pulumi-gcp 8.29.0a1746115375__py3-none-any.whl → 8.29.0a1746140206__py3-none-any.whl

pulumi_gcp/dns/_inputs.py

@@ -481,9 +481,9 @@ class ManagedZoneForwardingConfigArgs:
 
 if not MYPY:
     class ManagedZoneForwardingConfigTargetNameServerArgsDict(TypedDict):
-        ipv4_address: pulumi.Input[builtins.str]
+        domain_name: NotRequired[pulumi.Input[builtins.str]]
         """
-        IPv4 address of a target name server.
+        Fully qualified domain name for the forwarding target.
         """
         forwarding_path: NotRequired[pulumi.Input[builtins.str]]
         """
@@ -492,36 +492,45 @@ if not MYPY:
         to the Internet. When set to `private`, Cloud DNS will always send queries through VPC for this target
         Possible values are: `default`, `private`.
         """
+        ipv4_address: NotRequired[pulumi.Input[builtins.str]]
+        """
+        IPv4 address of a target name server.
+        """
 elif False:
     ManagedZoneForwardingConfigTargetNameServerArgsDict: TypeAlias = Mapping[str, Any]
 
 @pulumi.input_type
 class ManagedZoneForwardingConfigTargetNameServerArgs:
     def __init__(__self__, *,
-                 ipv4_address: pulumi.Input[builtins.str],
-                 forwarding_path: Optional[pulumi.Input[builtins.str]] = None):
+                 domain_name: Optional[pulumi.Input[builtins.str]] = None,
+                 forwarding_path: Optional[pulumi.Input[builtins.str]] = None,
+                 ipv4_address: Optional[pulumi.Input[builtins.str]] = None):
         """
-        :param pulumi.Input[builtins.str] ipv4_address: IPv4 address of a target name server.
+        :param pulumi.Input[builtins.str] domain_name: Fully qualified domain name for the forwarding target.
         :param pulumi.Input[builtins.str] forwarding_path: Forwarding path for this TargetNameServer. If unset or `default` Cloud DNS will make forwarding
                decision based on address ranges, i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go
                to the Internet. When set to `private`, Cloud DNS will always send queries through VPC for this target
                Possible values are: `default`, `private`.
+        :param pulumi.Input[builtins.str] ipv4_address: IPv4 address of a target name server.
         """
-        pulumi.set(__self__, "ipv4_address", ipv4_address)
+        if domain_name is not None:
+            pulumi.set(__self__, "domain_name", domain_name)
         if forwarding_path is not None:
             pulumi.set(__self__, "forwarding_path", forwarding_path)
+        if ipv4_address is not None:
+            pulumi.set(__self__, "ipv4_address", ipv4_address)
 
     @property
-    @pulumi.getter(name="ipv4Address")
-    def ipv4_address(self) -> pulumi.Input[builtins.str]:
+    @pulumi.getter(name="domainName")
+    def domain_name(self) -> Optional[pulumi.Input[builtins.str]]:
         """
-        IPv4 address of a target name server.
+        Fully qualified domain name for the forwarding target.
         """
-        return pulumi.get(self, "ipv4_address")
+        return pulumi.get(self, "domain_name")
 
-    @ipv4_address.setter
-    def ipv4_address(self, value: pulumi.Input[builtins.str]):
-        pulumi.set(self, "ipv4_address", value)
+    @domain_name.setter
+    def domain_name(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "domain_name", value)
 
     @property
     @pulumi.getter(name="forwardingPath")
@@ -538,6 +547,18 @@ class ManagedZoneForwardingConfigTargetNameServerArgs:
     def forwarding_path(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "forwarding_path", value)
 
+    @property
+    @pulumi.getter(name="ipv4Address")
+    def ipv4_address(self) -> Optional[pulumi.Input[builtins.str]]:
+        """
+        IPv4 address of a target name server.
+        """
+        return pulumi.get(self, "ipv4_address")
+
+    @ipv4_address.setter
+    def ipv4_address(self, value: Optional[pulumi.Input[builtins.str]]):
+        pulumi.set(self, "ipv4_address", value)
+
 
 if not MYPY:
     class ManagedZonePeeringConfigArgsDict(TypedDict):

pulumi_gcp/dns/outputs.py

@@ -369,10 +369,12 @@ class ManagedZoneForwardingConfigTargetNameServer(dict):
     @staticmethod
     def __key_warning(key: str):
         suggest = None
-        if key == "ipv4Address":
-            suggest = "ipv4_address"
+        if key == "domainName":
+            suggest = "domain_name"
         elif key == "forwardingPath":
             suggest = "forwarding_path"
+        elif key == "ipv4Address":
+            suggest = "ipv4_address"
 
         if suggest:
             pulumi.log.warn(f"Key '{key}' not found in ManagedZoneForwardingConfigTargetNameServer. Access the value via the '{suggest}' property getter instead.")
@@ -386,26 +388,31 @@ class ManagedZoneForwardingConfigTargetNameServer(dict):
         return super().get(key, default)
 
     def __init__(__self__, *,
-                 ipv4_address: builtins.str,
-                 forwarding_path: Optional[builtins.str] = None):
+                 domain_name: Optional[builtins.str] = None,
+                 forwarding_path: Optional[builtins.str] = None,
+                 ipv4_address: Optional[builtins.str] = None):
         """
-        :param builtins.str ipv4_address: IPv4 address of a target name server.
+        :param builtins.str domain_name: Fully qualified domain name for the forwarding target.
         :param builtins.str forwarding_path: Forwarding path for this TargetNameServer. If unset or `default` Cloud DNS will make forwarding
                decision based on address ranges, i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go
                to the Internet. When set to `private`, Cloud DNS will always send queries through VPC for this target
                Possible values are: `default`, `private`.
+        :param builtins.str ipv4_address: IPv4 address of a target name server.
         """
-        pulumi.set(__self__, "ipv4_address", ipv4_address)
+        if domain_name is not None:
+            pulumi.set(__self__, "domain_name", domain_name)
         if forwarding_path is not None:
             pulumi.set(__self__, "forwarding_path", forwarding_path)
+        if ipv4_address is not None:
+            pulumi.set(__self__, "ipv4_address", ipv4_address)
 
     @property
-    @pulumi.getter(name="ipv4Address")
-    def ipv4_address(self) -> builtins.str:
+    @pulumi.getter(name="domainName")
+    def domain_name(self) -> Optional[builtins.str]:
         """
-        IPv4 address of a target name server.
+        Fully qualified domain name for the forwarding target.
         """
-        return pulumi.get(self, "ipv4_address")
+        return pulumi.get(self, "domain_name")
 
     @property
     @pulumi.getter(name="forwardingPath")
@@ -418,6 +425,14 @@ class ManagedZoneForwardingConfigTargetNameServer(dict):
         """
         return pulumi.get(self, "forwarding_path")
 
+    @property
+    @pulumi.getter(name="ipv4Address")
+    def ipv4_address(self) -> Optional[builtins.str]:
+        """
+        IPv4 address of a target name server.
+        """
+        return pulumi.get(self, "ipv4_address")
+
 
 @pulumi.output_type
 class ManagedZonePeeringConfig(dict):

pulumi_gcp/gkehub/_inputs.py

@@ -1930,7 +1930,7 @@ if not MYPY:
     class FeatureMembershipConfigmanagementConfigSyncArgsDict(TypedDict):
         deployment_overrides: NotRequired[pulumi.Input[Sequence[pulumi.Input['FeatureMembershipConfigmanagementConfigSyncDeploymentOverrideArgsDict']]]]
         """
-        The override configurations for the Config Sync Deployments. Structure is documented below.
+        The override configurations for the Config Sync Deployments. Structure is documented below. The field is only available on Config Sync version 1.20.1 or later.
         """
         enabled: NotRequired[pulumi.Input[builtins.bool]]
         """
@@ -1977,7 +1977,7 @@ class FeatureMembershipConfigmanagementConfigSyncArgs:
                  source_format: Optional[pulumi.Input[builtins.str]] = None,
                  stop_syncing: Optional[pulumi.Input[builtins.bool]] = None):
         """
-        :param pulumi.Input[Sequence[pulumi.Input['FeatureMembershipConfigmanagementConfigSyncDeploymentOverrideArgs']]] deployment_overrides: The override configurations for the Config Sync Deployments. Structure is documented below.
+        :param pulumi.Input[Sequence[pulumi.Input['FeatureMembershipConfigmanagementConfigSyncDeploymentOverrideArgs']]] deployment_overrides: The override configurations for the Config Sync Deployments. Structure is documented below. The field is only available on Config Sync version 1.20.1 or later.
         :param pulumi.Input[builtins.bool] enabled: Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
         :param pulumi.Input['FeatureMembershipConfigmanagementConfigSyncGitArgs'] git: (Optional) Structure is documented below.
         :param pulumi.Input[builtins.str] metrics_gcp_service_account_email: Deprecated: If Workload Identity Federation for GKE is enabled, Google Cloud Service Account is no longer needed for exporting Config Sync metrics: https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-config-sync-cloud-monitoring#custom-monitoring.
@@ -2009,7 +2009,7 @@ class FeatureMembershipConfigmanagementConfigSyncArgs:
     @pulumi.getter(name="deploymentOverrides")
     def deployment_overrides(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['FeatureMembershipConfigmanagementConfigSyncDeploymentOverrideArgs']]]]:
         """
-        The override configurations for the Config Sync Deployments. Structure is documented below.
+        The override configurations for the Config Sync Deployments. Structure is documented below. The field is only available on Config Sync version 1.20.1 or later.
         """
         return pulumi.get(self, "deployment_overrides")
 

pulumi_gcp/gkehub/feature_membership.py

@@ -428,6 +428,52 @@ class FeatureMembership(pulumi.CustomResource):
             })
         ```
 
+        ### Config Management With Deployment Override
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        cluster = gcp.container.Cluster("cluster",
+            name="my-cluster",
+            location="us-central1-a",
+            initial_node_count=1)
+        membership = gcp.gkehub.Membership("membership",
+            membership_id="my-membership",
+            endpoint={
+                "gke_cluster": {
+                    "resource_link": cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
+                },
+            })
+        feature = gcp.gkehub.Feature("feature",
+            name="configmanagement",
+            location="global",
+            labels={
+                "foo": "bar",
+            })
+        feature_member = gcp.gkehub.FeatureMembership("feature_member",
+            location="global",
+            feature=feature.name,
+            membership=membership.membership_id,
+            configmanagement={
+                "version": "1.20.1",
+                "config_sync": {
+                    "enabled": True,
+                    "deployment_overrides": [{
+                        "deployment_name": "reconciler-manager",
+                        "deployment_namespace": "config-management-system",
+                        "containers": [{
+                            "container_name": "reconciler-manager",
+                            "cpu_request": "100m",
+                            "memory_request": "64Mi",
+                            "cpu_limit": "250m",
+                            "memory_limit": "128Mi",
+                        }],
+                    }],
+                },
+            })
+        ```
+
         ### Config Management With Regional Membership
 
         ```python
@@ -748,6 +794,52 @@ class FeatureMembership(pulumi.CustomResource):
             })
         ```
 
+        ### Config Management With Deployment Override
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        cluster = gcp.container.Cluster("cluster",
+            name="my-cluster",
+            location="us-central1-a",
+            initial_node_count=1)
+        membership = gcp.gkehub.Membership("membership",
+            membership_id="my-membership",
+            endpoint={
+                "gke_cluster": {
+                    "resource_link": cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
+                },
+            })
+        feature = gcp.gkehub.Feature("feature",
+            name="configmanagement",
+            location="global",
+            labels={
+                "foo": "bar",
+            })
+        feature_member = gcp.gkehub.FeatureMembership("feature_member",
+            location="global",
+            feature=feature.name,
+            membership=membership.membership_id,
+            configmanagement={
+                "version": "1.20.1",
+                "config_sync": {
+                    "enabled": True,
+                    "deployment_overrides": [{
+                        "deployment_name": "reconciler-manager",
+                        "deployment_namespace": "config-management-system",
+                        "containers": [{
+                            "container_name": "reconciler-manager",
+                            "cpu_request": "100m",
+                            "memory_request": "64Mi",
+                            "cpu_limit": "250m",
+                            "memory_limit": "128Mi",
+                        }],
+                    }],
+                },
+            })
+        ```
+
         ### Config Management With Regional Membership
 
         ```python

pulumi_gcp/gkehub/outputs.py

@@ -1435,7 +1435,7 @@ class FeatureMembershipConfigmanagementConfigSync(dict):
                  source_format: Optional[builtins.str] = None,
                  stop_syncing: Optional[builtins.bool] = None):
         """
-        :param Sequence['FeatureMembershipConfigmanagementConfigSyncDeploymentOverrideArgs'] deployment_overrides: The override configurations for the Config Sync Deployments. Structure is documented below.
+        :param Sequence['FeatureMembershipConfigmanagementConfigSyncDeploymentOverrideArgs'] deployment_overrides: The override configurations for the Config Sync Deployments. Structure is documented below. The field is only available on Config Sync version 1.20.1 or later.
         :param builtins.bool enabled: Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
         :param 'FeatureMembershipConfigmanagementConfigSyncGitArgs' git: (Optional) Structure is documented below.
         :param builtins.str metrics_gcp_service_account_email: Deprecated: If Workload Identity Federation for GKE is enabled, Google Cloud Service Account is no longer needed for exporting Config Sync metrics: https://cloud.google.com/kubernetes-engine/enterprise/config-sync/docs/how-to/monitor-config-sync-cloud-monitoring#custom-monitoring.
@@ -1467,7 +1467,7 @@ class FeatureMembershipConfigmanagementConfigSync(dict):
     @pulumi.getter(name="deploymentOverrides")
     def deployment_overrides(self) -> Optional[Sequence['outputs.FeatureMembershipConfigmanagementConfigSyncDeploymentOverride']]:
         """
-        The override configurations for the Config Sync Deployments. Structure is documented below.
+        The override configurations for the Config Sync Deployments. Structure is documented below. The field is only available on Config Sync version 1.20.1 or later.
         """
         return pulumi.get(self, "deployment_overrides")
 

pulumi_gcp/identityplatform/_inputs.py

@@ -66,6 +66,8 @@ __all__ = [
     'InboundSamlConfigSpConfigArgsDict',
     'InboundSamlConfigSpConfigSpCertificateArgs',
     'InboundSamlConfigSpConfigSpCertificateArgsDict',
+    'OauthIdpConfigResponseTypeArgs',
+    'OauthIdpConfigResponseTypeArgsDict',
     'TenantClientArgs',
     'TenantClientArgsDict',
     'TenantClientPermissionsArgs',
@@ -1575,6 +1577,58 @@ class InboundSamlConfigSpConfigSpCertificateArgs:
         pulumi.set(self, "x509_certificate", value)
 
 
+if not MYPY:
+    class OauthIdpConfigResponseTypeArgsDict(TypedDict):
+        code: NotRequired[pulumi.Input[builtins.bool]]
+        """
+        If true, authorization code is returned from IdP's authorization endpoint.
+        """
+        id_token: NotRequired[pulumi.Input[builtins.bool]]
+        """
+        If true, ID token is returned from IdP's authorization endpoint.
+        """
+elif False:
+    OauthIdpConfigResponseTypeArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class OauthIdpConfigResponseTypeArgs:
+    def __init__(__self__, *,
+                 code: Optional[pulumi.Input[builtins.bool]] = None,
+                 id_token: Optional[pulumi.Input[builtins.bool]] = None):
+        """
+        :param pulumi.Input[builtins.bool] code: If true, authorization code is returned from IdP's authorization endpoint.
+        :param pulumi.Input[builtins.bool] id_token: If true, ID token is returned from IdP's authorization endpoint.
+        """
+        if code is not None:
+            pulumi.set(__self__, "code", code)
+        if id_token is not None:
+            pulumi.set(__self__, "id_token", id_token)
+
+    @property
+    @pulumi.getter
+    def code(self) -> Optional[pulumi.Input[builtins.bool]]:
+        """
+        If true, authorization code is returned from IdP's authorization endpoint.
+        """
+        return pulumi.get(self, "code")
+
+    @code.setter
+    def code(self, value: Optional[pulumi.Input[builtins.bool]]):
+        pulumi.set(self, "code", value)
+
+    @property
+    @pulumi.getter(name="idToken")
+    def id_token(self) -> Optional[pulumi.Input[builtins.bool]]:
+        """
+        If true, ID token is returned from IdP's authorization endpoint.
+        """
+        return pulumi.get(self, "id_token")
+
+    @id_token.setter
+    def id_token(self, value: Optional[pulumi.Input[builtins.bool]]):
+        pulumi.set(self, "id_token", value)
+
+
 if not MYPY:
     class TenantClientArgsDict(TypedDict):
         permissions: NotRequired[pulumi.Input['TenantClientPermissionsArgsDict']]

pulumi_gcp/identityplatform/oauth_idp_config.py

@@ -14,6 +14,8 @@ if sys.version_info >= (3, 11):
 else:
     from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
+from . import outputs
+from ._inputs import *
 
 __all__ = ['OauthIdpConfigArgs', 'OauthIdpConfig']
 
@@ -26,7 +28,8 @@ class OauthIdpConfigArgs:
                  display_name: Optional[pulumi.Input[builtins.str]] = None,
                  enabled: Optional[pulumi.Input[builtins.bool]] = None,
                  name: Optional[pulumi.Input[builtins.str]] = None,
-                 project: Optional[pulumi.Input[builtins.str]] = None):
+                 project: Optional[pulumi.Input[builtins.str]] = None,
+                 response_type: Optional[pulumi.Input['OauthIdpConfigResponseTypeArgs']] = None):
         """
         The set of arguments for constructing a OauthIdpConfig resource.
         :param pulumi.Input[builtins.str] client_id: The client id of an OAuth client.
@@ -40,6 +43,10 @@ class OauthIdpConfigArgs:
         :param pulumi.Input[builtins.str] name: The name of the OauthIdpConfig. Must start with `oidc.`.
         :param pulumi.Input[builtins.str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
+        :param pulumi.Input['OauthIdpConfigResponseTypeArgs'] response_type: The response type to request for in the OAuth authorization flow.
+               You can set either idToken or code to true, but not both.
+               Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+               Structure is documented below.
         """
         pulumi.set(__self__, "client_id", client_id)
         pulumi.set(__self__, "issuer", issuer)
@@ -53,6 +60,8 @@ class OauthIdpConfigArgs:
             pulumi.set(__self__, "name", name)
         if project is not None:
             pulumi.set(__self__, "project", project)
+        if response_type is not None:
+            pulumi.set(__self__, "response_type", response_type)
 
     @property
     @pulumi.getter(name="clientId")
@@ -142,6 +151,21 @@ class OauthIdpConfigArgs:
     def project(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "project", value)
 
+    @property
+    @pulumi.getter(name="responseType")
+    def response_type(self) -> Optional[pulumi.Input['OauthIdpConfigResponseTypeArgs']]:
+        """
+        The response type to request for in the OAuth authorization flow.
+        You can set either idToken or code to true, but not both.
+        Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "response_type")
+
+    @response_type.setter
+    def response_type(self, value: Optional[pulumi.Input['OauthIdpConfigResponseTypeArgs']]):
+        pulumi.set(self, "response_type", value)
+
 
 @pulumi.input_type
 class _OauthIdpConfigState:
@@ -152,7 +176,8 @@ class _OauthIdpConfigState:
                  enabled: Optional[pulumi.Input[builtins.bool]] = None,
                  issuer: Optional[pulumi.Input[builtins.str]] = None,
                  name: Optional[pulumi.Input[builtins.str]] = None,
-                 project: Optional[pulumi.Input[builtins.str]] = None):
+                 project: Optional[pulumi.Input[builtins.str]] = None,
+                 response_type: Optional[pulumi.Input['OauthIdpConfigResponseTypeArgs']] = None):
         """
         Input properties used for looking up and filtering OauthIdpConfig resources.
         :param pulumi.Input[builtins.str] client_id: The client id of an OAuth client.
@@ -166,6 +191,10 @@ class _OauthIdpConfigState:
         :param pulumi.Input[builtins.str] name: The name of the OauthIdpConfig. Must start with `oidc.`.
         :param pulumi.Input[builtins.str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
+        :param pulumi.Input['OauthIdpConfigResponseTypeArgs'] response_type: The response type to request for in the OAuth authorization flow.
+               You can set either idToken or code to true, but not both.
+               Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+               Structure is documented below.
         """
         if client_id is not None:
             pulumi.set(__self__, "client_id", client_id)
@@ -181,6 +210,8 @@ class _OauthIdpConfigState:
             pulumi.set(__self__, "name", name)
         if project is not None:
             pulumi.set(__self__, "project", project)
+        if response_type is not None:
+            pulumi.set(__self__, "response_type", response_type)
 
     @property
     @pulumi.getter(name="clientId")
@@ -270,6 +301,21 @@ class _OauthIdpConfigState:
     def project(self, value: Optional[pulumi.Input[builtins.str]]):
         pulumi.set(self, "project", value)
 
+    @property
+    @pulumi.getter(name="responseType")
+    def response_type(self) -> Optional[pulumi.Input['OauthIdpConfigResponseTypeArgs']]:
+        """
+        The response type to request for in the OAuth authorization flow.
+        You can set either idToken or code to true, but not both.
+        Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "response_type")
+
+    @response_type.setter
+    def response_type(self, value: Optional[pulumi.Input['OauthIdpConfigResponseTypeArgs']]):
+        pulumi.set(self, "response_type", value)
+
 
 class OauthIdpConfig(pulumi.CustomResource):
 
@@ -286,6 +332,7 @@ class OauthIdpConfig(pulumi.CustomResource):
                  issuer: Optional[pulumi.Input[builtins.str]] = None,
                  name: Optional[pulumi.Input[builtins.str]] = None,
                  project: Optional[pulumi.Input[builtins.str]] = None,
+                 response_type: Optional[pulumi.Input[Union['OauthIdpConfigResponseTypeArgs', 'OauthIdpConfigResponseTypeArgsDict']]] = None,
                  __props__=None):
         """
         OIDC IdP configuration for a Identity Toolkit project.
@@ -308,7 +355,11 @@ class OauthIdpConfig(pulumi.CustomResource):
             client_id="client-id",
             issuer="issuer",
             enabled=True,
-            client_secret="secret")
+            client_secret="secret",
+            response_type={
+                "id_token": True,
+                "code": False,
+            })
         ```
 
         ## Import
@@ -348,6 +399,10 @@ class OauthIdpConfig(pulumi.CustomResource):
         :param pulumi.Input[builtins.str] name: The name of the OauthIdpConfig. Must start with `oidc.`.
         :param pulumi.Input[builtins.str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
+        :param pulumi.Input[Union['OauthIdpConfigResponseTypeArgs', 'OauthIdpConfigResponseTypeArgsDict']] response_type: The response type to request for in the OAuth authorization flow.
+               You can set either idToken or code to true, but not both.
+               Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+               Structure is documented below.
         """
         ...
     @overload
@@ -376,7 +431,11 @@ class OauthIdpConfig(pulumi.CustomResource):
             client_id="client-id",
             issuer="issuer",
             enabled=True,
-            client_secret="secret")
+            client_secret="secret",
+            response_type={
+                "id_token": True,
+                "code": False,
+            })
         ```
 
         ## Import
@@ -425,6 +484,7 @@ class OauthIdpConfig(pulumi.CustomResource):
                  issuer: Optional[pulumi.Input[builtins.str]] = None,
                  name: Optional[pulumi.Input[builtins.str]] = None,
                  project: Optional[pulumi.Input[builtins.str]] = None,
+                 response_type: Optional[pulumi.Input[Union['OauthIdpConfigResponseTypeArgs', 'OauthIdpConfigResponseTypeArgsDict']]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -445,6 +505,7 @@ class OauthIdpConfig(pulumi.CustomResource):
             __props__.__dict__["issuer"] = issuer
             __props__.__dict__["name"] = name
             __props__.__dict__["project"] = project
+            __props__.__dict__["response_type"] = response_type
         super(OauthIdpConfig, __self__).__init__(
             'gcp:identityplatform/oauthIdpConfig:OauthIdpConfig',
             resource_name,
@@ -461,7 +522,8 @@ class OauthIdpConfig(pulumi.CustomResource):
             enabled: Optional[pulumi.Input[builtins.bool]] = None,
             issuer: Optional[pulumi.Input[builtins.str]] = None,
             name: Optional[pulumi.Input[builtins.str]] = None,
-            project: Optional[pulumi.Input[builtins.str]] = None) -> 'OauthIdpConfig':
+            project: Optional[pulumi.Input[builtins.str]] = None,
+            response_type: Optional[pulumi.Input[Union['OauthIdpConfigResponseTypeArgs', 'OauthIdpConfigResponseTypeArgsDict']]] = None) -> 'OauthIdpConfig':
         """
         Get an existing OauthIdpConfig resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -480,6 +542,10 @@ class OauthIdpConfig(pulumi.CustomResource):
         :param pulumi.Input[builtins.str] name: The name of the OauthIdpConfig. Must start with `oidc.`.
         :param pulumi.Input[builtins.str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
+        :param pulumi.Input[Union['OauthIdpConfigResponseTypeArgs', 'OauthIdpConfigResponseTypeArgsDict']] response_type: The response type to request for in the OAuth authorization flow.
+               You can set either idToken or code to true, but not both.
+               Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+               Structure is documented below.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -492,6 +558,7 @@ class OauthIdpConfig(pulumi.CustomResource):
         __props__.__dict__["issuer"] = issuer
         __props__.__dict__["name"] = name
         __props__.__dict__["project"] = project
+        __props__.__dict__["response_type"] = response_type
         return OauthIdpConfig(resource_name, opts=opts, __props__=__props__)
 
     @property
@@ -554,3 +621,14 @@ class OauthIdpConfig(pulumi.CustomResource):
         """
         return pulumi.get(self, "project")
 
+    @property
+    @pulumi.getter(name="responseType")
+    def response_type(self) -> pulumi.Output[Optional['outputs.OauthIdpConfigResponseType']]:
+        """
+        The response type to request for in the OAuth authorization flow.
+        You can set either idToken or code to true, but not both.
+        Setting both types to be simultaneously true ({code: true, idToken: true}) is not yet supported.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "response_type")
+

pulumi_gcp/identityplatform/outputs.py

@@ -42,6 +42,7 @@ __all__ = [
     'InboundSamlConfigIdpConfigIdpCertificate',
     'InboundSamlConfigSpConfig',
     'InboundSamlConfigSpConfigSpCertificate',
+    'OauthIdpConfigResponseType',
     'TenantClient',
     'TenantClientPermissions',
     'TenantInboundSamlConfigIdpConfig',
@@ -1373,6 +1374,54 @@ class InboundSamlConfigSpConfigSpCertificate(dict):
         return pulumi.get(self, "x509_certificate")
 
 
+@pulumi.output_type
+class OauthIdpConfigResponseType(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "idToken":
+            suggest = "id_token"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in OauthIdpConfigResponseType. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        OauthIdpConfigResponseType.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        OauthIdpConfigResponseType.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 code: Optional[builtins.bool] = None,
+                 id_token: Optional[builtins.bool] = None):
+        """
+        :param builtins.bool code: If true, authorization code is returned from IdP's authorization endpoint.
+        :param builtins.bool id_token: If true, ID token is returned from IdP's authorization endpoint.
+        """
+        if code is not None:
+            pulumi.set(__self__, "code", code)
+        if id_token is not None:
+            pulumi.set(__self__, "id_token", id_token)
+
+    @property
+    @pulumi.getter
+    def code(self) -> Optional[builtins.bool]:
+        """
+        If true, authorization code is returned from IdP's authorization endpoint.
+        """
+        return pulumi.get(self, "code")
+
+    @property
+    @pulumi.getter(name="idToken")
+    def id_token(self) -> Optional[builtins.bool]:
+        """
+        If true, ID token is returned from IdP's authorization endpoint.
+        """
+        return pulumi.get(self, "id_token")
+
+
 @pulumi.output_type
 class TenantClient(dict):
     def __init__(__self__, *,

pulumi_gcp/memcache/__init__.py

@@ -6,6 +6,7 @@ import builtins
 from .. import _utilities
 import typing
 # Export this package's modules as members:
+from .get_instance import *
 from .instance import *
 from ._inputs import *
 from . import outputs