi_gcp/certificatemanager/get_certificates.py +150 -0
pulumi_gcp/certificatemanager/outputs.py +322 -0
pulumi_gcp/cloudbuild/_inputs.py +6 -6
pulumi_gcp/cloudbuild/outputs.py +4 -4
pulumi_gcp/cloudrun/_inputs.py +6 -12
pulumi_gcp/cloudrun/outputs.py +8 -16
pulumi_gcp/cloudrunv2/_inputs.py +72 -15
pulumi_gcp/cloudrunv2/outputs.py +82 -16
pulumi_gcp/cloudrunv2/service.py +50 -4
pulumi_gcp/cloudtasks/_inputs.py +630 -0
pulumi_gcp/cloudtasks/outputs.py +479 -0
pulumi_gcp/cloudtasks/queue.py +238 -0
pulumi_gcp/compute/_inputs.py +129 -9
pulumi_gcp/compute/get_instance.py +1 -1
pulumi_gcp/compute/health_check.py +114 -0
pulumi_gcp/compute/instance.py +86 -4
pulumi_gcp/compute/instance_template.py +66 -0
pulumi_gcp/compute/interconnect.py +28 -21
pulumi_gcp/compute/node_template.py +93 -0
pulumi_gcp/compute/outputs.py +108 -6
pulumi_gcp/compute/target_https_proxy.py +28 -0
pulumi_gcp/container/_inputs.py +140 -3
pulumi_gcp/container/attached_cluster.py +7 -7
pulumi_gcp/container/outputs.py +174 -2
pulumi_gcp/databasemigrationservice/_inputs.py +176 -148
pulumi_gcp/databasemigrationservice/connection_profile.py +206 -0
pulumi_gcp/databasemigrationservice/outputs.py +109 -87
pulumi_gcp/dataloss/_inputs.py +353 -1
pulumi_gcp/dataloss/outputs.py +274 -3
pulumi_gcp/dataproc/_inputs.py +27 -27
pulumi_gcp/dataproc/outputs.py +18 -18
pulumi_gcp/datastream/_inputs.py +69 -1
pulumi_gcp/datastream/outputs.py +44 -2
pulumi_gcp/datastream/stream.py +194 -7
pulumi_gcp/discoveryengine/_inputs.py +188 -0
pulumi_gcp/discoveryengine/data_store.py +14 -14
pulumi_gcp/discoveryengine/outputs.py +153 -1
pulumi_gcp/firebase/database_instance.py +7 -7
pulumi_gcp/gkehub/_inputs.py +25 -1
pulumi_gcp/gkehub/feature_membership.py +12 -6
pulumi_gcp/gkehub/outputs.py +17 -1
pulumi_gcp/iam/_inputs.py +196 -0
pulumi_gcp/iam/get_workload_identity_pool_provider.py +13 -3
pulumi_gcp/iam/outputs.py +295 -0
pulumi_gcp/iam/workload_identity_pool_provider.py +164 -3
pulumi_gcp/kms/__init__.py +2 -0
pulumi_gcp/kms/autokey_config.py +10 -2
pulumi_gcp/kms/get_crypto_key_latest_version.py +222 -0
pulumi_gcp/kms/get_crypto_key_versions.py +175 -0
pulumi_gcp/kms/outputs.py +164 -0
pulumi_gcp/netapp/active_directory.py +6 -6
pulumi_gcp/netapp/backup.py +6 -6
pulumi_gcp/netapp/backup_policy.py +6 -6
pulumi_gcp/netapp/backup_vault.py +6 -6
pulumi_gcp/netapp/storage_pool.py +4 -4
pulumi_gcp/netapp/volume.py +7 -0
pulumi_gcp/networkconnectivity/_inputs.py +21 -1
pulumi_gcp/networkconnectivity/outputs.py +15 -1
pulumi_gcp/networkconnectivity/spoke.py +8 -0
pulumi_gcp/networksecurity/client_tls_policy.py +24 -22
pulumi_gcp/networksecurity/server_tls_policy.py +20 -32
pulumi_gcp/organizations/get_project.py +13 -3
pulumi_gcp/organizations/project.py +88 -3
pulumi_gcp/parallelstore/instance.py +121 -121
pulumi_gcp/projects/iam_member_remove.py +26 -0
pulumi_gcp/projects/usage_export_bucket.py +38 -0
pulumi_gcp/pubsub/_inputs.py +40 -0
pulumi_gcp/pubsub/outputs.py +51 -1
pulumi_gcp/pubsub/subscription.py +6 -0
pulumi_gcp/pulumi-plugin.json +1 -1
pulumi_gcp/redis/_inputs.py +419 -0
pulumi_gcp/redis/cluster.py +123 -0
pulumi_gcp/redis/outputs.py +315 -0
pulumi_gcp/securitycenter/__init__.py +2 -0
pulumi_gcp/securitycenter/v2_folder_scc_big_query_export.py +857 -0
pulumi_gcp/securitycenter/v2_organization_scc_big_query_exports.py +4 -4
pulumi_gcp/securitycenter/v2_project_scc_big_query_export.py +796 -0
{pulumi_gcp-8.0.0a1726253601.dist-info → pulumi_gcp-8.1.0.dist-info}/METADATA +1 -1
{pulumi_gcp-8.0.0a1726253601.dist-info → pulumi_gcp-8.1.0.dist-info}/RECORD +101 -95
{pulumi_gcp-8.0.0a1726253601.dist-info → pulumi_gcp-8.1.0.dist-info}/WHEEL +1 -1
{pulumi_gcp-8.0.0a1726253601.dist-info → pulumi_gcp-8.1.0.dist-info}/top_level.txt +0 -0

pulumi_gcp/gkehub/outputs.py CHANGED Viewed

@@ -1246,11 +1246,19 @@ class FeatureMembershipConfigmanagement(dict):
                  policy_controller: Optional['outputs.FeatureMembershipConfigmanagementPolicyController'] = None,
                  version: Optional[str] = None):
         """
-        :param 'FeatureMembershipConfigmanagementBinauthzArgs' binauthz: Binauthz configuration for the cluster. Structure is documented below.
+        :param 'FeatureMembershipConfigmanagementBinauthzArgs' binauthz: (Optional, Deprecated)
+               Binauthz configuration for the cluster. Structure is documented below.
+               This field will be ignored and should not be set.
         :param 'FeatureMembershipConfigmanagementConfigSyncArgs' config_sync: Config Sync configuration for the cluster. Structure is documented below.
         :param 'FeatureMembershipConfigmanagementHierarchyControllerArgs' hierarchy_controller: Hierarchy Controller configuration for the cluster. Structure is documented below.
+               Configuring Hierarchy Controller through the configmanagement feature is no longer recommended.
+               Use open source Kubernetes [Hierarchical Namespace Controller (HNC)](https://github.com/kubernetes-sigs/hierarchical-namespaces) instead.
+               Follow the [instructions](https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/migrate-hierarchy-controller)
+               to migrate from Hierarchy Controller to HNC.
         :param str management: Set this field to MANAGEMENT_AUTOMATIC to enable Config Sync auto-upgrades, and set this field to MANAGEMENT_MANUAL or MANAGEMENT_UNSPECIFIED to disable Config Sync auto-upgrades.
         :param 'FeatureMembershipConfigmanagementPolicyControllerArgs' policy_controller: Policy Controller configuration for the cluster. Structure is documented below.
+               Configuring Policy Controller through the configmanagement feature is no longer recommended.
+               Use the policycontroller feature instead.
         :param str version: Version of ACM installed.
         """
         if binauthz is not None:
@@ -1270,7 +1278,9 @@ class FeatureMembershipConfigmanagement(dict):
     @pulumi.getter
     def binauthz(self) -> Optional['outputs.FeatureMembershipConfigmanagementBinauthz']:
         """
+        (Optional, Deprecated)
         Binauthz configuration for the cluster. Structure is documented below.
+        This field will be ignored and should not be set.
         """
         return pulumi.get(self, "binauthz")
@@ -1287,6 +1297,10 @@ class FeatureMembershipConfigmanagement(dict):
     def hierarchy_controller(self) -> Optional['outputs.FeatureMembershipConfigmanagementHierarchyController']:
         """
         Hierarchy Controller configuration for the cluster. Structure is documented below.
+        Configuring Hierarchy Controller through the configmanagement feature is no longer recommended.
+        Use open source Kubernetes [Hierarchical Namespace Controller (HNC)](https://github.com/kubernetes-sigs/hierarchical-namespaces) instead.
+        Follow the [instructions](https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/migrate-hierarchy-controller)
+        to migrate from Hierarchy Controller to HNC.
         """
         return pulumi.get(self, "hierarchy_controller")
@@ -1303,6 +1317,8 @@ class FeatureMembershipConfigmanagement(dict):
     def policy_controller(self) -> Optional['outputs.FeatureMembershipConfigmanagementPolicyController']:
         """
         Policy Controller configuration for the cluster. Structure is documented below.
+        Configuring Policy Controller through the configmanagement feature is no longer recommended.
+        Use the policycontroller feature instead.
         """
         return pulumi.get(self, "policy_controller")

pulumi_gcp/iam/_inputs.py CHANGED Viewed

@@ -55,6 +55,14 @@ __all__ = [
     'WorkloadIdentityPoolProviderOidcArgsDict',
     'WorkloadIdentityPoolProviderSamlArgs',
     'WorkloadIdentityPoolProviderSamlArgsDict',
+    'WorkloadIdentityPoolProviderX509Args',
+    'WorkloadIdentityPoolProviderX509ArgsDict',
+    'WorkloadIdentityPoolProviderX509TrustStoreArgs',
+    'WorkloadIdentityPoolProviderX509TrustStoreArgsDict',
+    'WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs',
+    'WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgsDict',
+    'WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs',
+    'WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgsDict',
 ]
 MYPY = False
@@ -1567,6 +1575,8 @@ if not MYPY:
         idp_metadata_xml: pulumi.Input[str]
         """
         SAML Identity provider configuration metadata xml doc.
+        <a name="nested_x509"></a>The `x509` block supports:
         """
 elif False:
     WorkloadIdentityPoolProviderSamlArgsDict: TypeAlias = Mapping[str, Any]
@@ -1577,6 +1587,8 @@ class WorkloadIdentityPoolProviderSamlArgs:
                  idp_metadata_xml: pulumi.Input[str]):
         """
         :param pulumi.Input[str] idp_metadata_xml: SAML Identity provider configuration metadata xml doc.
+               <a name="nested_x509"></a>The `x509` block supports:
         """
         pulumi.set(__self__, "idp_metadata_xml", idp_metadata_xml)
@@ -1585,6 +1597,8 @@ class WorkloadIdentityPoolProviderSamlArgs:
     def idp_metadata_xml(self) -> pulumi.Input[str]:
         """
         SAML Identity provider configuration metadata xml doc.
+        <a name="nested_x509"></a>The `x509` block supports:
         """
         return pulumi.get(self, "idp_metadata_xml")
@@ -1593,3 +1607,185 @@ class WorkloadIdentityPoolProviderSamlArgs:
         pulumi.set(self, "idp_metadata_xml", value)
+if not MYPY:
+    class WorkloadIdentityPoolProviderX509ArgsDict(TypedDict):
+        trust_store: pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreArgsDict']
+        """
+        A Trust store, use this trust store as a wrapper to config the trust
+        anchor and optional intermediate cas to help build the trust chain for
+        the incoming end entity certificate. Follow the x509 guidelines to
+        define those PEM encoded certs. Only 1 trust store is currently
+        supported.
+        """
+elif False:
+    WorkloadIdentityPoolProviderX509ArgsDict: TypeAlias = Mapping[str, Any]
+@pulumi.input_type
+class WorkloadIdentityPoolProviderX509Args:
+    def __init__(__self__, *,
+                 trust_store: pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreArgs']):
+        """
+        :param pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreArgs'] trust_store: A Trust store, use this trust store as a wrapper to config the trust
+               anchor and optional intermediate cas to help build the trust chain for
+               the incoming end entity certificate. Follow the x509 guidelines to
+               define those PEM encoded certs. Only 1 trust store is currently
+               supported.
+        """
+        pulumi.set(__self__, "trust_store", trust_store)
+    @property
+    @pulumi.getter(name="trustStore")
+    def trust_store(self) -> pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreArgs']:
+        """
+        A Trust store, use this trust store as a wrapper to config the trust
+        anchor and optional intermediate cas to help build the trust chain for
+        the incoming end entity certificate. Follow the x509 guidelines to
+        define those PEM encoded certs. Only 1 trust store is currently
+        supported.
+        """
+        return pulumi.get(self, "trust_store")
+    @trust_store.setter
+    def trust_store(self, value: pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreArgs']):
+        pulumi.set(self, "trust_store", value)
+if not MYPY:
+    class WorkloadIdentityPoolProviderX509TrustStoreArgsDict(TypedDict):
+        trust_anchors: pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgsDict']]]
+        """
+        List of Trust Anchors to be used while performing validation
+        against a given TrustStore. The incoming end entity's certificate
+        must be chained up to one of the trust anchors here.
+        Structure is documented below.
+        """
+        intermediate_cas: NotRequired[pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgsDict']]]]
+        """
+        Set of intermediate CA certificates used for building the trust chain to
+        trust anchor.
+        IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+        Structure is documented below.
+        """
+elif False:
+    WorkloadIdentityPoolProviderX509TrustStoreArgsDict: TypeAlias = Mapping[str, Any]
+@pulumi.input_type
+class WorkloadIdentityPoolProviderX509TrustStoreArgs:
+    def __init__(__self__, *,
+                 trust_anchors: pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs']]],
+                 intermediate_cas: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs']]]] = None):
+        """
+        :param pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs']]] trust_anchors: List of Trust Anchors to be used while performing validation
+               against a given TrustStore. The incoming end entity's certificate
+               must be chained up to one of the trust anchors here.
+               Structure is documented below.
+        :param pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs']]] intermediate_cas: Set of intermediate CA certificates used for building the trust chain to
+               trust anchor.
+               IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+               Structure is documented below.
+        """
+        pulumi.set(__self__, "trust_anchors", trust_anchors)
+        if intermediate_cas is not None:
+            pulumi.set(__self__, "intermediate_cas", intermediate_cas)
+    @property
+    @pulumi.getter(name="trustAnchors")
+    def trust_anchors(self) -> pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs']]]:
+        """
+        List of Trust Anchors to be used while performing validation
+        against a given TrustStore. The incoming end entity's certificate
+        must be chained up to one of the trust anchors here.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "trust_anchors")
+    @trust_anchors.setter
+    def trust_anchors(self, value: pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs']]]):
+        pulumi.set(self, "trust_anchors", value)
+    @property
+    @pulumi.getter(name="intermediateCas")
+    def intermediate_cas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs']]]]:
+        """
+        Set of intermediate CA certificates used for building the trust chain to
+        trust anchor.
+        IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "intermediate_cas")
+    @intermediate_cas.setter
+    def intermediate_cas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs']]]]):
+        pulumi.set(self, "intermediate_cas", value)
+if not MYPY:
+    class WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgsDict(TypedDict):
+        pem_certificate: NotRequired[pulumi.Input[str]]
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+elif False:
+    WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgsDict: TypeAlias = Mapping[str, Any]
+@pulumi.input_type
+class WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs:
+    def __init__(__self__, *,
+                 pem_certificate: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] pem_certificate: PEM certificate of the PKI used for validation. Must only contain one
+               ca certificate(either root or intermediate cert).
+        """
+        if pem_certificate is not None:
+            pulumi.set(__self__, "pem_certificate", pem_certificate)
+    @property
+    @pulumi.getter(name="pemCertificate")
+    def pem_certificate(self) -> Optional[pulumi.Input[str]]:
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+        return pulumi.get(self, "pem_certificate")
+    @pem_certificate.setter
+    def pem_certificate(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "pem_certificate", value)
+if not MYPY:
+    class WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgsDict(TypedDict):
+        pem_certificate: NotRequired[pulumi.Input[str]]
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+elif False:
+    WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgsDict: TypeAlias = Mapping[str, Any]
+@pulumi.input_type
+class WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs:
+    def __init__(__self__, *,
+                 pem_certificate: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] pem_certificate: PEM certificate of the PKI used for validation. Must only contain one
+               ca certificate(either root or intermediate cert).
+        """
+        if pem_certificate is not None:
+            pulumi.set(__self__, "pem_certificate", pem_certificate)
+    @property
+    @pulumi.getter(name="pemCertificate")
+    def pem_certificate(self) -> Optional[pulumi.Input[str]]:
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+        return pulumi.get(self, "pem_certificate")
+    @pem_certificate.setter
+    def pem_certificate(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "pem_certificate", value)

pulumi_gcp/iam/get_workload_identity_pool_provider.py CHANGED Viewed

@@ -27,7 +27,7 @@ class GetWorkloadIdentityPoolProviderResult:
     """
     A collection of values returned by getWorkloadIdentityPoolProvider.
     """
-    def __init__(__self__, attribute_condition=None, attribute_mapping=None, aws=None, description=None, disabled=None, display_name=None, id=None, name=None, oidcs=None, project=None, samls=None, state=None, workload_identity_pool_id=None, workload_identity_pool_provider_id=None):
+    def __init__(__self__, attribute_condition=None, attribute_mapping=None, aws=None, description=None, disabled=None, display_name=None, id=None, name=None, oidcs=None, project=None, samls=None, state=None, workload_identity_pool_id=None, workload_identity_pool_provider_id=None, x509s=None):
         if attribute_condition and not isinstance(attribute_condition, str):
             raise TypeError("Expected argument 'attribute_condition' to be a str")
         pulumi.set(__self__, "attribute_condition", attribute_condition)
@@ -70,6 +70,9 @@ class GetWorkloadIdentityPoolProviderResult:
         if workload_identity_pool_provider_id and not isinstance(workload_identity_pool_provider_id, str):
             raise TypeError("Expected argument 'workload_identity_pool_provider_id' to be a str")
         pulumi.set(__self__, "workload_identity_pool_provider_id", workload_identity_pool_provider_id)
+        if x509s and not isinstance(x509s, list):
+            raise TypeError("Expected argument 'x509s' to be a list")
+        pulumi.set(__self__, "x509s", x509s)
     @property
     @pulumi.getter(name="attributeCondition")
@@ -144,6 +147,11 @@ class GetWorkloadIdentityPoolProviderResult:
     def workload_identity_pool_provider_id(self) -> str:
         return pulumi.get(self, "workload_identity_pool_provider_id")
+    @property
+    @pulumi.getter
+    def x509s(self) -> Sequence['outputs.GetWorkloadIdentityPoolProviderX509Result']:
+        return pulumi.get(self, "x509s")
 class AwaitableGetWorkloadIdentityPoolProviderResult(GetWorkloadIdentityPoolProviderResult):
     # pylint: disable=using-constant-test
@@ -164,7 +172,8 @@ class AwaitableGetWorkloadIdentityPoolProviderResult(GetWorkloadIdentityPoolProv
             samls=self.samls,
             state=self.state,
             workload_identity_pool_id=self.workload_identity_pool_id,
-            workload_identity_pool_provider_id=self.workload_identity_pool_provider_id)
+            workload_identity_pool_provider_id=self.workload_identity_pool_provider_id,
+            x509s=self.x509s)
 def get_workload_identity_pool_provider(project: Optional[str] = None,
@@ -215,7 +224,8 @@ def get_workload_identity_pool_provider(project: Optional[str] = None,
         samls=pulumi.get(__ret__, 'samls'),
         state=pulumi.get(__ret__, 'state'),
         workload_identity_pool_id=pulumi.get(__ret__, 'workload_identity_pool_id'),
-        workload_identity_pool_provider_id=pulumi.get(__ret__, 'workload_identity_pool_provider_id'))
+        workload_identity_pool_provider_id=pulumi.get(__ret__, 'workload_identity_pool_provider_id'),
+        x509s=pulumi.get(__ret__, 'x509s'))
 @_utilities.lift_output_func(get_workload_identity_pool_provider)

pulumi_gcp/iam/outputs.py CHANGED Viewed

@@ -36,10 +36,18 @@ __all__ = [
     'WorkloadIdentityPoolProviderAws',
     'WorkloadIdentityPoolProviderOidc',
     'WorkloadIdentityPoolProviderSaml',
+    'WorkloadIdentityPoolProviderX509',
+    'WorkloadIdentityPoolProviderX509TrustStore',
+    'WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa',
+    'WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor',
     'GetTestablePermissionsPermissionResult',
     'GetWorkloadIdentityPoolProviderAwResult',
     'GetWorkloadIdentityPoolProviderOidcResult',
     'GetWorkloadIdentityPoolProviderSamlResult',
+    'GetWorkloadIdentityPoolProviderX509Result',
+    'GetWorkloadIdentityPoolProviderX509TrustStoreResult',
+    'GetWorkloadIdentityPoolProviderX509TrustStoreIntermediateCaResult',
+    'GetWorkloadIdentityPoolProviderX509TrustStoreTrustAnchorResult',
 ]
 @pulumi.output_type
@@ -1238,6 +1246,8 @@ class WorkloadIdentityPoolProviderSaml(dict):
                  idp_metadata_xml: str):
         """
         :param str idp_metadata_xml: SAML Identity provider configuration metadata xml doc.
+               <a name="nested_x509"></a>The `x509` block supports:
         """
         pulumi.set(__self__, "idp_metadata_xml", idp_metadata_xml)
@@ -1246,10 +1256,192 @@ class WorkloadIdentityPoolProviderSaml(dict):
     def idp_metadata_xml(self) -> str:
         """
         SAML Identity provider configuration metadata xml doc.
+        <a name="nested_x509"></a>The `x509` block supports:
         """
         return pulumi.get(self, "idp_metadata_xml")
+@pulumi.output_type
+class WorkloadIdentityPoolProviderX509(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "trustStore":
+            suggest = "trust_store"
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in WorkloadIdentityPoolProviderX509. Access the value via the '{suggest}' property getter instead.")
+    def __getitem__(self, key: str) -> Any:
+        WorkloadIdentityPoolProviderX509.__key_warning(key)
+        return super().__getitem__(key)
+    def get(self, key: str, default = None) -> Any:
+        WorkloadIdentityPoolProviderX509.__key_warning(key)
+        return super().get(key, default)
+    def __init__(__self__, *,
+                 trust_store: 'outputs.WorkloadIdentityPoolProviderX509TrustStore'):
+        """
+        :param 'WorkloadIdentityPoolProviderX509TrustStoreArgs' trust_store: A Trust store, use this trust store as a wrapper to config the trust
+               anchor and optional intermediate cas to help build the trust chain for
+               the incoming end entity certificate. Follow the x509 guidelines to
+               define those PEM encoded certs. Only 1 trust store is currently
+               supported.
+        """
+        pulumi.set(__self__, "trust_store", trust_store)
+    @property
+    @pulumi.getter(name="trustStore")
+    def trust_store(self) -> 'outputs.WorkloadIdentityPoolProviderX509TrustStore':
+        """
+        A Trust store, use this trust store as a wrapper to config the trust
+        anchor and optional intermediate cas to help build the trust chain for
+        the incoming end entity certificate. Follow the x509 guidelines to
+        define those PEM encoded certs. Only 1 trust store is currently
+        supported.
+        """
+        return pulumi.get(self, "trust_store")
+@pulumi.output_type
+class WorkloadIdentityPoolProviderX509TrustStore(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "trustAnchors":
+            suggest = "trust_anchors"
+        elif key == "intermediateCas":
+            suggest = "intermediate_cas"
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in WorkloadIdentityPoolProviderX509TrustStore. Access the value via the '{suggest}' property getter instead.")
+    def __getitem__(self, key: str) -> Any:
+        WorkloadIdentityPoolProviderX509TrustStore.__key_warning(key)
+        return super().__getitem__(key)
+    def get(self, key: str, default = None) -> Any:
+        WorkloadIdentityPoolProviderX509TrustStore.__key_warning(key)
+        return super().get(key, default)
+    def __init__(__self__, *,
+                 trust_anchors: Sequence['outputs.WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor'],
+                 intermediate_cas: Optional[Sequence['outputs.WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa']] = None):
+        """
+        :param Sequence['WorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs'] trust_anchors: List of Trust Anchors to be used while performing validation
+               against a given TrustStore. The incoming end entity's certificate
+               must be chained up to one of the trust anchors here.
+               Structure is documented below.
+        :param Sequence['WorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs'] intermediate_cas: Set of intermediate CA certificates used for building the trust chain to
+               trust anchor.
+               IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+               Structure is documented below.
+        """
+        pulumi.set(__self__, "trust_anchors", trust_anchors)
+        if intermediate_cas is not None:
+            pulumi.set(__self__, "intermediate_cas", intermediate_cas)
+    @property
+    @pulumi.getter(name="trustAnchors")
+    def trust_anchors(self) -> Sequence['outputs.WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor']:
+        """
+        List of Trust Anchors to be used while performing validation
+        against a given TrustStore. The incoming end entity's certificate
+        must be chained up to one of the trust anchors here.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "trust_anchors")
+    @property
+    @pulumi.getter(name="intermediateCas")
+    def intermediate_cas(self) -> Optional[Sequence['outputs.WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa']]:
+        """
+        Set of intermediate CA certificates used for building the trust chain to
+        trust anchor.
+        IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "intermediate_cas")
+@pulumi.output_type
+class WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "pemCertificate":
+            suggest = "pem_certificate"
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa. Access the value via the '{suggest}' property getter instead.")
+    def __getitem__(self, key: str) -> Any:
+        WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa.__key_warning(key)
+        return super().__getitem__(key)
+    def get(self, key: str, default = None) -> Any:
+        WorkloadIdentityPoolProviderX509TrustStoreIntermediateCa.__key_warning(key)
+        return super().get(key, default)
+    def __init__(__self__, *,
+                 pem_certificate: Optional[str] = None):
+        """
+        :param str pem_certificate: PEM certificate of the PKI used for validation. Must only contain one
+               ca certificate(either root or intermediate cert).
+        """
+        if pem_certificate is not None:
+            pulumi.set(__self__, "pem_certificate", pem_certificate)
+    @property
+    @pulumi.getter(name="pemCertificate")
+    def pem_certificate(self) -> Optional[str]:
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+        return pulumi.get(self, "pem_certificate")
+@pulumi.output_type
+class WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "pemCertificate":
+            suggest = "pem_certificate"
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor. Access the value via the '{suggest}' property getter instead.")
+    def __getitem__(self, key: str) -> Any:
+        WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor.__key_warning(key)
+        return super().__getitem__(key)
+    def get(self, key: str, default = None) -> Any:
+        WorkloadIdentityPoolProviderX509TrustStoreTrustAnchor.__key_warning(key)
+        return super().get(key, default)
+    def __init__(__self__, *,
+                 pem_certificate: Optional[str] = None):
+        """
+        :param str pem_certificate: PEM certificate of the PKI used for validation. Must only contain one
+               ca certificate(either root or intermediate cert).
+        """
+        if pem_certificate is not None:
+            pulumi.set(__self__, "pem_certificate", pem_certificate)
+    @property
+    @pulumi.getter(name="pemCertificate")
+    def pem_certificate(self) -> Optional[str]:
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+        return pulumi.get(self, "pem_certificate")
 @pulumi.output_type
 class GetTestablePermissionsPermissionResult(dict):
     def __init__(__self__, *,
@@ -1454,3 +1646,106 @@ class GetWorkloadIdentityPoolProviderSamlResult(dict):
         return pulumi.get(self, "idp_metadata_xml")
+@pulumi.output_type
+class GetWorkloadIdentityPoolProviderX509Result(dict):
+    def __init__(__self__, *,
+                 trust_stores: Sequence['outputs.GetWorkloadIdentityPoolProviderX509TrustStoreResult']):
+        """
+        :param Sequence['GetWorkloadIdentityPoolProviderX509TrustStoreArgs'] trust_stores: A Trust store, use this trust store as a wrapper to config the trust
+               anchor and optional intermediate cas to help build the trust chain for
+               the incoming end entity certificate. Follow the x509 guidelines to
+               define those PEM encoded certs. Only 1 trust store is currently
+               supported.
+        """
+        pulumi.set(__self__, "trust_stores", trust_stores)
+    @property
+    @pulumi.getter(name="trustStores")
+    def trust_stores(self) -> Sequence['outputs.GetWorkloadIdentityPoolProviderX509TrustStoreResult']:
+        """
+        A Trust store, use this trust store as a wrapper to config the trust
+        anchor and optional intermediate cas to help build the trust chain for
+        the incoming end entity certificate. Follow the x509 guidelines to
+        define those PEM encoded certs. Only 1 trust store is currently
+        supported.
+        """
+        return pulumi.get(self, "trust_stores")
+@pulumi.output_type
+class GetWorkloadIdentityPoolProviderX509TrustStoreResult(dict):
+    def __init__(__self__, *,
+                 intermediate_cas: Sequence['outputs.GetWorkloadIdentityPoolProviderX509TrustStoreIntermediateCaResult'],
+                 trust_anchors: Sequence['outputs.GetWorkloadIdentityPoolProviderX509TrustStoreTrustAnchorResult']):
+        """
+        :param Sequence['GetWorkloadIdentityPoolProviderX509TrustStoreIntermediateCaArgs'] intermediate_cas: Set of intermediate CA certificates used for building the trust chain to
+               trust anchor.
+               IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+        :param Sequence['GetWorkloadIdentityPoolProviderX509TrustStoreTrustAnchorArgs'] trust_anchors: List of Trust Anchors to be used while performing validation
+               against a given TrustStore. The incoming end entity's certificate
+               must be chained up to one of the trust anchors here.
+        """
+        pulumi.set(__self__, "intermediate_cas", intermediate_cas)
+        pulumi.set(__self__, "trust_anchors", trust_anchors)
+    @property
+    @pulumi.getter(name="intermediateCas")
+    def intermediate_cas(self) -> Sequence['outputs.GetWorkloadIdentityPoolProviderX509TrustStoreIntermediateCaResult']:
+        """
+        Set of intermediate CA certificates used for building the trust chain to
+        trust anchor.
+        IMPORTANT: Intermediate CAs are only supported when configuring x509 federation.
+        """
+        return pulumi.get(self, "intermediate_cas")
+    @property
+    @pulumi.getter(name="trustAnchors")
+    def trust_anchors(self) -> Sequence['outputs.GetWorkloadIdentityPoolProviderX509TrustStoreTrustAnchorResult']:
+        """
+        List of Trust Anchors to be used while performing validation
+        against a given TrustStore. The incoming end entity's certificate
+        must be chained up to one of the trust anchors here.
+        """
+        return pulumi.get(self, "trust_anchors")
+@pulumi.output_type
+class GetWorkloadIdentityPoolProviderX509TrustStoreIntermediateCaResult(dict):
+    def __init__(__self__, *,
+                 pem_certificate: str):
+        """
+        :param str pem_certificate: PEM certificate of the PKI used for validation. Must only contain one
+               ca certificate(either root or intermediate cert).
+        """
+        pulumi.set(__self__, "pem_certificate", pem_certificate)
+    @property
+    @pulumi.getter(name="pemCertificate")
+    def pem_certificate(self) -> str:
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+        return pulumi.get(self, "pem_certificate")
+@pulumi.output_type
+class GetWorkloadIdentityPoolProviderX509TrustStoreTrustAnchorResult(dict):
+    def __init__(__self__, *,
+                 pem_certificate: str):
+        """
+        :param str pem_certificate: PEM certificate of the PKI used for validation. Must only contain one
+               ca certificate(either root or intermediate cert).
+        """
+        pulumi.set(__self__, "pem_certificate", pem_certificate)
+    @property
+    @pulumi.getter(name="pemCertificate")
+    def pem_certificate(self) -> str:
+        """
+        PEM certificate of the PKI used for validation. Must only contain one
+        ca certificate(either root or intermediate cert).
+        """
+        return pulumi.get(self, "pem_certificate")

pulumi-gcp 8.0.0a1726253601__py3-none-any.whl → 8.1.0__py3-none-any.whl

pulumi-gcp 8.0.0a1726253601py3-none-any.whl → 8.1.0py3-none-any.whl