pulumi-gcp 9.0.0a1__py3-none-any.whl → 9.0.0a1758219982__py3-none-any.whl

pulumi_gcp/networksecurity/authorization_policy.py

@@ -366,6 +366,12 @@ class AuthorizationPolicy(pulumi.CustomResource):
                  rules: Optional[pulumi.Input[Sequence[pulumi.Input[Union['AuthorizationPolicyRuleArgs', 'AuthorizationPolicyRuleArgsDict']]]]] = None,
                  __props__=None):
         """
+        AuthorizationPolicy is a resource that specifies how a server should authorize incoming connections. This resource in itself does not change the configuration unless it's attached to a target https proxy or endpoint config selector resource.
+
+        To get more information about AuthorizationPolicy, see:
+
+        * [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/projects.locations.authorizationPolicies)
+
         ## Example Usage
 
         ### Network Security Authorization Policy Basic
@@ -466,6 +472,12 @@ class AuthorizationPolicy(pulumi.CustomResource):
                  args: AuthorizationPolicyArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        AuthorizationPolicy is a resource that specifies how a server should authorize incoming connections. This resource in itself does not change the configuration unless it's attached to a target https proxy or endpoint config selector resource.
+
+        To get more information about AuthorizationPolicy, see:
+
+        * [API documentation](https://cloud.google.com/traffic-director/docs/reference/network-security/rest/v1beta1/projects.locations.authorizationPolicies)
+
         ## Example Usage
 
         ### Network Security Authorization Policy Basic

pulumi_gcp/networkservices/gateway.py

@@ -75,7 +75,7 @@ class GatewayArgs:
         :param pulumi.Input[_builtins.str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[_builtins.str] routing_mode: The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-               Possible values are: `NEXT_HOP_ROUTING_MODE`.
+               Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         :param pulumi.Input[_builtins.str] scope: Immutable. Scope determines how configuration across multiple Gateway instances are merged.
                The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
                Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
@@ -313,7 +313,7 @@ class GatewayArgs:
     def routing_mode(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-        Possible values are: `NEXT_HOP_ROUTING_MODE`.
+        Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         """
         return pulumi.get(self, "routing_mode")
 
@@ -428,7 +428,7 @@ class _GatewayState:
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] pulumi_labels: The combination of labels configured directly on the resource
                and default labels configured on the provider.
         :param pulumi.Input[_builtins.str] routing_mode: The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-               Possible values are: `NEXT_HOP_ROUTING_MODE`.
+               Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         :param pulumi.Input[_builtins.str] scope: Immutable. Scope determines how configuration across multiple Gateway instances are merged.
                The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
                Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
@@ -706,7 +706,7 @@ class _GatewayState:
     def routing_mode(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-        Possible values are: `NEXT_HOP_ROUTING_MODE`.
+        Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         """
         return pulumi.get(self, "routing_mode")
 
@@ -1045,7 +1045,7 @@ class Gateway(pulumi.CustomResource):
         :param pulumi.Input[_builtins.str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[_builtins.str] routing_mode: The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-               Possible values are: `NEXT_HOP_ROUTING_MODE`.
+               Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         :param pulumi.Input[_builtins.str] scope: Immutable. Scope determines how configuration across multiple Gateway instances are merged.
                The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
                Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
@@ -1403,7 +1403,7 @@ class Gateway(pulumi.CustomResource):
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] pulumi_labels: The combination of labels configured directly on the resource
                and default labels configured on the provider.
         :param pulumi.Input[_builtins.str] routing_mode: The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-               Possible values are: `NEXT_HOP_ROUTING_MODE`.
+               Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         :param pulumi.Input[_builtins.str] scope: Immutable. Scope determines how configuration across multiple Gateway instances are merged.
                The configuration for multiple Gateway instances with the same scope will be merged as presented as a single coniguration to the proxy/load balancer.
                Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.
@@ -1599,7 +1599,7 @@ class Gateway(pulumi.CustomResource):
     def routing_mode(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         The routing mode of the Gateway. This field is configurable only for gateways of type SECURE_WEB_GATEWAY. This field is required for gateways of type SECURE_WEB_GATEWAY.
-        Possible values are: `NEXT_HOP_ROUTING_MODE`.
+        Possible values are: `NEXT_HOP_ROUTING_MODE`, `EXPLICIT_ROUTING_MODE`.
         """
         return pulumi.get(self, "routing_mode")
 

pulumi_gcp/networkservices/service_lb_policies.py

@@ -395,6 +395,12 @@ class ServiceLbPolicies(pulumi.CustomResource):
                  project: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
+        ServiceLbPolicy holds global load balancing and traffic distribution configuration that can be applied to a BackendService.
+
+        To get more information about ServiceLbPolicies, see:
+
+        * [API documentation](https://cloud.google.com/service-mesh/docs/reference/network-services/rest/v1/projects.locations.serviceLbPolicies)
+
         ## Example Usage
 
         ### Network Services Service Lb Policies Basic
@@ -483,6 +489,12 @@ class ServiceLbPolicies(pulumi.CustomResource):
                  args: ServiceLbPoliciesArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        ServiceLbPolicy holds global load balancing and traffic distribution configuration that can be applied to a BackendService.
+
+        To get more information about ServiceLbPolicies, see:
+
+        * [API documentation](https://cloud.google.com/service-mesh/docs/reference/network-services/rest/v1/projects.locations.serviceLbPolicies)
+
         ## Example Usage
 
         ### Network Services Service Lb Policies Basic

pulumi_gcp/oracledatabase/autonomous_database.py

@@ -1224,7 +1224,7 @@ class AutonomousDatabase(pulumi.CustomResource):
 
     @_builtins.property
     @pulumi.getter(name="odbNetwork")
-    def odb_network(self) -> pulumi.Output[Optional[_builtins.str]]:
+    def odb_network(self) -> pulumi.Output[_builtins.str]:
         """
         The name of the OdbNetwork associated with the Autonomous Database.
         Format:
@@ -1236,7 +1236,7 @@ class AutonomousDatabase(pulumi.CustomResource):
 
     @_builtins.property
     @pulumi.getter(name="odbSubnet")
-    def odb_subnet(self) -> pulumi.Output[Optional[_builtins.str]]:
+    def odb_subnet(self) -> pulumi.Output[_builtins.str]:
         """
         The name of the OdbSubnet associated with the Autonomous Database for
         IP allocation. Format:

pulumi_gcp/organizations/project.py

@@ -30,9 +30,7 @@ class ProjectArgs:
                  tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None):
         """
         The set of arguments for constructing a Project resource.
-        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-               that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-               if you set auto_create_network to false, since the network will exist momentarily.
+        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         :param pulumi.Input[_builtins.str] billing_account: The alphanumeric ID of the billing account this project
                belongs to. The user or service account performing this operation with the provider
                must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
@@ -79,9 +77,7 @@ class ProjectArgs:
     @pulumi.getter(name="autoCreateNetwork")
     def auto_create_network(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-        that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-        if you set auto_create_network to false, since the network will exist momentarily.
+        Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         """
         return pulumi.get(self, "auto_create_network")
 
@@ -215,9 +211,7 @@ class _ProjectState:
                  tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None):
         """
         Input properties used for looking up and filtering Project resources.
-        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-               that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-               if you set auto_create_network to false, since the network will exist momentarily.
+        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         :param pulumi.Input[_builtins.str] billing_account: The alphanumeric ID of the billing account this project
                belongs to. The user or service account performing this operation with the provider
                must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
@@ -273,9 +267,7 @@ class _ProjectState:
     @pulumi.getter(name="autoCreateNetwork")
     def auto_create_network(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-        that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-        if you set auto_create_network to false, since the network will exist momentarily.
+        Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         """
         return pulumi.get(self, "auto_create_network")
 
@@ -523,9 +515,7 @@ class Project(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-               that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-               if you set auto_create_network to false, since the network will exist momentarily.
+        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         :param pulumi.Input[_builtins.str] billing_account: The alphanumeric ID of the billing account this project
                belongs to. The user or service account performing this operation with the provider
                must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
@@ -708,9 +698,7 @@ class Project(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-               that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-               if you set auto_create_network to false, since the network will exist momentarily.
+        :param pulumi.Input[_builtins.bool] auto_create_network: Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         :param pulumi.Input[_builtins.str] billing_account: The alphanumeric ID of the billing account this project
                belongs to. The user or service account performing this operation with the provider
                must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
@@ -759,9 +747,7 @@ class Project(pulumi.CustomResource):
     @pulumi.getter(name="autoCreateNetwork")
     def auto_create_network(self) -> pulumi.Output[Optional[_builtins.bool]]:
         """
-        Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
-        that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
-        if you set auto_create_network to false, since the network will exist momentarily.
+        Create the 'default' network automatically.  Default true. If set to false, the default network will be deleted.  Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.
         """
         return pulumi.get(self, "auto_create_network")
 

pulumi_gcp/projects/service.py

@@ -30,7 +30,6 @@ class ServiceArgs:
         :param pulumi.Input[_builtins.bool] check_if_service_has_usage_on_destroy: Beta
                If `true`, the usage of the service to be disabled will be checked and an error
                will be returned if the service to be disabled has usage in last 30 days.
-               Defaults to `false`.
         :param pulumi.Input[_builtins.bool] disable_dependent_services: If `true`, services that are enabled
                and which depend on this service should also be disabled when this service is
                destroyed. If `false` or unset, an error will be generated if any enabled
@@ -67,7 +66,6 @@ class ServiceArgs:
         Beta
         If `true`, the usage of the service to be disabled will be checked and an error
         will be returned if the service to be disabled has usage in last 30 days.
-        Defaults to `false`.
         """
         return pulumi.get(self, "check_if_service_has_usage_on_destroy")
 
@@ -126,7 +124,6 @@ class _ServiceState:
         :param pulumi.Input[_builtins.bool] check_if_service_has_usage_on_destroy: Beta
                If `true`, the usage of the service to be disabled will be checked and an error
                will be returned if the service to be disabled has usage in last 30 days.
-               Defaults to `false`.
         :param pulumi.Input[_builtins.bool] disable_dependent_services: If `true`, services that are enabled
                and which depend on this service should also be disabled when this service is
                destroyed. If `false` or unset, an error will be generated if any enabled
@@ -153,7 +150,6 @@ class _ServiceState:
         Beta
         If `true`, the usage of the service to be disabled will be checked and an error
         will be returned if the service to be disabled has usage in last 30 days.
-        Defaults to `false`.
         """
         return pulumi.get(self, "check_if_service_has_usage_on_destroy")
 
@@ -262,7 +258,6 @@ class Service(pulumi.CustomResource):
         :param pulumi.Input[_builtins.bool] check_if_service_has_usage_on_destroy: Beta
                If `true`, the usage of the service to be disabled will be checked and an error
                will be returned if the service to be disabled has usage in last 30 days.
-               Defaults to `false`.
         :param pulumi.Input[_builtins.bool] disable_dependent_services: If `true`, services that are enabled
                and which depend on this service should also be disabled when this service is
                destroyed. If `false` or unset, an error will be generated if any enabled
@@ -372,7 +367,6 @@ class Service(pulumi.CustomResource):
         :param pulumi.Input[_builtins.bool] check_if_service_has_usage_on_destroy: Beta
                If `true`, the usage of the service to be disabled will be checked and an error
                will be returned if the service to be disabled has usage in last 30 days.
-               Defaults to `false`.
         :param pulumi.Input[_builtins.bool] disable_dependent_services: If `true`, services that are enabled
                and which depend on this service should also be disabled when this service is
                destroyed. If `false` or unset, an error will be generated if any enabled
@@ -399,7 +393,6 @@ class Service(pulumi.CustomResource):
         Beta
         If `true`, the usage of the service to be disabled will be checked and an error
         will be returned if the service to be disabled has usage in last 30 days.
-        Defaults to `false`.
         """
         return pulumi.get(self, "check_if_service_has_usage_on_destroy")
 

pulumi_gcp/pulumi-plugin.json

@@ -1,5 +1,5 @@
 {
   "resource": true,
   "name": "gcp",
-  "version": "9.0.0-alpha.1"
+  "version": "9.0.0-alpha.1758219982"
 }

pulumi_gcp/resourcemanager/capability.py

@@ -136,6 +136,14 @@ class Capability(pulumi.CustomResource):
                  value: Optional[pulumi.Input[_builtins.bool]] = None,
                  __props__=None):
         """
+        An app-enabled folder is a folder within the Google Cloud resource hierarchy that has been configured for application management. This folder lets you define and manage App Hub applications. These applications are functional groupings of services and workloads that span multiple projects within that folder and its descendant projects.
+
+        To get more information about Capability, see:
+
+        * [API documentation](https://cloud.google.com/resource-manager/reference/rest)
+        * How-to Guides
+            * [Official Documentation](https://cloud.google.com/resource-manager/docs/manage-applications)
+
         ## Example Usage
 
         ### Resource Manager Capability
@@ -189,6 +197,14 @@ class Capability(pulumi.CustomResource):
                  args: CapabilityArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        An app-enabled folder is a folder within the Google Cloud resource hierarchy that has been configured for application management. This folder lets you define and manage App Hub applications. These applications are functional groupings of services and workloads that span multiple projects within that folder and its descendant projects.
+
+        To get more information about Capability, see:
+
+        * [API documentation](https://cloud.google.com/resource-manager/reference/rest)
+        * How-to Guides
+            * [Official Documentation](https://cloud.google.com/resource-manager/docs/manage-applications)
+
         ## Example Usage
 
         ### Resource Manager Capability

pulumi_gcp/runtimeconfig/config.py

@@ -155,6 +155,14 @@ class Config(pulumi.CustomResource):
                  project: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
+        Manages a RuntimeConfig resource in Google Cloud.
+
+        To get more information about RuntimeConfigs, see:
+
+        * [API documentation](https://cloud.google.com/deployment-manager/runtime-configurator/reference/rest/v1beta1/projects.configs)
+        * How-to Guides
+            * [Runtime Configurator Fundamentals](https://cloud.google.com/deployment-manager/runtime-configurator/)
+
         ## Example Usage
 
         Example creating a RuntimeConfig resource.
@@ -205,6 +213,14 @@ class Config(pulumi.CustomResource):
                  args: Optional[ConfigArgs] = None,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        Manages a RuntimeConfig resource in Google Cloud.
+
+        To get more information about RuntimeConfigs, see:
+
+        * [API documentation](https://cloud.google.com/deployment-manager/runtime-configurator/reference/rest/v1beta1/projects.configs)
+        * How-to Guides
+            * [Runtime Configurator Fundamentals](https://cloud.google.com/deployment-manager/runtime-configurator/)
+
         ## Example Usage
 
         Example creating a RuntimeConfig resource.

pulumi_gcp/runtimeconfig/config_iam_binding.py

@@ -264,6 +264,124 @@ class ConfigIamBinding(pulumi.CustomResource):
                  role: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
+        Three different resources help you manage your IAM policy for Runtime Configurator Config. Each of these resources serves a different use case:
+
+        * `runtimeconfig.ConfigIamPolicy`: Authoritative. Sets the IAM policy for the config and replaces any existing policy already attached.
+        * `runtimeconfig.ConfigIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the config are preserved.
+        * `runtimeconfig.ConfigIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the config are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `runtimeconfig.ConfigIamPolicy`: Retrieves the IAM policy for the config
+
+        > **Note:** `runtimeconfig.ConfigIamPolicy` **cannot** be used in conjunction with `runtimeconfig.ConfigIamBinding` and `runtimeconfig.ConfigIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `runtimeconfig.ConfigIamBinding` resources **can be** used in conjunction with `runtimeconfig.ConfigIamMember` resources **only if** they do not grant privilege to the same role.
+
+        ## runtimeconfig.ConfigIamPolicy
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        admin = gcp.organizations.get_iam_policy(bindings=[{
+            "role": "roles/viewer",
+            "members": ["user:jane@example.com"],
+        }])
+        policy = gcp.runtimeconfig.ConfigIamPolicy("policy",
+            project=config["project"],
+            config=config["name"],
+            policy_data=admin.policy_data)
+        ```
+
+        ## runtimeconfig.ConfigIamBinding
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        binding = gcp.runtimeconfig.ConfigIamBinding("binding",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            members=["user:jane@example.com"])
+        ```
+
+        ## runtimeconfig.ConfigIamMember
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        member = gcp.runtimeconfig.ConfigIamMember("member",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            member="user:jane@example.com")
+        ```
+
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Runtime Configurator Config
+
+        Three different resources help you manage your IAM policy for Runtime Configurator Config. Each of these resources serves a different use case:
+
+        * `runtimeconfig.ConfigIamPolicy`: Authoritative. Sets the IAM policy for the config and replaces any existing policy already attached.
+        * `runtimeconfig.ConfigIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the config are preserved.
+        * `runtimeconfig.ConfigIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the config are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `runtimeconfig.ConfigIamPolicy`: Retrieves the IAM policy for the config
+
+        > **Note:** `runtimeconfig.ConfigIamPolicy` **cannot** be used in conjunction with `runtimeconfig.ConfigIamBinding` and `runtimeconfig.ConfigIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `runtimeconfig.ConfigIamBinding` resources **can be** used in conjunction with `runtimeconfig.ConfigIamMember` resources **only if** they do not grant privilege to the same role.
+
+        ## runtimeconfig.ConfigIamPolicy
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        admin = gcp.organizations.get_iam_policy(bindings=[{
+            "role": "roles/viewer",
+            "members": ["user:jane@example.com"],
+        }])
+        policy = gcp.runtimeconfig.ConfigIamPolicy("policy",
+            project=config["project"],
+            config=config["name"],
+            policy_data=admin.policy_data)
+        ```
+
+        ## runtimeconfig.ConfigIamBinding
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        binding = gcp.runtimeconfig.ConfigIamBinding("binding",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            members=["user:jane@example.com"])
+        ```
+
+        ## runtimeconfig.ConfigIamMember
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        member = gcp.runtimeconfig.ConfigIamMember("member",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            member="user:jane@example.com")
+        ```
+
         ## Import
 
         For all import syntaxes, the "resource in question" can take any of the following forms:
@@ -327,6 +445,124 @@ class ConfigIamBinding(pulumi.CustomResource):
                  args: ConfigIamBindingArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
+        Three different resources help you manage your IAM policy for Runtime Configurator Config. Each of these resources serves a different use case:
+
+        * `runtimeconfig.ConfigIamPolicy`: Authoritative. Sets the IAM policy for the config and replaces any existing policy already attached.
+        * `runtimeconfig.ConfigIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the config are preserved.
+        * `runtimeconfig.ConfigIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the config are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `runtimeconfig.ConfigIamPolicy`: Retrieves the IAM policy for the config
+
+        > **Note:** `runtimeconfig.ConfigIamPolicy` **cannot** be used in conjunction with `runtimeconfig.ConfigIamBinding` and `runtimeconfig.ConfigIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `runtimeconfig.ConfigIamBinding` resources **can be** used in conjunction with `runtimeconfig.ConfigIamMember` resources **only if** they do not grant privilege to the same role.
+
+        ## runtimeconfig.ConfigIamPolicy
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        admin = gcp.organizations.get_iam_policy(bindings=[{
+            "role": "roles/viewer",
+            "members": ["user:jane@example.com"],
+        }])
+        policy = gcp.runtimeconfig.ConfigIamPolicy("policy",
+            project=config["project"],
+            config=config["name"],
+            policy_data=admin.policy_data)
+        ```
+
+        ## runtimeconfig.ConfigIamBinding
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        binding = gcp.runtimeconfig.ConfigIamBinding("binding",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            members=["user:jane@example.com"])
+        ```
+
+        ## runtimeconfig.ConfigIamMember
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        member = gcp.runtimeconfig.ConfigIamMember("member",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            member="user:jane@example.com")
+        ```
+
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Runtime Configurator Config
+
+        Three different resources help you manage your IAM policy for Runtime Configurator Config. Each of these resources serves a different use case:
+
+        * `runtimeconfig.ConfigIamPolicy`: Authoritative. Sets the IAM policy for the config and replaces any existing policy already attached.
+        * `runtimeconfig.ConfigIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the config are preserved.
+        * `runtimeconfig.ConfigIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the config are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `runtimeconfig.ConfigIamPolicy`: Retrieves the IAM policy for the config
+
+        > **Note:** `runtimeconfig.ConfigIamPolicy` **cannot** be used in conjunction with `runtimeconfig.ConfigIamBinding` and `runtimeconfig.ConfigIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `runtimeconfig.ConfigIamBinding` resources **can be** used in conjunction with `runtimeconfig.ConfigIamMember` resources **only if** they do not grant privilege to the same role.
+
+        ## runtimeconfig.ConfigIamPolicy
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        admin = gcp.organizations.get_iam_policy(bindings=[{
+            "role": "roles/viewer",
+            "members": ["user:jane@example.com"],
+        }])
+        policy = gcp.runtimeconfig.ConfigIamPolicy("policy",
+            project=config["project"],
+            config=config["name"],
+            policy_data=admin.policy_data)
+        ```
+
+        ## runtimeconfig.ConfigIamBinding
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        binding = gcp.runtimeconfig.ConfigIamBinding("binding",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            members=["user:jane@example.com"])
+        ```
+
+        ## runtimeconfig.ConfigIamMember
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        member = gcp.runtimeconfig.ConfigIamMember("member",
+            project=config["project"],
+            config=config["name"],
+            role="roles/viewer",
+            member="user:jane@example.com")
+        ```
+
         ## Import
 
         For all import syntaxes, the "resource in question" can take any of the following forms: