pulumi-gcp 9.2.0a1759043191__py3-none-any.whl → 9.3.0__py3-none-any.whl

pulumi_gcp/kms/__init__.py

@@ -38,6 +38,7 @@ from .key_ring_iam_binding import *
 from .key_ring_iam_member import *
 from .key_ring_iam_policy import *
 from .key_ring_import_job import *
+from .organization_kaj_policy_config import *
 from .secret_ciphertext import *
 from ._inputs import *
 from . import outputs

pulumi_gcp/kms/_inputs.py

@@ -49,6 +49,8 @@ __all__ = [
     'KeyRingImportJobAttestationArgsDict',
     'KeyRingImportJobPublicKeyArgs',
     'KeyRingImportJobPublicKeyArgsDict',
+    'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs',
+    'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict',
 ]
 
 MYPY = False
@@ -1350,3 +1352,44 @@ class KeyRingImportJobPublicKeyArgs:
         pulumi.set(self, "pem", value)
 
 
+if not MYPY:
+    class OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict(TypedDict):
+        allowed_access_reasons: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        A KeyAccessJustificationsPolicy specifies zero or more allowed
+        AccessReason values for encrypt, decrypt, and sign operations on a
+        CryptoKey.
+        Each value may be one of: `CUSTOMER_INITIATED_SUPPORT`, `GOOGLE_INITIATED_SERVICE`, `THIRD_PARTY_DATA_REQUEST`, `GOOGLE_INITIATED_REVIEW`, `CUSTOMER_INITIATED_ACCESS`, `GOOGLE_INITIATED_SYSTEM_OPERATION`, `REASON_NOT_EXPECTED`, `MODIFIED_CUSTOMER_INITIATED_ACCESS`, `MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION`, `GOOGLE_RESPONSE_TO_PRODUCTION_ALERT`, `CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING`.
+        """
+elif False:
+    OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs:
+    def __init__(__self__, *,
+                 allowed_access_reasons: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None):
+        """
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_access_reasons: A KeyAccessJustificationsPolicy specifies zero or more allowed
+               AccessReason values for encrypt, decrypt, and sign operations on a
+               CryptoKey.
+               Each value may be one of: `CUSTOMER_INITIATED_SUPPORT`, `GOOGLE_INITIATED_SERVICE`, `THIRD_PARTY_DATA_REQUEST`, `GOOGLE_INITIATED_REVIEW`, `CUSTOMER_INITIATED_ACCESS`, `GOOGLE_INITIATED_SYSTEM_OPERATION`, `REASON_NOT_EXPECTED`, `MODIFIED_CUSTOMER_INITIATED_ACCESS`, `MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION`, `GOOGLE_RESPONSE_TO_PRODUCTION_ALERT`, `CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING`.
+        """
+        if allowed_access_reasons is not None:
+            pulumi.set(__self__, "allowed_access_reasons", allowed_access_reasons)
+
+    @_builtins.property
+    @pulumi.getter(name="allowedAccessReasons")
+    def allowed_access_reasons(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        A KeyAccessJustificationsPolicy specifies zero or more allowed
+        AccessReason values for encrypt, decrypt, and sign operations on a
+        CryptoKey.
+        Each value may be one of: `CUSTOMER_INITIATED_SUPPORT`, `GOOGLE_INITIATED_SERVICE`, `THIRD_PARTY_DATA_REQUEST`, `GOOGLE_INITIATED_REVIEW`, `CUSTOMER_INITIATED_ACCESS`, `GOOGLE_INITIATED_SYSTEM_OPERATION`, `REASON_NOT_EXPECTED`, `MODIFIED_CUSTOMER_INITIATED_ACCESS`, `MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION`, `GOOGLE_RESPONSE_TO_PRODUCTION_ALERT`, `CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING`.
+        """
+        return pulumi.get(self, "allowed_access_reasons")
+
+    @allowed_access_reasons.setter
+    def allowed_access_reasons(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "allowed_access_reasons", value)
+
+

pulumi_gcp/kms/organization_kaj_policy_config.py

@@ -0,0 +1,290 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+from . import outputs
+from ._inputs import *
+
+__all__ = ['OrganizationKajPolicyConfigArgs', 'OrganizationKajPolicyConfig']
+
+@pulumi.input_type
+class OrganizationKajPolicyConfigArgs:
+    def __init__(__self__, *,
+                 organization: pulumi.Input[_builtins.str],
+                 default_key_access_justification_policy: Optional[pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs']] = None):
+        """
+        The set of arguments for constructing a OrganizationKajPolicyConfig resource.
+        :param pulumi.Input[_builtins.str] organization: The organization number for which to retrieve config.
+        :param pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs'] default_key_access_justification_policy: The default key access justification policy used when a CryptoKey is
+               created in this organization. This is only used when a Key Access Justifications
+               policy is not provided in the CreateCryptoKeyRequest.
+               Structure is documented below.
+        """
+        pulumi.set(__self__, "organization", organization)
+        if default_key_access_justification_policy is not None:
+            pulumi.set(__self__, "default_key_access_justification_policy", default_key_access_justification_policy)
+
+    @_builtins.property
+    @pulumi.getter
+    def organization(self) -> pulumi.Input[_builtins.str]:
+        """
+        The organization number for which to retrieve config.
+        """
+        return pulumi.get(self, "organization")
+
+    @organization.setter
+    def organization(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "organization", value)
+
+    @_builtins.property
+    @pulumi.getter(name="defaultKeyAccessJustificationPolicy")
+    def default_key_access_justification_policy(self) -> Optional[pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs']]:
+        """
+        The default key access justification policy used when a CryptoKey is
+        created in this organization. This is only used when a Key Access Justifications
+        policy is not provided in the CreateCryptoKeyRequest.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "default_key_access_justification_policy")
+
+    @default_key_access_justification_policy.setter
+    def default_key_access_justification_policy(self, value: Optional[pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs']]):
+        pulumi.set(self, "default_key_access_justification_policy", value)
+
+
+@pulumi.input_type
+class _OrganizationKajPolicyConfigState:
+    def __init__(__self__, *,
+                 default_key_access_justification_policy: Optional[pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs']] = None,
+                 organization: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        Input properties used for looking up and filtering OrganizationKajPolicyConfig resources.
+        :param pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs'] default_key_access_justification_policy: The default key access justification policy used when a CryptoKey is
+               created in this organization. This is only used when a Key Access Justifications
+               policy is not provided in the CreateCryptoKeyRequest.
+               Structure is documented below.
+        :param pulumi.Input[_builtins.str] organization: The organization number for which to retrieve config.
+        """
+        if default_key_access_justification_policy is not None:
+            pulumi.set(__self__, "default_key_access_justification_policy", default_key_access_justification_policy)
+        if organization is not None:
+            pulumi.set(__self__, "organization", organization)
+
+    @_builtins.property
+    @pulumi.getter(name="defaultKeyAccessJustificationPolicy")
+    def default_key_access_justification_policy(self) -> Optional[pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs']]:
+        """
+        The default key access justification policy used when a CryptoKey is
+        created in this organization. This is only used when a Key Access Justifications
+        policy is not provided in the CreateCryptoKeyRequest.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "default_key_access_justification_policy")
+
+    @default_key_access_justification_policy.setter
+    def default_key_access_justification_policy(self, value: Optional[pulumi.Input['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs']]):
+        pulumi.set(self, "default_key_access_justification_policy", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def organization(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The organization number for which to retrieve config.
+        """
+        return pulumi.get(self, "organization")
+
+    @organization.setter
+    def organization(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "organization", value)
+
+
+@pulumi.type_token("gcp:kms/organizationKajPolicyConfig:OrganizationKajPolicyConfig")
+class OrganizationKajPolicyConfig(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 default_key_access_justification_policy: Optional[pulumi.Input[Union['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs', 'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict']]] = None,
+                 organization: Optional[pulumi.Input[_builtins.str]] = None,
+                 __props__=None):
+        """
+        ## Example Usage
+
+        ### Kms Organization Kaj Policy Config Basic
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        example = gcp.kms.OrganizationKajPolicyConfig("example",
+            organization="123456789",
+            default_key_access_justification_policy={
+                "allowed_access_reasons": [
+                    "CUSTOMER_INITIATED_ACCESS",
+                    "GOOGLE_INITIATED_SYSTEM_OPERATION",
+                ],
+            })
+        ```
+
+        ## Import
+
+        OrganizationKajPolicyConfig can be imported using any of these accepted formats:
+
+        * `organizations/{{organization}}/kajPolicyConfig`
+
+        * `{{organization}}`
+
+        When using the `pulumi import` command, OrganizationKajPolicyConfig can be imported using one of the formats above. For example:
+
+        ```sh
+        $ pulumi import gcp:kms/organizationKajPolicyConfig:OrganizationKajPolicyConfig default organizations/{{organization}}/kajPolicyConfig
+        ```
+
+        ```sh
+        $ pulumi import gcp:kms/organizationKajPolicyConfig:OrganizationKajPolicyConfig default {{organization}}
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[Union['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs', 'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict']] default_key_access_justification_policy: The default key access justification policy used when a CryptoKey is
+               created in this organization. This is only used when a Key Access Justifications
+               policy is not provided in the CreateCryptoKeyRequest.
+               Structure is documented below.
+        :param pulumi.Input[_builtins.str] organization: The organization number for which to retrieve config.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: OrganizationKajPolicyConfigArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        ## Example Usage
+
+        ### Kms Organization Kaj Policy Config Basic
+
+        ```python
+        import pulumi
+        import pulumi_gcp as gcp
+
+        example = gcp.kms.OrganizationKajPolicyConfig("example",
+            organization="123456789",
+            default_key_access_justification_policy={
+                "allowed_access_reasons": [
+                    "CUSTOMER_INITIATED_ACCESS",
+                    "GOOGLE_INITIATED_SYSTEM_OPERATION",
+                ],
+            })
+        ```
+
+        ## Import
+
+        OrganizationKajPolicyConfig can be imported using any of these accepted formats:
+
+        * `organizations/{{organization}}/kajPolicyConfig`
+
+        * `{{organization}}`
+
+        When using the `pulumi import` command, OrganizationKajPolicyConfig can be imported using one of the formats above. For example:
+
+        ```sh
+        $ pulumi import gcp:kms/organizationKajPolicyConfig:OrganizationKajPolicyConfig default organizations/{{organization}}/kajPolicyConfig
+        ```
+
+        ```sh
+        $ pulumi import gcp:kms/organizationKajPolicyConfig:OrganizationKajPolicyConfig default {{organization}}
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param OrganizationKajPolicyConfigArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(OrganizationKajPolicyConfigArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 default_key_access_justification_policy: Optional[pulumi.Input[Union['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs', 'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict']]] = None,
+                 organization: Optional[pulumi.Input[_builtins.str]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = OrganizationKajPolicyConfigArgs.__new__(OrganizationKajPolicyConfigArgs)
+
+            __props__.__dict__["default_key_access_justification_policy"] = default_key_access_justification_policy
+            if organization is None and not opts.urn:
+                raise TypeError("Missing required property 'organization'")
+            __props__.__dict__["organization"] = organization
+        super(OrganizationKajPolicyConfig, __self__).__init__(
+            'gcp:kms/organizationKajPolicyConfig:OrganizationKajPolicyConfig',
+            resource_name,
+            __props__,
+            opts)
+
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            default_key_access_justification_policy: Optional[pulumi.Input[Union['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs', 'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict']]] = None,
+            organization: Optional[pulumi.Input[_builtins.str]] = None) -> 'OrganizationKajPolicyConfig':
+        """
+        Get an existing OrganizationKajPolicyConfig resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[Union['OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgs', 'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicyArgsDict']] default_key_access_justification_policy: The default key access justification policy used when a CryptoKey is
+               created in this organization. This is only used when a Key Access Justifications
+               policy is not provided in the CreateCryptoKeyRequest.
+               Structure is documented below.
+        :param pulumi.Input[_builtins.str] organization: The organization number for which to retrieve config.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+
+        __props__ = _OrganizationKajPolicyConfigState.__new__(_OrganizationKajPolicyConfigState)
+
+        __props__.__dict__["default_key_access_justification_policy"] = default_key_access_justification_policy
+        __props__.__dict__["organization"] = organization
+        return OrganizationKajPolicyConfig(resource_name, opts=opts, __props__=__props__)
+
+    @_builtins.property
+    @pulumi.getter(name="defaultKeyAccessJustificationPolicy")
+    def default_key_access_justification_policy(self) -> pulumi.Output[Optional['outputs.OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicy']]:
+        """
+        The default key access justification policy used when a CryptoKey is
+        created in this organization. This is only used when a Key Access Justifications
+        policy is not provided in the CreateCryptoKeyRequest.
+        Structure is documented below.
+        """
+        return pulumi.get(self, "default_key_access_justification_policy")
+
+    @_builtins.property
+    @pulumi.getter
+    def organization(self) -> pulumi.Output[_builtins.str]:
+        """
+        The organization number for which to retrieve config.
+        """
+        return pulumi.get(self, "organization")
+

pulumi_gcp/kms/outputs.py

@@ -33,6 +33,7 @@ __all__ = [
     'KeyRingIAMMemberCondition',
     'KeyRingImportJobAttestation',
     'KeyRingImportJobPublicKey',
+    'OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicy',
     'GetCryptoKeyLatestVersionPublicKeyResult',
     'GetCryptoKeyVersionsPublicKeyResult',
     'GetCryptoKeyVersionsVersionResult',
@@ -984,6 +985,48 @@ class KeyRingImportJobPublicKey(dict):
         return pulumi.get(self, "pem")
 
 
+@pulumi.output_type
+class OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicy(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "allowedAccessReasons":
+            suggest = "allowed_access_reasons"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicy. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicy.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        OrganizationKajPolicyConfigDefaultKeyAccessJustificationPolicy.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 allowed_access_reasons: Optional[Sequence[_builtins.str]] = None):
+        """
+        :param Sequence[_builtins.str] allowed_access_reasons: A KeyAccessJustificationsPolicy specifies zero or more allowed
+               AccessReason values for encrypt, decrypt, and sign operations on a
+               CryptoKey.
+               Each value may be one of: `CUSTOMER_INITIATED_SUPPORT`, `GOOGLE_INITIATED_SERVICE`, `THIRD_PARTY_DATA_REQUEST`, `GOOGLE_INITIATED_REVIEW`, `CUSTOMER_INITIATED_ACCESS`, `GOOGLE_INITIATED_SYSTEM_OPERATION`, `REASON_NOT_EXPECTED`, `MODIFIED_CUSTOMER_INITIATED_ACCESS`, `MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION`, `GOOGLE_RESPONSE_TO_PRODUCTION_ALERT`, `CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING`.
+        """
+        if allowed_access_reasons is not None:
+            pulumi.set(__self__, "allowed_access_reasons", allowed_access_reasons)
+
+    @_builtins.property
+    @pulumi.getter(name="allowedAccessReasons")
+    def allowed_access_reasons(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        A KeyAccessJustificationsPolicy specifies zero or more allowed
+        AccessReason values for encrypt, decrypt, and sign operations on a
+        CryptoKey.
+        Each value may be one of: `CUSTOMER_INITIATED_SUPPORT`, `GOOGLE_INITIATED_SERVICE`, `THIRD_PARTY_DATA_REQUEST`, `GOOGLE_INITIATED_REVIEW`, `CUSTOMER_INITIATED_ACCESS`, `GOOGLE_INITIATED_SYSTEM_OPERATION`, `REASON_NOT_EXPECTED`, `MODIFIED_CUSTOMER_INITIATED_ACCESS`, `MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION`, `GOOGLE_RESPONSE_TO_PRODUCTION_ALERT`, `CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING`.
+        """
+        return pulumi.get(self, "allowed_access_reasons")
+
+
 @pulumi.output_type
 class GetCryptoKeyLatestVersionPublicKeyResult(dict):
     def __init__(__self__, *,

pulumi_gcp/logging/metric.py

@@ -564,7 +564,7 @@ class Metric(pulumi.CustomResource):
         logging_metric_metric = gcp.logging.Metric("logging_metric",
             name="my-(custom)/metric",
             filter="resource.type=gae_app AND severity>=ERROR",
-            bucket_name=logging_metric.id)
+            bucket_name=logging_metric.name)
         ```
         ### Logging Metric Disabled
 
@@ -744,7 +744,7 @@ class Metric(pulumi.CustomResource):
         logging_metric_metric = gcp.logging.Metric("logging_metric",
             name="my-(custom)/metric",
             filter="resource.type=gae_app AND severity>=ERROR",
-            bucket_name=logging_metric.id)
+            bucket_name=logging_metric.name)
         ```
         ### Logging Metric Disabled
 

pulumi_gcp/looker/instance.py

@@ -29,6 +29,7 @@ class InstanceArgs:
                  deny_maintenance_period: Optional[pulumi.Input['InstanceDenyMaintenancePeriodArgs']] = None,
                  encryption_config: Optional[pulumi.Input['InstanceEncryptionConfigArgs']] = None,
                  fips_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 gemini_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  maintenance_window: Optional[pulumi.Input['InstanceMaintenanceWindowArgs']] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  platform_edition: Optional[pulumi.Input[_builtins.str]] = None,
@@ -62,6 +63,7 @@ class InstanceArgs:
         :param pulumi.Input['InstanceEncryptionConfigArgs'] encryption_config: Looker instance encryption settings.
                Structure is documented below.
         :param pulumi.Input[_builtins.bool] fips_enabled: FIPS 140-2 Encryption enablement for Looker (Google Cloud Core).
+        :param pulumi.Input[_builtins.bool] gemini_enabled: Gemini enablement for Looker (Google Cloud Core).
         :param pulumi.Input['InstanceMaintenanceWindowArgs'] maintenance_window: Maintenance window for an instance.
                Maintenance of your instance takes place once a month, and will require
                your instance to be restarted during updates, which will temporarily
@@ -116,6 +118,8 @@ class InstanceArgs:
             pulumi.set(__self__, "encryption_config", encryption_config)
         if fips_enabled is not None:
             pulumi.set(__self__, "fips_enabled", fips_enabled)
+        if gemini_enabled is not None:
+            pulumi.set(__self__, "gemini_enabled", gemini_enabled)
         if maintenance_window is not None:
             pulumi.set(__self__, "maintenance_window", maintenance_window)
         if name is not None:
@@ -247,6 +251,18 @@ class InstanceArgs:
     def fips_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "fips_enabled", value)
 
+    @_builtins.property
+    @pulumi.getter(name="geminiEnabled")
+    def gemini_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Gemini enablement for Looker (Google Cloud Core).
+        """
+        return pulumi.get(self, "gemini_enabled")
+
+    @gemini_enabled.setter
+    def gemini_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "gemini_enabled", value)
+
     @_builtins.property
     @pulumi.getter(name="maintenanceWindow")
     def maintenance_window(self) -> Optional[pulumi.Input['InstanceMaintenanceWindowArgs']]:
@@ -419,6 +435,7 @@ class _InstanceState:
                  egress_public_ip: Optional[pulumi.Input[_builtins.str]] = None,
                  encryption_config: Optional[pulumi.Input['InstanceEncryptionConfigArgs']] = None,
                  fips_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 gemini_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  ingress_private_ip: Optional[pulumi.Input[_builtins.str]] = None,
                  ingress_public_ip: Optional[pulumi.Input[_builtins.str]] = None,
                  looker_uri: Optional[pulumi.Input[_builtins.str]] = None,
@@ -459,6 +476,7 @@ class _InstanceState:
         :param pulumi.Input['InstanceEncryptionConfigArgs'] encryption_config: Looker instance encryption settings.
                Structure is documented below.
         :param pulumi.Input[_builtins.bool] fips_enabled: FIPS 140-2 Encryption enablement for Looker (Google Cloud Core).
+        :param pulumi.Input[_builtins.bool] gemini_enabled: Gemini enablement for Looker (Google Cloud Core).
         :param pulumi.Input[_builtins.str] ingress_private_ip: Private Ingress IP (IPv4).
         :param pulumi.Input[_builtins.str] ingress_public_ip: Public Ingress IP (IPv4).
         :param pulumi.Input[_builtins.str] looker_uri: Looker instance URI which can be used to access the Looker Instance UI.
@@ -524,6 +542,8 @@ class _InstanceState:
             pulumi.set(__self__, "encryption_config", encryption_config)
         if fips_enabled is not None:
             pulumi.set(__self__, "fips_enabled", fips_enabled)
+        if gemini_enabled is not None:
+            pulumi.set(__self__, "gemini_enabled", gemini_enabled)
         if ingress_private_ip is not None:
             pulumi.set(__self__, "ingress_private_ip", ingress_private_ip)
         if ingress_public_ip is not None:
@@ -679,6 +699,18 @@ class _InstanceState:
     def fips_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "fips_enabled", value)
 
+    @_builtins.property
+    @pulumi.getter(name="geminiEnabled")
+    def gemini_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Gemini enablement for Looker (Google Cloud Core).
+        """
+        return pulumi.get(self, "gemini_enabled")
+
+    @gemini_enabled.setter
+    def gemini_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "gemini_enabled", value)
+
     @_builtins.property
     @pulumi.getter(name="ingressPrivateIp")
     def ingress_private_ip(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -926,6 +958,7 @@ class Instance(pulumi.CustomResource):
                  deny_maintenance_period: Optional[pulumi.Input[Union['InstanceDenyMaintenancePeriodArgs', 'InstanceDenyMaintenancePeriodArgsDict']]] = None,
                  encryption_config: Optional[pulumi.Input[Union['InstanceEncryptionConfigArgs', 'InstanceEncryptionConfigArgsDict']]] = None,
                  fips_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 gemini_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  maintenance_window: Optional[pulumi.Input[Union['InstanceMaintenanceWindowArgs', 'InstanceMaintenanceWindowArgsDict']]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_config: Optional[pulumi.Input[Union['InstanceOauthConfigArgs', 'InstanceOauthConfigArgsDict']]] = None,
@@ -978,6 +1011,7 @@ class Instance(pulumi.CustomResource):
             platform_edition="LOOKER_CORE_STANDARD_ANNUAL",
             region="us-central1",
             public_ip_enabled=True,
+            gemini_enabled=True,
             admin_settings={
                 "allowed_email_domains": ["google.com"],
             },
@@ -1053,6 +1087,7 @@ class Instance(pulumi.CustomResource):
             region="us-central1",
             private_ip_enabled=True,
             public_ip_enabled=False,
+            gemini_enabled=True,
             reserved_range=looker_range.name,
             consumer_network=looker_network.id,
             admin_settings={
@@ -1205,6 +1240,7 @@ class Instance(pulumi.CustomResource):
         :param pulumi.Input[Union['InstanceEncryptionConfigArgs', 'InstanceEncryptionConfigArgsDict']] encryption_config: Looker instance encryption settings.
                Structure is documented below.
         :param pulumi.Input[_builtins.bool] fips_enabled: FIPS 140-2 Encryption enablement for Looker (Google Cloud Core).
+        :param pulumi.Input[_builtins.bool] gemini_enabled: Gemini enablement for Looker (Google Cloud Core).
         :param pulumi.Input[Union['InstanceMaintenanceWindowArgs', 'InstanceMaintenanceWindowArgsDict']] maintenance_window: Maintenance window for an instance.
                Maintenance of your instance takes place once a month, and will require
                your instance to be restarted during updates, which will temporarily
@@ -1291,6 +1327,7 @@ class Instance(pulumi.CustomResource):
             platform_edition="LOOKER_CORE_STANDARD_ANNUAL",
             region="us-central1",
             public_ip_enabled=True,
+            gemini_enabled=True,
             admin_settings={
                 "allowed_email_domains": ["google.com"],
             },
@@ -1366,6 +1403,7 @@ class Instance(pulumi.CustomResource):
             region="us-central1",
             private_ip_enabled=True,
             public_ip_enabled=False,
+            gemini_enabled=True,
             reserved_range=looker_range.name,
             consumer_network=looker_network.id,
             admin_settings={
@@ -1520,6 +1558,7 @@ class Instance(pulumi.CustomResource):
                  deny_maintenance_period: Optional[pulumi.Input[Union['InstanceDenyMaintenancePeriodArgs', 'InstanceDenyMaintenancePeriodArgsDict']]] = None,
                  encryption_config: Optional[pulumi.Input[Union['InstanceEncryptionConfigArgs', 'InstanceEncryptionConfigArgsDict']]] = None,
                  fips_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 gemini_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  maintenance_window: Optional[pulumi.Input[Union['InstanceMaintenanceWindowArgs', 'InstanceMaintenanceWindowArgsDict']]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_config: Optional[pulumi.Input[Union['InstanceOauthConfigArgs', 'InstanceOauthConfigArgsDict']]] = None,
@@ -1548,6 +1587,7 @@ class Instance(pulumi.CustomResource):
             __props__.__dict__["deny_maintenance_period"] = deny_maintenance_period
             __props__.__dict__["encryption_config"] = encryption_config
             __props__.__dict__["fips_enabled"] = fips_enabled
+            __props__.__dict__["gemini_enabled"] = gemini_enabled
             __props__.__dict__["maintenance_window"] = maintenance_window
             __props__.__dict__["name"] = name
             if oauth_config is None and not opts.urn:
@@ -1588,6 +1628,7 @@ class Instance(pulumi.CustomResource):
             egress_public_ip: Optional[pulumi.Input[_builtins.str]] = None,
             encryption_config: Optional[pulumi.Input[Union['InstanceEncryptionConfigArgs', 'InstanceEncryptionConfigArgsDict']]] = None,
             fips_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+            gemini_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
             ingress_private_ip: Optional[pulumi.Input[_builtins.str]] = None,
             ingress_public_ip: Optional[pulumi.Input[_builtins.str]] = None,
             looker_uri: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1633,6 +1674,7 @@ class Instance(pulumi.CustomResource):
         :param pulumi.Input[Union['InstanceEncryptionConfigArgs', 'InstanceEncryptionConfigArgsDict']] encryption_config: Looker instance encryption settings.
                Structure is documented below.
         :param pulumi.Input[_builtins.bool] fips_enabled: FIPS 140-2 Encryption enablement for Looker (Google Cloud Core).
+        :param pulumi.Input[_builtins.bool] gemini_enabled: Gemini enablement for Looker (Google Cloud Core).
         :param pulumi.Input[_builtins.str] ingress_private_ip: Private Ingress IP (IPv4).
         :param pulumi.Input[_builtins.str] ingress_public_ip: Public Ingress IP (IPv4).
         :param pulumi.Input[_builtins.str] looker_uri: Looker instance URI which can be used to access the Looker Instance UI.
@@ -1693,6 +1735,7 @@ class Instance(pulumi.CustomResource):
         __props__.__dict__["egress_public_ip"] = egress_public_ip
         __props__.__dict__["encryption_config"] = encryption_config
         __props__.__dict__["fips_enabled"] = fips_enabled
+        __props__.__dict__["gemini_enabled"] = gemini_enabled
         __props__.__dict__["ingress_private_ip"] = ingress_private_ip
         __props__.__dict__["ingress_public_ip"] = ingress_public_ip
         __props__.__dict__["looker_uri"] = looker_uri
@@ -1796,6 +1839,14 @@ class Instance(pulumi.CustomResource):
         """
         return pulumi.get(self, "fips_enabled")
 
+    @_builtins.property
+    @pulumi.getter(name="geminiEnabled")
+    def gemini_enabled(self) -> pulumi.Output[Optional[_builtins.bool]]:
+        """
+        Gemini enablement for Looker (Google Cloud Core).
+        """
+        return pulumi.get(self, "gemini_enabled")
+
     @_builtins.property
     @pulumi.getter(name="ingressPrivateIp")
     def ingress_private_ip(self) -> pulumi.Output[_builtins.str]: