pulumi-gitlab 9.3.0a1759182301__py3-none-any.whl → 9.8.1__py3-none-any.whl

pulumi_gitlab/outputs.py

@@ -30,6 +30,7 @@ __all__ = [
     'GroupProtectedEnvironmentDeployAccessLevel',
     'GroupPushRules',
     'GroupServiceAccountAccessTokenRotationConfiguration',
+    'GroupServiceAccountTimeouts',
     'InstanceServiceAccountTimeouts',
     'PersonalAccessTokenRotationConfiguration',
     'ProjectAccessTokenRotationConfiguration',
@@ -56,7 +57,10 @@ __all__ = [
     'GetGroupBillableMemberMembershipsMembershipResult',
     'GetGroupHooksHookResult',
     'GetGroupMembershipMemberResult',
+    'GetGroupMembershipMemberGroupSamlIdentityResult',
     'GetGroupProvisionedUsersProvisionedUserResult',
+    'GetGroupSamlLinksSamlLinkResult',
+    'GetGroupServiceAccountAccessTokensAccessTokenResult',
     'GetGroupSharedWithGroupResult',
     'GetGroupSubgroupsSubgroupResult',
     'GetGroupVariablesVariableResult',
@@ -71,11 +75,15 @@ __all__ = [
     'GetPipelineSchedulesPipelineScheduleResult',
     'GetPipelineSchedulesPipelineScheduleOwnerResult',
     'GetProjectAccessTokensAccessTokenResult',
+    'GetProjectApprovalRulesApprovalRuleResult',
     'GetProjectBranchesBranchResult',
     'GetProjectBranchesBranchCommitResult',
     'GetProjectContainerExpirationPolicyResult',
     'GetProjectEnvironmentsEnvironmentResult',
     'GetProjectHooksHookResult',
+    'GetProjectIssueLabelEventsEventResult',
+    'GetProjectIssueLabelEventsEventLabelResult',
+    'GetProjectIssueLabelEventsEventUserResult',
     'GetProjectIssueTaskCompletionStatusResult',
     'GetProjectIssuesIssueResult',
     'GetProjectIssuesIssueTaskCompletionStatusResult',
@@ -97,6 +105,9 @@ __all__ = [
     'GetProjectProtectedTagsProtectedTagResult',
     'GetProjectProtectedTagsProtectedTagCreateAccessLevelResult',
     'GetProjectPushRuleResult',
+    'GetProjectSecureFileMetadataResult',
+    'GetProjectSecureFileMetadataIssuerResult',
+    'GetProjectSecureFileMetadataSubjectResult',
     'GetProjectSharedWithGroupResult',
     'GetProjectTagCommitResult',
     'GetProjectTagReleaseResult',
@@ -117,6 +128,12 @@ __all__ = [
     'GetReleaseLinksReleaseLinkResult',
     'GetRepositoryTreeTreeResult',
     'GetRunnersRunnerResult',
+    'GetSecurityPolicyDocumentScanExecutionPolicyResult',
+    'GetSecurityPolicyDocumentScanExecutionPolicyActionResult',
+    'GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeResult',
+    'GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeProjectsResult',
+    'GetSecurityPolicyDocumentScanExecutionPolicyRuleResult',
+    'GetSecurityPolicyDocumentScanExecutionPolicySkipCiResult',
     'GetUserSshkeysKeyResult',
     'GetUsersUserResult',
 ]
@@ -1367,6 +1384,25 @@ class GroupServiceAccountAccessTokenRotationConfiguration(dict):
         return pulumi.get(self, "expiration_days")
 
 
+@pulumi.output_type
+class GroupServiceAccountTimeouts(dict):
+    def __init__(__self__, *,
+                 delete: Optional[_builtins.str] = None):
+        """
+        :param _builtins.str delete: How long to wait for the service account to be fully deleted. Defaults to 10 minutes.
+        """
+        if delete is not None:
+            pulumi.set(__self__, "delete", delete)
+
+    @_builtins.property
+    @pulumi.getter
+    def delete(self) -> Optional[_builtins.str]:
+        """
+        How long to wait for the service account to be fully deleted. Defaults to 10 minutes.
+        """
+        return pulumi.get(self, "delete")
+
+
 @pulumi.output_type
 class InstanceServiceAccountTimeouts(dict):
     def __init__(__self__, *,
@@ -3499,7 +3535,7 @@ class GetGroupBillableMemberMembershipsMembershipResult(dict):
                  source_id: _builtins.int,
                  source_members_url: _builtins.str):
         """
-        :param _builtins.str access_level: Access-level of the member. For details see: https://docs.gitlab.com/api/access_requests/#valid-access-levels
+        :param _builtins.str access_level: Access-level of the member. For details see: https://docs.gitlab.com/user/permissions/#default-roles
         :param _builtins.str created_at: Datetime when the membership was first added.
         :param _builtins.str expires_at: Date when the membership will end.
         :param _builtins.int id: The id of the membership.
@@ -3519,7 +3555,7 @@ class GetGroupBillableMemberMembershipsMembershipResult(dict):
     @pulumi.getter(name="accessLevel")
     def access_level(self) -> _builtins.str:
         """
-        Access-level of the member. For details see: https://docs.gitlab.com/api/access_requests/#valid-access-levels
+        Access-level of the member. For details see: https://docs.gitlab.com/user/permissions/#default-roles
         """
         return pulumi.get(self, "access_level")
 
@@ -3596,6 +3632,7 @@ class GetGroupHooksHookResult(dict):
                  tag_push_events: _builtins.bool,
                  token: _builtins.str,
                  url: _builtins.str,
+                 vulnerability_events: _builtins.bool,
                  wiki_page_events: _builtins.bool):
         """
         :param _builtins.bool confidential_issues_events: Invoke the hook for confidential issues events.
@@ -3617,8 +3654,9 @@ class GetGroupHooksHookResult(dict):
         :param _builtins.bool releases_events: Invoke the hook for releases events.
         :param _builtins.bool subgroup_events: Invoke the hook for subgroup events.
         :param _builtins.bool tag_push_events: Invoke the hook for tag push events.
-        :param _builtins.str token: A token to present when invoking the hook. The token is not available for imported resources.
+        :param _builtins.str token: A token to present when invoking the hook. The token is only available on resource creation, not in this datasource. It will always be blank. To be removed in 19.0.
         :param _builtins.str url: The url of the hook to invoke.
+        :param _builtins.bool vulnerability_events: Invoke the hook for vulnerability events.
         :param _builtins.bool wiki_page_events: Invoke the hook for wiki page events.
         """
         pulumi.set(__self__, "confidential_issues_events", confidential_issues_events)
@@ -3642,6 +3680,7 @@ class GetGroupHooksHookResult(dict):
         pulumi.set(__self__, "tag_push_events", tag_push_events)
         pulumi.set(__self__, "token", token)
         pulumi.set(__self__, "url", url)
+        pulumi.set(__self__, "vulnerability_events", vulnerability_events)
         pulumi.set(__self__, "wiki_page_events", wiki_page_events)
 
     @_builtins.property
@@ -3798,9 +3837,10 @@ class GetGroupHooksHookResult(dict):
 
     @_builtins.property
     @pulumi.getter
+    @_utilities.deprecated("""The token is only available on resource creation, not in this datasource. It will always be blank. To be removed in 19.0.""")
     def token(self) -> _builtins.str:
         """
-        A token to present when invoking the hook. The token is not available for imported resources.
+        A token to present when invoking the hook. The token is only available on resource creation, not in this datasource. It will always be blank. To be removed in 19.0.
         """
         return pulumi.get(self, "token")
 
@@ -3812,6 +3852,14 @@ class GetGroupHooksHookResult(dict):
         """
         return pulumi.get(self, "url")
 
+    @_builtins.property
+    @pulumi.getter(name="vulnerabilityEvents")
+    def vulnerability_events(self) -> _builtins.bool:
+        """
+        Invoke the hook for vulnerability events.
+        """
+        return pulumi.get(self, "vulnerability_events")
+
     @_builtins.property
     @pulumi.getter(name="wikiPageEvents")
     def wiki_page_events(self) -> _builtins.bool:
@@ -3827,6 +3875,7 @@ class GetGroupMembershipMemberResult(dict):
                  access_level: _builtins.str,
                  avatar_url: _builtins.str,
                  expires_at: _builtins.str,
+                 group_saml_identity: 'outputs.GetGroupMembershipMemberGroupSamlIdentityResult',
                  id: _builtins.int,
                  name: _builtins.str,
                  state: _builtins.str,
@@ -3836,6 +3885,7 @@ class GetGroupMembershipMemberResult(dict):
         :param _builtins.str access_level: The level of access to the group.
         :param _builtins.str avatar_url: The avatar URL of the user.
         :param _builtins.str expires_at: Expiration date for the group membership.
+        :param 'GetGroupMembershipMemberGroupSamlIdentityArgs' group_saml_identity: SAML identity linked to the group member.
         :param _builtins.int id: The unique id assigned to the user by the gitlab server.
         :param _builtins.str name: The name of the user.
         :param _builtins.str state: Whether the user is active or blocked.
@@ -3845,6 +3895,7 @@ class GetGroupMembershipMemberResult(dict):
         pulumi.set(__self__, "access_level", access_level)
         pulumi.set(__self__, "avatar_url", avatar_url)
         pulumi.set(__self__, "expires_at", expires_at)
+        pulumi.set(__self__, "group_saml_identity", group_saml_identity)
         pulumi.set(__self__, "id", id)
         pulumi.set(__self__, "name", name)
         pulumi.set(__self__, "state", state)
@@ -3875,6 +3926,14 @@ class GetGroupMembershipMemberResult(dict):
         """
         return pulumi.get(self, "expires_at")
 
+    @_builtins.property
+    @pulumi.getter(name="groupSamlIdentity")
+    def group_saml_identity(self) -> 'outputs.GetGroupMembershipMemberGroupSamlIdentityResult':
+        """
+        SAML identity linked to the group member.
+        """
+        return pulumi.get(self, "group_saml_identity")
+
     @_builtins.property
     @pulumi.getter
     def id(self) -> _builtins.int:
@@ -3916,6 +3975,46 @@ class GetGroupMembershipMemberResult(dict):
         return pulumi.get(self, "web_url")
 
 
+@pulumi.output_type
+class GetGroupMembershipMemberGroupSamlIdentityResult(dict):
+    def __init__(__self__, *,
+                 extern_uid: _builtins.str,
+                 provider: _builtins.str,
+                 saml_provider_id: _builtins.int):
+        """
+        :param _builtins.str extern_uid: The external UID of the group SAML identity.
+        :param _builtins.str provider: The provider of the SAML identity.
+        :param _builtins.int saml_provider_id: The ID of the SAML provider.
+        """
+        pulumi.set(__self__, "extern_uid", extern_uid)
+        pulumi.set(__self__, "provider", provider)
+        pulumi.set(__self__, "saml_provider_id", saml_provider_id)
+
+    @_builtins.property
+    @pulumi.getter(name="externUid")
+    def extern_uid(self) -> _builtins.str:
+        """
+        The external UID of the group SAML identity.
+        """
+        return pulumi.get(self, "extern_uid")
+
+    @_builtins.property
+    @pulumi.getter
+    def provider(self) -> _builtins.str:
+        """
+        The provider of the SAML identity.
+        """
+        return pulumi.get(self, "provider")
+
+    @_builtins.property
+    @pulumi.getter(name="samlProviderId")
+    def saml_provider_id(self) -> _builtins.int:
+        """
+        The ID of the SAML provider.
+        """
+        return pulumi.get(self, "saml_provider_id")
+
+
 @pulumi.output_type
 class GetGroupProvisionedUsersProvisionedUserResult(dict):
     def __init__(__self__, *,
@@ -4198,6 +4297,100 @@ class GetGroupProvisionedUsersProvisionedUserResult(dict):
         return pulumi.get(self, "website_url")
 
 
+@pulumi.output_type
+class GetGroupSamlLinksSamlLinkResult(dict):
+    def __init__(__self__, *,
+                 access_level: _builtins.str,
+                 member_role_id: _builtins.int,
+                 name: _builtins.str):
+        """
+        :param _builtins.str access_level: The base access level for members of the SAML group.
+        :param _builtins.int member_role_id: Member Role ID (custom role for members of the SAML group.
+        :param _builtins.str name: Name of the SAML group.
+        """
+        pulumi.set(__self__, "access_level", access_level)
+        pulumi.set(__self__, "member_role_id", member_role_id)
+        pulumi.set(__self__, "name", name)
+
+    @_builtins.property
+    @pulumi.getter(name="accessLevel")
+    def access_level(self) -> _builtins.str:
+        """
+        The base access level for members of the SAML group.
+        """
+        return pulumi.get(self, "access_level")
+
+    @_builtins.property
+    @pulumi.getter(name="memberRoleId")
+    def member_role_id(self) -> _builtins.int:
+        """
+        Member Role ID (custom role for members of the SAML group.
+        """
+        return pulumi.get(self, "member_role_id")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the SAML group.
+        """
+        return pulumi.get(self, "name")
+
+
+@pulumi.output_type
+class GetGroupServiceAccountAccessTokensAccessTokenResult(dict):
+    def __init__(__self__, *,
+                 active: _builtins.bool,
+                 created_at: _builtins.str,
+                 expires_at: _builtins.str,
+                 id: _builtins.str,
+                 name: _builtins.str,
+                 revoked: _builtins.bool,
+                 scopes: Sequence[_builtins.str]):
+        pulumi.set(__self__, "active", active)
+        pulumi.set(__self__, "created_at", created_at)
+        pulumi.set(__self__, "expires_at", expires_at)
+        pulumi.set(__self__, "id", id)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "revoked", revoked)
+        pulumi.set(__self__, "scopes", scopes)
+
+    @_builtins.property
+    @pulumi.getter
+    def active(self) -> _builtins.bool:
+        return pulumi.get(self, "active")
+
+    @_builtins.property
+    @pulumi.getter(name="createdAt")
+    def created_at(self) -> _builtins.str:
+        return pulumi.get(self, "created_at")
+
+    @_builtins.property
+    @pulumi.getter(name="expiresAt")
+    def expires_at(self) -> _builtins.str:
+        return pulumi.get(self, "expires_at")
+
+    @_builtins.property
+    @pulumi.getter
+    def id(self) -> _builtins.str:
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def revoked(self) -> _builtins.bool:
+        return pulumi.get(self, "revoked")
+
+    @_builtins.property
+    @pulumi.getter
+    def scopes(self) -> Sequence[_builtins.str]:
+        return pulumi.get(self, "scopes")
+
+
 @pulumi.output_type
 class GetGroupSharedWithGroupResult(dict):
     def __init__(__self__, *,
@@ -4291,6 +4484,36 @@ class GetGroupSubgroupsSubgroupResult(dict):
                  visibility: _builtins.str,
                  web_url: _builtins.str,
                  wiki_access_level: _builtins.str):
+        """
+        :param _builtins.str allowed_email_domains_list: A list of email address domains to allow group access.
+        :param _builtins.bool auto_devops_enabled: Default to Auto DevOps pipeline for all projects within this group.
+        :param _builtins.str avatar_url: The URL of the avatar image.
+        :param _builtins.str created_at: Group created at date.
+        :param _builtins.int default_branch_protection: Whether developers and maintainers can push to the applicable default branch.
+        :param _builtins.str description: The description of the group.
+        :param _builtins.bool emails_enabled: Enable email notifications.
+        :param _builtins.int file_template_project_id: The ID of the project that will be used for file templates.
+        :param _builtins.str full_name: The full name of the group.
+        :param _builtins.str full_path: The full path of the group.
+        :param _builtins.int group_id: The ID of the group.
+        :param _builtins.str ip_restriction_ranges: A list of IP addresses or subnet masks to restrict group access.
+        :param _builtins.bool lfs_enabled: Is LFS enabled for projects in this group.
+        :param _builtins.bool mentions_disabled: Disable the capability of a group from getting mentioned.
+        :param _builtins.str name: The name of this group.
+        :param _builtins.int parent_id: ID of the parent group.
+        :param _builtins.str path: The path of the group.
+        :param _builtins.str project_creation_level: Determine if developers can create projects in the group. Valid values are: `noone`, `owner`, `maintainer`, `developer`, `administrator`
+        :param _builtins.bool request_access_enabled: Is request for access enabled to the group.
+        :param _builtins.bool require_two_factor_authentication: Require all users in this group to setup Two-factor authentication.
+        :param _builtins.bool share_with_group_lock: Prevent sharing a project with another group within this group.
+        :param _builtins.str shared_runners_setting: Enable or disable shared runners for a group's subgroups and projects. Valid values are: `enabled`, `disabled_and_overridable`, `disabled_and_unoverridable`, `disabled_with_override`.
+        :param Mapping[str, _builtins.str] statistics: Group statistics.
+        :param _builtins.str subgroup_creation_level: Allowed to create subgroups. Valid values are: `owner`, `maintainer`.
+        :param _builtins.int two_factor_grace_period: Time before Two-factor authentication is enforced (in hours).
+        :param _builtins.str visibility: Limited by visibility `public`, `internal`, or `private`.
+        :param _builtins.str web_url: Web URL of the group.
+        :param _builtins.str wiki_access_level: The group's wiki access level. Only available on Premium and Ultimate plans. Valid values are `disabled`, `private`, `enabled`.
+        """
         pulumi.set(__self__, "allowed_email_domains_list", allowed_email_domains_list)
         pulumi.set(__self__, "auto_devops_enabled", auto_devops_enabled)
         pulumi.set(__self__, "avatar_url", avatar_url)
@@ -4323,141 +4546,225 @@ class GetGroupSubgroupsSubgroupResult(dict):
     @_builtins.property
     @pulumi.getter(name="allowedEmailDomainsList")
     def allowed_email_domains_list(self) -> _builtins.str:
+        """
+        A list of email address domains to allow group access.
+        """
         return pulumi.get(self, "allowed_email_domains_list")
 
     @_builtins.property
     @pulumi.getter(name="autoDevopsEnabled")
     def auto_devops_enabled(self) -> _builtins.bool:
+        """
+        Default to Auto DevOps pipeline for all projects within this group.
+        """
         return pulumi.get(self, "auto_devops_enabled")
 
     @_builtins.property
     @pulumi.getter(name="avatarUrl")
     def avatar_url(self) -> _builtins.str:
+        """
+        The URL of the avatar image.
+        """
         return pulumi.get(self, "avatar_url")
 
     @_builtins.property
     @pulumi.getter(name="createdAt")
     def created_at(self) -> _builtins.str:
+        """
+        Group created at date.
+        """
         return pulumi.get(self, "created_at")
 
     @_builtins.property
     @pulumi.getter(name="defaultBranchProtection")
     def default_branch_protection(self) -> _builtins.int:
+        """
+        Whether developers and maintainers can push to the applicable default branch.
+        """
         return pulumi.get(self, "default_branch_protection")
 
     @_builtins.property
     @pulumi.getter
     def description(self) -> _builtins.str:
+        """
+        The description of the group.
+        """
         return pulumi.get(self, "description")
 
     @_builtins.property
     @pulumi.getter(name="emailsEnabled")
     def emails_enabled(self) -> _builtins.bool:
+        """
+        Enable email notifications.
+        """
         return pulumi.get(self, "emails_enabled")
 
     @_builtins.property
     @pulumi.getter(name="fileTemplateProjectId")
     def file_template_project_id(self) -> _builtins.int:
+        """
+        The ID of the project that will be used for file templates.
+        """
         return pulumi.get(self, "file_template_project_id")
 
     @_builtins.property
     @pulumi.getter(name="fullName")
     def full_name(self) -> _builtins.str:
+        """
+        The full name of the group.
+        """
         return pulumi.get(self, "full_name")
 
     @_builtins.property
     @pulumi.getter(name="fullPath")
     def full_path(self) -> _builtins.str:
+        """
+        The full path of the group.
+        """
         return pulumi.get(self, "full_path")
 
     @_builtins.property
     @pulumi.getter(name="groupId")
     def group_id(self) -> _builtins.int:
+        """
+        The ID of the group.
+        """
         return pulumi.get(self, "group_id")
 
     @_builtins.property
     @pulumi.getter(name="ipRestrictionRanges")
     def ip_restriction_ranges(self) -> _builtins.str:
+        """
+        A list of IP addresses or subnet masks to restrict group access.
+        """
         return pulumi.get(self, "ip_restriction_ranges")
 
     @_builtins.property
     @pulumi.getter(name="lfsEnabled")
     def lfs_enabled(self) -> _builtins.bool:
+        """
+        Is LFS enabled for projects in this group.
+        """
         return pulumi.get(self, "lfs_enabled")
 
     @_builtins.property
     @pulumi.getter(name="mentionsDisabled")
     def mentions_disabled(self) -> _builtins.bool:
+        """
+        Disable the capability of a group from getting mentioned.
+        """
         return pulumi.get(self, "mentions_disabled")
 
     @_builtins.property
     @pulumi.getter
     def name(self) -> _builtins.str:
+        """
+        The name of this group.
+        """
         return pulumi.get(self, "name")
 
     @_builtins.property
     @pulumi.getter(name="parentId")
     def parent_id(self) -> _builtins.int:
+        """
+        ID of the parent group.
+        """
         return pulumi.get(self, "parent_id")
 
     @_builtins.property
     @pulumi.getter
     def path(self) -> _builtins.str:
+        """
+        The path of the group.
+        """
         return pulumi.get(self, "path")
 
     @_builtins.property
     @pulumi.getter(name="projectCreationLevel")
     def project_creation_level(self) -> _builtins.str:
+        """
+        Determine if developers can create projects in the group. Valid values are: `noone`, `owner`, `maintainer`, `developer`, `administrator`
+        """
         return pulumi.get(self, "project_creation_level")
 
     @_builtins.property
     @pulumi.getter(name="requestAccessEnabled")
     def request_access_enabled(self) -> _builtins.bool:
+        """
+        Is request for access enabled to the group.
+        """
         return pulumi.get(self, "request_access_enabled")
 
     @_builtins.property
     @pulumi.getter(name="requireTwoFactorAuthentication")
     def require_two_factor_authentication(self) -> _builtins.bool:
+        """
+        Require all users in this group to setup Two-factor authentication.
+        """
         return pulumi.get(self, "require_two_factor_authentication")
 
     @_builtins.property
     @pulumi.getter(name="shareWithGroupLock")
     def share_with_group_lock(self) -> _builtins.bool:
+        """
+        Prevent sharing a project with another group within this group.
+        """
         return pulumi.get(self, "share_with_group_lock")
 
     @_builtins.property
     @pulumi.getter(name="sharedRunnersSetting")
     def shared_runners_setting(self) -> _builtins.str:
+        """
+        Enable or disable shared runners for a group's subgroups and projects. Valid values are: `enabled`, `disabled_and_overridable`, `disabled_and_unoverridable`, `disabled_with_override`.
+        """
         return pulumi.get(self, "shared_runners_setting")
 
     @_builtins.property
     @pulumi.getter
     def statistics(self) -> Mapping[str, _builtins.str]:
+        """
+        Group statistics.
+        """
         return pulumi.get(self, "statistics")
 
     @_builtins.property
     @pulumi.getter(name="subgroupCreationLevel")
     def subgroup_creation_level(self) -> _builtins.str:
+        """
+        Allowed to create subgroups. Valid values are: `owner`, `maintainer`.
+        """
         return pulumi.get(self, "subgroup_creation_level")
 
     @_builtins.property
     @pulumi.getter(name="twoFactorGracePeriod")
     def two_factor_grace_period(self) -> _builtins.int:
+        """
+        Time before Two-factor authentication is enforced (in hours).
+        """
         return pulumi.get(self, "two_factor_grace_period")
 
     @_builtins.property
     @pulumi.getter
     def visibility(self) -> _builtins.str:
+        """
+        Limited by visibility `public`, `internal`, or `private`.
+        """
         return pulumi.get(self, "visibility")
 
     @_builtins.property
     @pulumi.getter(name="webUrl")
     def web_url(self) -> _builtins.str:
+        """
+        Web URL of the group.
+        """
         return pulumi.get(self, "web_url")
 
     @_builtins.property
     @pulumi.getter(name="wikiAccessLevel")
     def wiki_access_level(self) -> _builtins.str:
+        """
+        The group's wiki access level. Only available on Premium and Ultimate plans. Valid values are `disabled`, `private`, `enabled`.
+        """
         return pulumi.get(self, "wiki_access_level")
 
 
@@ -4549,19 +4856,19 @@ class GetGroupsGroupResult(dict):
                  web_url: _builtins.str,
                  wiki_access_level: _builtins.str):
         """
-        :param _builtins.int default_branch_protection: Whether developers and maintainers can push to the applicable default branch.
+        :param _builtins.int default_branch_protection: Whether developers and maintainers can push to the applicable default branch. Will be removed in 19.0.
         :param _builtins.str description: The description of the group.
         :param _builtins.str full_name: The full name of the group.
         :param _builtins.str full_path: The full path of the group.
         :param _builtins.int group_id: The ID of the group.
-        :param _builtins.bool lfs_enabled: Boolean, is LFS enabled for projects in this group.
+        :param _builtins.bool lfs_enabled: Is LFS enabled for projects in this group.
         :param _builtins.str name: The name of this group.
-        :param _builtins.int parent_id: Integer, ID of the parent group.
+        :param _builtins.int parent_id: ID of the parent group.
         :param _builtins.str path: The path of the group.
         :param _builtins.bool prevent_forking_outside_group: When enabled, users can not fork projects from this group to external namespaces.
-        :param _builtins.bool request_access_enabled: Boolean, is request for access enabled to the group.
+        :param _builtins.bool request_access_enabled: Is request for access enabled to the group.
         :param _builtins.str runners_token: The group level registration token to use during runner setup.
-        :param _builtins.str shared_runners_setting: Enable or disable shared runners for a group’s subgroups and projects. Valid values are: `enabled`, `disabled_and_overridable`, `disabled_and_unoverridable`, `disabled_with_override`.
+        :param _builtins.str shared_runners_setting: Enable or disable shared runners for a group's subgroups and projects. Valid values are: `enabled`, `disabled_and_overridable`, `disabled_and_unoverridable`, `disabled_with_override`.
         :param _builtins.str visibility_level: Visibility level of the group. Possible values are `private`, `internal`, `public`.
         :param _builtins.str web_url: Web URL of the group.
         :param _builtins.str wiki_access_level: The group's wiki access level. Only available on Premium and Ultimate plans. Valid values are `disabled`, `private`, `enabled`.
@@ -4585,9 +4892,10 @@ class GetGroupsGroupResult(dict):
 
     @_builtins.property
     @pulumi.getter(name="defaultBranchProtection")
+    @_utilities.deprecated("""Will be removed in 19.0.""")
     def default_branch_protection(self) -> _builtins.int:
         """
-        Whether developers and maintainers can push to the applicable default branch.
+        Whether developers and maintainers can push to the applicable default branch. Will be removed in 19.0.
         """
         return pulumi.get(self, "default_branch_protection")
 
@@ -4627,7 +4935,7 @@ class GetGroupsGroupResult(dict):
     @pulumi.getter(name="lfsEnabled")
     def lfs_enabled(self) -> _builtins.bool:
         """
-        Boolean, is LFS enabled for projects in this group.
+        Is LFS enabled for projects in this group.
         """
         return pulumi.get(self, "lfs_enabled")
 
@@ -4643,7 +4951,7 @@ class GetGroupsGroupResult(dict):
     @pulumi.getter(name="parentId")
     def parent_id(self) -> _builtins.int:
         """
-        Integer, ID of the parent group.
+        ID of the parent group.
         """
         return pulumi.get(self, "parent_id")
 
@@ -4667,7 +4975,7 @@ class GetGroupsGroupResult(dict):
     @pulumi.getter(name="requestAccessEnabled")
     def request_access_enabled(self) -> _builtins.bool:
         """
-        Boolean, is request for access enabled to the group.
+        Is request for access enabled to the group.
         """
         return pulumi.get(self, "request_access_enabled")
 
@@ -4683,7 +4991,7 @@ class GetGroupsGroupResult(dict):
     @pulumi.getter(name="sharedRunnersSetting")
     def shared_runners_setting(self) -> _builtins.str:
         """
-        Enable or disable shared runners for a group’s subgroups and projects. Valid values are: `enabled`, `disabled_and_overridable`, `disabled_and_unoverridable`, `disabled_with_override`.
+        Enable or disable shared runners for a group's subgroups and projects. Valid values are: `enabled`, `disabled_and_overridable`, `disabled_and_unoverridable`, `disabled_with_override`.
         """
         return pulumi.get(self, "shared_runners_setting")
 
@@ -4882,11 +5190,11 @@ class GetInstanceVariablesVariableResult(dict):
         """
         :param _builtins.str description: The description of the variable. Maximum of 255 characters.
         :param _builtins.str key: The name of the variable.
-        :param _builtins.bool masked: If set to `true`, the value of the variable will be hidden in job logs. The value must meet the [masking requirements](https://docs.gitlab.com/ci/variables/#masked-variables). Defaults to `false`.
-        :param _builtins.bool protected: If set to `true`, the variable will be passed only to pipelines running on protected branches and tags. Defaults to `false`.
-        :param _builtins.bool raw: Whether the variable is treated as a raw string. Default: false. When true, variables in the value are not expanded.
+        :param _builtins.bool masked: If set to `true`, the value of the variable will be hidden in job logs.
+        :param _builtins.bool protected: If set to `true`, the variable will be passed only to pipelines running on protected branches and tags.
+        :param _builtins.bool raw: If set to `true`, the variable will be treated as a raw string.
         :param _builtins.str value: The value of the variable.
-        :param _builtins.str variable_type: The type of a variable. Valid values are: `env_var`, `file`. Default is `env_var`.
+        :param _builtins.str variable_type: The type of the variable, either `env_var` or `file`.
         """
         pulumi.set(__self__, "description", description)
         pulumi.set(__self__, "key", key)
@@ -4916,7 +5224,7 @@ class GetInstanceVariablesVariableResult(dict):
     @pulumi.getter
     def masked(self) -> _builtins.bool:
         """
-        If set to `true`, the value of the variable will be hidden in job logs. The value must meet the [masking requirements](https://docs.gitlab.com/ci/variables/#masked-variables). Defaults to `false`.
+        If set to `true`, the value of the variable will be hidden in job logs.
         """
         return pulumi.get(self, "masked")
 
@@ -4924,7 +5232,7 @@ class GetInstanceVariablesVariableResult(dict):
     @pulumi.getter
     def protected(self) -> _builtins.bool:
         """
-        If set to `true`, the variable will be passed only to pipelines running on protected branches and tags. Defaults to `false`.
+        If set to `true`, the variable will be passed only to pipelines running on protected branches and tags.
         """
         return pulumi.get(self, "protected")
 
@@ -4932,7 +5240,7 @@ class GetInstanceVariablesVariableResult(dict):
     @pulumi.getter
     def raw(self) -> _builtins.bool:
         """
-        Whether the variable is treated as a raw string. Default: false. When true, variables in the value are not expanded.
+        If set to `true`, the variable will be treated as a raw string.
         """
         return pulumi.get(self, "raw")
 
@@ -4948,7 +5256,7 @@ class GetInstanceVariablesVariableResult(dict):
     @pulumi.getter(name="variableType")
     def variable_type(self) -> _builtins.str:
         """
-        The type of a variable. Valid values are: `env_var`, `file`. Default is `env_var`.
+        The type of the variable, either `env_var` or `file`.
         """
         return pulumi.get(self, "variable_type")
 
@@ -5448,72 +5756,189 @@ class GetProjectAccessTokensAccessTokenResult(dict):
 
 
 @pulumi.output_type
-class GetProjectBranchesBranchResult(dict):
+class GetProjectApprovalRulesApprovalRuleResult(dict):
     def __init__(__self__, *,
-                 can_push: _builtins.bool,
-                 commits: Sequence['outputs.GetProjectBranchesBranchCommitResult'],
-                 default: _builtins.bool,
-                 developers_can_merge: _builtins.bool,
-                 developers_can_push: _builtins.bool,
-                 merged: _builtins.bool,
+                 applies_to_all_protected_branches: _builtins.bool,
+                 approvals_required: _builtins.int,
+                 eligible_approver_ids: Sequence[_builtins.int],
+                 group_ids: Sequence[_builtins.int],
+                 id: _builtins.int,
                  name: _builtins.str,
-                 protected: _builtins.bool,
-                 web_url: _builtins.str):
-        """
-        :param _builtins.bool can_push: Bool, true if you can push to the branch.
-        :param Sequence['GetProjectBranchesBranchCommitArgs'] commits: The commit associated with this branch.
-        :param _builtins.bool default: Bool, true if branch is the default branch for the project.
-        :param _builtins.bool developers_can_merge: Bool, true if developer level access allows to merge branch.
-        :param _builtins.bool developers_can_push: Bool, true if developer level access allows git push.
-        :param _builtins.bool merged: Bool, true if the branch has been merged into its parent.
-        :param _builtins.str name: The name of the branch.
-        :param _builtins.bool protected: Bool, true if branch has branch protection.
-        :param _builtins.str web_url: URL that can be used to find the branch in a browser.
-        """
-        pulumi.set(__self__, "can_push", can_push)
-        pulumi.set(__self__, "commits", commits)
-        pulumi.set(__self__, "default", default)
-        pulumi.set(__self__, "developers_can_merge", developers_can_merge)
-        pulumi.set(__self__, "developers_can_push", developers_can_push)
-        pulumi.set(__self__, "merged", merged)
+                 protected_branch_ids: Sequence[_builtins.int],
+                 report_type: _builtins.str,
+                 rule_type: _builtins.str,
+                 user_ids: Sequence[_builtins.int]):
+        """
+        :param _builtins.bool applies_to_all_protected_branches: If true, applies the rule to all protected branches, ignoring the protected branches attribute.
+        :param _builtins.int approvals_required: The number of approvals required for this rule.
+        :param Sequence[_builtins.int] eligible_approver_ids: List of all approver IDs that are eligible to approve this rule.
+        :param Sequence[_builtins.int] group_ids: List of group IDs that are eligible to approve this rule.
+        :param _builtins.int id: The ID of the approval rule.
+        :param _builtins.str name: The name of the approval rule.
+        :param Sequence[_builtins.int] protected_branch_ids: List of protected branch IDs that this rule applies to.
+        :param _builtins.str report_type: The report type. Required when the rule type is `report_approver`. The supported report types are `license_scanning` and `code_coverage`.
+        :param _builtins.str rule_type: The type of the approval rule. Can be `any_approver`, `regular` or `report_approver`.
+        :param Sequence[_builtins.int] user_ids: List of user IDs that are eligible to approve this rule.
+        """
+        pulumi.set(__self__, "applies_to_all_protected_branches", applies_to_all_protected_branches)
+        pulumi.set(__self__, "approvals_required", approvals_required)
+        pulumi.set(__self__, "eligible_approver_ids", eligible_approver_ids)
+        pulumi.set(__self__, "group_ids", group_ids)
+        pulumi.set(__self__, "id", id)
         pulumi.set(__self__, "name", name)
-        pulumi.set(__self__, "protected", protected)
-        pulumi.set(__self__, "web_url", web_url)
+        pulumi.set(__self__, "protected_branch_ids", protected_branch_ids)
+        pulumi.set(__self__, "report_type", report_type)
+        pulumi.set(__self__, "rule_type", rule_type)
+        pulumi.set(__self__, "user_ids", user_ids)
 
     @_builtins.property
-    @pulumi.getter(name="canPush")
-    def can_push(self) -> _builtins.bool:
+    @pulumi.getter(name="appliesToAllProtectedBranches")
+    def applies_to_all_protected_branches(self) -> _builtins.bool:
         """
-        Bool, true if you can push to the branch.
+        If true, applies the rule to all protected branches, ignoring the protected branches attribute.
         """
-        return pulumi.get(self, "can_push")
+        return pulumi.get(self, "applies_to_all_protected_branches")
 
     @_builtins.property
-    @pulumi.getter
-    def commits(self) -> Sequence['outputs.GetProjectBranchesBranchCommitResult']:
+    @pulumi.getter(name="approvalsRequired")
+    def approvals_required(self) -> _builtins.int:
         """
-        The commit associated with this branch.
+        The number of approvals required for this rule.
         """
-        return pulumi.get(self, "commits")
+        return pulumi.get(self, "approvals_required")
 
     @_builtins.property
-    @pulumi.getter
-    def default(self) -> _builtins.bool:
+    @pulumi.getter(name="eligibleApproverIds")
+    def eligible_approver_ids(self) -> Sequence[_builtins.int]:
         """
-        Bool, true if branch is the default branch for the project.
+        List of all approver IDs that are eligible to approve this rule.
         """
-        return pulumi.get(self, "default")
+        return pulumi.get(self, "eligible_approver_ids")
 
     @_builtins.property
-    @pulumi.getter(name="developersCanMerge")
-    def developers_can_merge(self) -> _builtins.bool:
+    @pulumi.getter(name="groupIds")
+    def group_ids(self) -> Sequence[_builtins.int]:
         """
-        Bool, true if developer level access allows to merge branch.
+        List of group IDs that are eligible to approve this rule.
         """
-        return pulumi.get(self, "developers_can_merge")
+        return pulumi.get(self, "group_ids")
 
     @_builtins.property
-    @pulumi.getter(name="developersCanPush")
+    @pulumi.getter
+    def id(self) -> _builtins.int:
+        """
+        The ID of the approval rule.
+        """
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        The name of the approval rule.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter(name="protectedBranchIds")
+    def protected_branch_ids(self) -> Sequence[_builtins.int]:
+        """
+        List of protected branch IDs that this rule applies to.
+        """
+        return pulumi.get(self, "protected_branch_ids")
+
+    @_builtins.property
+    @pulumi.getter(name="reportType")
+    def report_type(self) -> _builtins.str:
+        """
+        The report type. Required when the rule type is `report_approver`. The supported report types are `license_scanning` and `code_coverage`.
+        """
+        return pulumi.get(self, "report_type")
+
+    @_builtins.property
+    @pulumi.getter(name="ruleType")
+    def rule_type(self) -> _builtins.str:
+        """
+        The type of the approval rule. Can be `any_approver`, `regular` or `report_approver`.
+        """
+        return pulumi.get(self, "rule_type")
+
+    @_builtins.property
+    @pulumi.getter(name="userIds")
+    def user_ids(self) -> Sequence[_builtins.int]:
+        """
+        List of user IDs that are eligible to approve this rule.
+        """
+        return pulumi.get(self, "user_ids")
+
+
+@pulumi.output_type
+class GetProjectBranchesBranchResult(dict):
+    def __init__(__self__, *,
+                 can_push: _builtins.bool,
+                 commits: Sequence['outputs.GetProjectBranchesBranchCommitResult'],
+                 default: _builtins.bool,
+                 developers_can_merge: _builtins.bool,
+                 developers_can_push: _builtins.bool,
+                 merged: _builtins.bool,
+                 name: _builtins.str,
+                 protected: _builtins.bool,
+                 web_url: _builtins.str):
+        """
+        :param _builtins.bool can_push: Bool, true if you can push to the branch.
+        :param Sequence['GetProjectBranchesBranchCommitArgs'] commits: The commit associated with the branch ref.
+        :param _builtins.bool default: Bool, true if branch is the default branch for the project.
+        :param _builtins.bool developers_can_merge: Bool, true if developer level access allows to merge branch.
+        :param _builtins.bool developers_can_push: Bool, true if developer level access allows git push.
+        :param _builtins.bool merged: Bool, true if the branch has been merged into its parent.
+        :param _builtins.str name: The name of the branch.
+        :param _builtins.bool protected: Bool, true if branch has branch protection.
+        :param _builtins.str web_url: URL that can be used to find the branch in a browser.
+        """
+        pulumi.set(__self__, "can_push", can_push)
+        pulumi.set(__self__, "commits", commits)
+        pulumi.set(__self__, "default", default)
+        pulumi.set(__self__, "developers_can_merge", developers_can_merge)
+        pulumi.set(__self__, "developers_can_push", developers_can_push)
+        pulumi.set(__self__, "merged", merged)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "protected", protected)
+        pulumi.set(__self__, "web_url", web_url)
+
+    @_builtins.property
+    @pulumi.getter(name="canPush")
+    def can_push(self) -> _builtins.bool:
+        """
+        Bool, true if you can push to the branch.
+        """
+        return pulumi.get(self, "can_push")
+
+    @_builtins.property
+    @pulumi.getter
+    def commits(self) -> Sequence['outputs.GetProjectBranchesBranchCommitResult']:
+        """
+        The commit associated with the branch ref.
+        """
+        return pulumi.get(self, "commits")
+
+    @_builtins.property
+    @pulumi.getter
+    def default(self) -> _builtins.bool:
+        """
+        Bool, true if branch is the default branch for the project.
+        """
+        return pulumi.get(self, "default")
+
+    @_builtins.property
+    @pulumi.getter(name="developersCanMerge")
+    def developers_can_merge(self) -> _builtins.bool:
+        """
+        Bool, true if developer level access allows to merge branch.
+        """
+        return pulumi.get(self, "developers_can_merge")
+
+    @_builtins.property
+    @pulumi.getter(name="developersCanPush")
     def developers_can_push(self) -> _builtins.bool:
         """
         Bool, true if developer level access allows git push.
@@ -5948,6 +6373,7 @@ class GetProjectHooksHookResult(dict):
                  tag_push_events: _builtins.bool,
                  token: _builtins.str,
                  url: _builtins.str,
+                 vulnerability_events: _builtins.bool,
                  wiki_page_events: _builtins.bool):
         """
         :param _builtins.bool confidential_issues_events: Invoke the hook for confidential issues events.
@@ -5967,8 +6393,9 @@ class GetProjectHooksHookResult(dict):
         :param _builtins.str push_events_branch_filter: Invoke the hook for push events on matching branches only.
         :param _builtins.bool releases_events: Invoke the hook for releases events.
         :param _builtins.bool tag_push_events: Invoke the hook for tag push events.
-        :param _builtins.str token: A token to present when invoking the hook. The token is not available for imported resources.
+        :param _builtins.str token: A token to present when invoking the hook. The token is only available on resource creation, not in this datasource. It will always be blank. Will be removed in 19.0.
         :param _builtins.str url: The url of the hook to invoke.
+        :param _builtins.bool vulnerability_events: Invoke the hook for vulnerability events.
         :param _builtins.bool wiki_page_events: Invoke the hook for wiki page events.
         """
         pulumi.set(__self__, "confidential_issues_events", confidential_issues_events)
@@ -5990,6 +6417,7 @@ class GetProjectHooksHookResult(dict):
         pulumi.set(__self__, "tag_push_events", tag_push_events)
         pulumi.set(__self__, "token", token)
         pulumi.set(__self__, "url", url)
+        pulumi.set(__self__, "vulnerability_events", vulnerability_events)
         pulumi.set(__self__, "wiki_page_events", wiki_page_events)
 
     @_builtins.property
@@ -6130,9 +6558,10 @@ class GetProjectHooksHookResult(dict):
 
     @_builtins.property
     @pulumi.getter
+    @_utilities.deprecated("""The token is only available on resource creation, not in this datasource. It will always be blank. To be removed in 19.0.""")
     def token(self) -> _builtins.str:
         """
-        A token to present when invoking the hook. The token is not available for imported resources.
+        A token to present when invoking the hook. The token is only available on resource creation, not in this datasource. It will always be blank. Will be removed in 19.0.
         """
         return pulumi.get(self, "token")
 
@@ -6144,6 +6573,14 @@ class GetProjectHooksHookResult(dict):
         """
         return pulumi.get(self, "url")
 
+    @_builtins.property
+    @pulumi.getter(name="vulnerabilityEvents")
+    def vulnerability_events(self) -> _builtins.bool:
+        """
+        Invoke the hook for vulnerability events.
+        """
+        return pulumi.get(self, "vulnerability_events")
+
     @_builtins.property
     @pulumi.getter(name="wikiPageEvents")
     def wiki_page_events(self) -> _builtins.bool:
@@ -6153,6 +6590,214 @@ class GetProjectHooksHookResult(dict):
         return pulumi.get(self, "wiki_page_events")
 
 
+@pulumi.output_type
+class GetProjectIssueLabelEventsEventResult(dict):
+    def __init__(__self__, *,
+                 action: _builtins.str,
+                 created_at: _builtins.str,
+                 id: _builtins.int,
+                 label: 'outputs.GetProjectIssueLabelEventsEventLabelResult',
+                 resource_id: _builtins.int,
+                 resource_type: _builtins.str,
+                 user: 'outputs.GetProjectIssueLabelEventsEventUserResult'):
+        """
+        :param _builtins.str action: The action performed on the label (add, remove).
+        :param _builtins.str created_at: The date and time when the label event was created.
+        :param _builtins.int id: The ID of the label event.
+        :param 'GetProjectIssueLabelEventsEventLabelArgs' label: The label that was added or removed.
+        :param _builtins.int resource_id: The ID of the resource associated with the label event.
+        :param _builtins.str resource_type: The type of the resource associated with the label event.
+        :param 'GetProjectIssueLabelEventsEventUserArgs' user: The user who performed the action.
+        """
+        pulumi.set(__self__, "action", action)
+        pulumi.set(__self__, "created_at", created_at)
+        pulumi.set(__self__, "id", id)
+        pulumi.set(__self__, "label", label)
+        pulumi.set(__self__, "resource_id", resource_id)
+        pulumi.set(__self__, "resource_type", resource_type)
+        pulumi.set(__self__, "user", user)
+
+    @_builtins.property
+    @pulumi.getter
+    def action(self) -> _builtins.str:
+        """
+        The action performed on the label (add, remove).
+        """
+        return pulumi.get(self, "action")
+
+    @_builtins.property
+    @pulumi.getter(name="createdAt")
+    def created_at(self) -> _builtins.str:
+        """
+        The date and time when the label event was created.
+        """
+        return pulumi.get(self, "created_at")
+
+    @_builtins.property
+    @pulumi.getter
+    def id(self) -> _builtins.int:
+        """
+        The ID of the label event.
+        """
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def label(self) -> 'outputs.GetProjectIssueLabelEventsEventLabelResult':
+        """
+        The label that was added or removed.
+        """
+        return pulumi.get(self, "label")
+
+    @_builtins.property
+    @pulumi.getter(name="resourceId")
+    def resource_id(self) -> _builtins.int:
+        """
+        The ID of the resource associated with the label event.
+        """
+        return pulumi.get(self, "resource_id")
+
+    @_builtins.property
+    @pulumi.getter(name="resourceType")
+    def resource_type(self) -> _builtins.str:
+        """
+        The type of the resource associated with the label event.
+        """
+        return pulumi.get(self, "resource_type")
+
+    @_builtins.property
+    @pulumi.getter
+    def user(self) -> 'outputs.GetProjectIssueLabelEventsEventUserResult':
+        """
+        The user who performed the action.
+        """
+        return pulumi.get(self, "user")
+
+
+@pulumi.output_type
+class GetProjectIssueLabelEventsEventLabelResult(dict):
+    def __init__(__self__, *,
+                 color: _builtins.str,
+                 description: _builtins.str,
+                 id: _builtins.int,
+                 name: _builtins.str):
+        """
+        :param _builtins.str color: The color of the label.
+        :param _builtins.str description: The description of the label.
+        :param _builtins.int id: The ID of the label.
+        :param _builtins.str name: The name of the label.
+        """
+        pulumi.set(__self__, "color", color)
+        pulumi.set(__self__, "description", description)
+        pulumi.set(__self__, "id", id)
+        pulumi.set(__self__, "name", name)
+
+    @_builtins.property
+    @pulumi.getter
+    def color(self) -> _builtins.str:
+        """
+        The color of the label.
+        """
+        return pulumi.get(self, "color")
+
+    @_builtins.property
+    @pulumi.getter
+    def description(self) -> _builtins.str:
+        """
+        The description of the label.
+        """
+        return pulumi.get(self, "description")
+
+    @_builtins.property
+    @pulumi.getter
+    def id(self) -> _builtins.int:
+        """
+        The ID of the label.
+        """
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        The name of the label.
+        """
+        return pulumi.get(self, "name")
+
+
+@pulumi.output_type
+class GetProjectIssueLabelEventsEventUserResult(dict):
+    def __init__(__self__, *,
+                 avatar_url: _builtins.str,
+                 id: _builtins.int,
+                 name: _builtins.str,
+                 state: _builtins.str,
+                 username: _builtins.str,
+                 web_url: _builtins.str):
+        """
+        :param _builtins.str avatar_url: The avatar URL of the user.
+        :param _builtins.int id: The ID of the user.
+        :param _builtins.str name: The name of the user.
+        :param _builtins.str state: The state of the user.
+        :param _builtins.str username: The username of the user.
+        :param _builtins.str web_url: The web URL of the user.
+        """
+        pulumi.set(__self__, "avatar_url", avatar_url)
+        pulumi.set(__self__, "id", id)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "state", state)
+        pulumi.set(__self__, "username", username)
+        pulumi.set(__self__, "web_url", web_url)
+
+    @_builtins.property
+    @pulumi.getter(name="avatarUrl")
+    def avatar_url(self) -> _builtins.str:
+        """
+        The avatar URL of the user.
+        """
+        return pulumi.get(self, "avatar_url")
+
+    @_builtins.property
+    @pulumi.getter
+    def id(self) -> _builtins.int:
+        """
+        The ID of the user.
+        """
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        The name of the user.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def state(self) -> _builtins.str:
+        """
+        The state of the user.
+        """
+        return pulumi.get(self, "state")
+
+    @_builtins.property
+    @pulumi.getter
+    def username(self) -> _builtins.str:
+        """
+        The username of the user.
+        """
+        return pulumi.get(self, "username")
+
+    @_builtins.property
+    @pulumi.getter(name="webUrl")
+    def web_url(self) -> _builtins.str:
+        """
+        The web URL of the user.
+        """
+        return pulumi.get(self, "web_url")
+
+
 @pulumi.output_type
 class GetProjectIssueTaskCompletionStatusResult(dict):
     def __init__(__self__, *,
@@ -7310,7 +7955,7 @@ class GetProjectMilestonesMilestoneResult(dict):
         :param _builtins.str due_date: The due date of the milestone. Date time string in the format YYYY-MM-DD, for example 2016-03-11.
         :param _builtins.bool expired: Bool, true if milestone expired.
         :param _builtins.int iid: The ID of the project's milestone.
-        :param _builtins.int milestone_id: The instance-wide ID of the project’s milestone.
+        :param _builtins.int milestone_id: The instance-wide ID of the project's milestone.
         :param _builtins.str project: The ID or URL-encoded path of the project owned by the authenticated user.
         :param _builtins.int project_id: The project ID of milestone.
         :param _builtins.str start_date: The start date of the milestone. Date time string in the format YYYY-MM-DD, for example 2016-03-11.
@@ -7377,7 +8022,7 @@ class GetProjectMilestonesMilestoneResult(dict):
     @pulumi.getter(name="milestoneId")
     def milestone_id(self) -> _builtins.int:
         """
-        The instance-wide ID of the project’s milestone.
+        The instance-wide ID of the project's milestone.
         """
         return pulumi.get(self, "milestone_id")
 
@@ -7934,8 +8579,8 @@ class GetProjectPushRuleResult(dict):
         :param _builtins.int max_file_size: Maximum file size (MB).
         :param _builtins.bool member_check: Restrict commits by author (email) to existing GitLab users.
         :param _builtins.bool prevent_secrets: GitLab will reject any files that are likely to contain secrets.
-        :param _builtins.bool reject_non_dco_commits: Reject commit when it’s not DCO certified.
-        :param _builtins.bool reject_unsigned_commits: Reject commit when it’s not signed through GPG.
+        :param _builtins.bool reject_non_dco_commits: Reject commit when it's not DCO certified.
+        :param _builtins.bool reject_unsigned_commits: Reject commit when it's not signed through GPG.
         """
         pulumi.set(__self__, "author_email_regex", author_email_regex)
         pulumi.set(__self__, "branch_name_regex", branch_name_regex)
@@ -8043,7 +8688,7 @@ class GetProjectPushRuleResult(dict):
     @pulumi.getter(name="rejectNonDcoCommits")
     def reject_non_dco_commits(self) -> _builtins.bool:
         """
-        Reject commit when it’s not DCO certified.
+        Reject commit when it's not DCO certified.
         """
         return pulumi.get(self, "reject_non_dco_commits")
 
@@ -8051,18 +8696,182 @@ class GetProjectPushRuleResult(dict):
     @pulumi.getter(name="rejectUnsignedCommits")
     def reject_unsigned_commits(self) -> _builtins.bool:
         """
-        Reject commit when it’s not signed through GPG.
+        Reject commit when it's not signed through GPG.
         """
         return pulumi.get(self, "reject_unsigned_commits")
 
 
 @pulumi.output_type
-class GetProjectSharedWithGroupResult(dict):
+class GetProjectSecureFileMetadataResult(dict):
     def __init__(__self__, *,
-                 group_access_level: _builtins.int,
-                 group_full_path: _builtins.str,
-                 group_id: _builtins.int,
-                 group_name: _builtins.str):
+                 expires_at: _builtins.str,
+                 id: _builtins.str,
+                 issuer: 'outputs.GetProjectSecureFileMetadataIssuerResult',
+                 subject: 'outputs.GetProjectSecureFileMetadataSubjectResult'):
+        """
+        :param _builtins.str expires_at: Certificate expiration date
+        :param _builtins.str id: Certificate ID
+        :param 'GetProjectSecureFileMetadataIssuerArgs' issuer: Certificate issuer information
+        :param 'GetProjectSecureFileMetadataSubjectArgs' subject: Certificate subject information
+        """
+        pulumi.set(__self__, "expires_at", expires_at)
+        pulumi.set(__self__, "id", id)
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "subject", subject)
+
+    @_builtins.property
+    @pulumi.getter(name="expiresAt")
+    def expires_at(self) -> _builtins.str:
+        """
+        Certificate expiration date
+        """
+        return pulumi.get(self, "expires_at")
+
+    @_builtins.property
+    @pulumi.getter
+    def id(self) -> _builtins.str:
+        """
+        Certificate ID
+        """
+        return pulumi.get(self, "id")
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> 'outputs.GetProjectSecureFileMetadataIssuerResult':
+        """
+        Certificate issuer information
+        """
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter
+    def subject(self) -> 'outputs.GetProjectSecureFileMetadataSubjectResult':
+        """
+        Certificate subject information
+        """
+        return pulumi.get(self, "subject")
+
+
+@pulumi.output_type
+class GetProjectSecureFileMetadataIssuerResult(dict):
+    def __init__(__self__, *,
+                 c: _builtins.str,
+                 cn: _builtins.str,
+                 o: _builtins.str,
+                 ou: _builtins.str):
+        """
+        :param _builtins.str c: Country
+        :param _builtins.str cn: Common Name
+        :param _builtins.str o: Organization
+        :param _builtins.str ou: Organizational Unit
+        """
+        pulumi.set(__self__, "c", c)
+        pulumi.set(__self__, "cn", cn)
+        pulumi.set(__self__, "o", o)
+        pulumi.set(__self__, "ou", ou)
+
+    @_builtins.property
+    @pulumi.getter
+    def c(self) -> _builtins.str:
+        """
+        Country
+        """
+        return pulumi.get(self, "c")
+
+    @_builtins.property
+    @pulumi.getter
+    def cn(self) -> _builtins.str:
+        """
+        Common Name
+        """
+        return pulumi.get(self, "cn")
+
+    @_builtins.property
+    @pulumi.getter
+    def o(self) -> _builtins.str:
+        """
+        Organization
+        """
+        return pulumi.get(self, "o")
+
+    @_builtins.property
+    @pulumi.getter
+    def ou(self) -> _builtins.str:
+        """
+        Organizational Unit
+        """
+        return pulumi.get(self, "ou")
+
+
+@pulumi.output_type
+class GetProjectSecureFileMetadataSubjectResult(dict):
+    def __init__(__self__, *,
+                 c: _builtins.str,
+                 cn: _builtins.str,
+                 o: _builtins.str,
+                 ou: _builtins.str,
+                 uid: _builtins.str):
+        """
+        :param _builtins.str c: Country
+        :param _builtins.str cn: Common Name
+        :param _builtins.str o: Organization
+        :param _builtins.str ou: Organizational Unit
+        :param _builtins.str uid: User ID
+        """
+        pulumi.set(__self__, "c", c)
+        pulumi.set(__self__, "cn", cn)
+        pulumi.set(__self__, "o", o)
+        pulumi.set(__self__, "ou", ou)
+        pulumi.set(__self__, "uid", uid)
+
+    @_builtins.property
+    @pulumi.getter
+    def c(self) -> _builtins.str:
+        """
+        Country
+        """
+        return pulumi.get(self, "c")
+
+    @_builtins.property
+    @pulumi.getter
+    def cn(self) -> _builtins.str:
+        """
+        Common Name
+        """
+        return pulumi.get(self, "cn")
+
+    @_builtins.property
+    @pulumi.getter
+    def o(self) -> _builtins.str:
+        """
+        Organization
+        """
+        return pulumi.get(self, "o")
+
+    @_builtins.property
+    @pulumi.getter
+    def ou(self) -> _builtins.str:
+        """
+        Organizational Unit
+        """
+        return pulumi.get(self, "ou")
+
+    @_builtins.property
+    @pulumi.getter
+    def uid(self) -> _builtins.str:
+        """
+        User ID
+        """
+        return pulumi.get(self, "uid")
+
+
+@pulumi.output_type
+class GetProjectSharedWithGroupResult(dict):
+    def __init__(__self__, *,
+                 group_access_level: _builtins.int,
+                 group_full_path: _builtins.str,
+                 group_id: _builtins.int,
+                 group_name: _builtins.str):
         """
         :param _builtins.int group_access_level: The access_level permission level of the shared group.
         :param _builtins.str group_full_path: The full path of the group shared with.
@@ -8241,7 +9050,7 @@ class GetProjectTagReleaseResult(dict):
                  description: _builtins.str,
                  tag_name: _builtins.str):
         """
-        :param _builtins.str description: The description of release.
+        :param _builtins.str description: The description of the release.
         :param _builtins.str tag_name: The name of the tag.
         """
         pulumi.set(__self__, "description", description)
@@ -8251,7 +9060,7 @@ class GetProjectTagReleaseResult(dict):
     @pulumi.getter
     def description(self) -> _builtins.str:
         """
-        The description of release.
+        The description of the release.
         """
         return pulumi.get(self, "description")
 
@@ -8277,7 +9086,7 @@ class GetProjectTagsTagResult(dict):
         :param Sequence['GetProjectTagsTagCommitArgs'] commits: The commit associated with the tag.
         :param _builtins.str message: The message of the annotated tag.
         :param _builtins.str name: The name of a tag.
-        :param _builtins.bool protected: Bool, true if tag has tag protection.
+        :param _builtins.bool protected: True if tag has tag protection.
         :param Sequence['GetProjectTagsTagReleaseArgs'] releases: The release associated with the tag.
         :param _builtins.str target: The unique id assigned to the commit by Gitlab.
         """
@@ -8316,7 +9125,7 @@ class GetProjectTagsTagResult(dict):
     @pulumi.getter
     def protected(self) -> _builtins.bool:
         """
-        Bool, true if tag has tag protection.
+        True if tag has tag protection.
         """
         return pulumi.get(self, "protected")
 
@@ -8471,7 +9280,7 @@ class GetProjectTagsTagReleaseResult(dict):
                  description: _builtins.str,
                  tag_name: _builtins.str):
         """
-        :param _builtins.str description: The description of release.
+        :param _builtins.str description: The description of the release.
         :param _builtins.str tag_name: The name of the tag.
         """
         pulumi.set(__self__, "description", description)
@@ -8481,7 +9290,7 @@ class GetProjectTagsTagReleaseResult(dict):
     @pulumi.getter
     def description(self) -> _builtins.str:
         """
-        The description of release.
+        The description of the release.
         """
         return pulumi.get(self, "description")
 
@@ -8507,15 +9316,15 @@ class GetProjectVariablesVariableResult(dict):
                  value: _builtins.str,
                  variable_type: _builtins.str):
         """
-        :param _builtins.str description: The description of the variable.
-        :param _builtins.str environment_scope: The environment scope of the variable. Defaults to all environment (`*`). Note that in Community Editions of Gitlab, values other than `*` will cause inconsistent plans.
+        :param _builtins.str description: The description of the variable. Maximum of 255 characters.
+        :param _builtins.str environment_scope: The environment scope of the variable. Defaults to all environment (`*`).
         :param _builtins.str key: The name of the variable.
-        :param _builtins.bool masked: If set to `true`, the value of the variable will be hidden in job logs. The value must meet the [masking requirements](https://docs.gitlab.com/ci/variables/#masked-variables). Defaults to `false`.
-        :param _builtins.str project: The name or id of the project.
-        :param _builtins.bool protected: If set to `true`, the variable will be passed only to pipelines running on protected branches and tags. Defaults to `false`.
-        :param _builtins.bool raw: Whether the variable is treated as a raw string. Default: false. When true, variables in the value are not expanded.
+        :param _builtins.bool masked: If set to `true`, the value of the variable will be hidden in job logs.
+        :param _builtins.str project: The name or path of the project.
+        :param _builtins.bool protected: If set to `true`, the variable will be passed only to pipelines running on protected branches and tags.
+        :param _builtins.bool raw: If set to `true`, the variable will be treated as a raw string.
         :param _builtins.str value: The value of the variable.
-        :param _builtins.str variable_type: The type of a variable. Valid values are: `env_var`, `file`. Default is `env_var`.
+        :param _builtins.str variable_type: The type of the variable, either `env_var` or `file`.
         """
         pulumi.set(__self__, "description", description)
         pulumi.set(__self__, "environment_scope", environment_scope)
@@ -8531,7 +9340,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter
     def description(self) -> _builtins.str:
         """
-        The description of the variable.
+        The description of the variable. Maximum of 255 characters.
         """
         return pulumi.get(self, "description")
 
@@ -8539,7 +9348,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter(name="environmentScope")
     def environment_scope(self) -> _builtins.str:
         """
-        The environment scope of the variable. Defaults to all environment (`*`). Note that in Community Editions of Gitlab, values other than `*` will cause inconsistent plans.
+        The environment scope of the variable. Defaults to all environment (`*`).
         """
         return pulumi.get(self, "environment_scope")
 
@@ -8555,7 +9364,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter
     def masked(self) -> _builtins.bool:
         """
-        If set to `true`, the value of the variable will be hidden in job logs. The value must meet the [masking requirements](https://docs.gitlab.com/ci/variables/#masked-variables). Defaults to `false`.
+        If set to `true`, the value of the variable will be hidden in job logs.
         """
         return pulumi.get(self, "masked")
 
@@ -8563,7 +9372,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter
     def project(self) -> _builtins.str:
         """
-        The name or id of the project.
+        The name or path of the project.
         """
         return pulumi.get(self, "project")
 
@@ -8571,7 +9380,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter
     def protected(self) -> _builtins.bool:
         """
-        If set to `true`, the variable will be passed only to pipelines running on protected branches and tags. Defaults to `false`.
+        If set to `true`, the variable will be passed only to pipelines running on protected branches and tags.
         """
         return pulumi.get(self, "protected")
 
@@ -8579,7 +9388,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter
     def raw(self) -> _builtins.bool:
         """
-        Whether the variable is treated as a raw string. Default: false. When true, variables in the value are not expanded.
+        If set to `true`, the variable will be treated as a raw string.
         """
         return pulumi.get(self, "raw")
 
@@ -8595,7 +9404,7 @@ class GetProjectVariablesVariableResult(dict):
     @pulumi.getter(name="variableType")
     def variable_type(self) -> _builtins.str:
         """
-        The type of a variable. Valid values are: `env_var`, `file`. Default is `env_var`.
+        The type of the variable, either `env_var` or `file`.
         """
         return pulumi.get(self, "variable_type")
 
@@ -8655,6 +9464,7 @@ class GetProjectsProjectResult(dict):
                  keep_latest_artifact: _builtins.bool,
                  last_activity_at: _builtins.str,
                  lfs_enabled: _builtins.bool,
+                 links: Mapping[str, _builtins.str],
                  merge_commit_template: _builtins.str,
                  merge_method: _builtins.str,
                  merge_pipelines_enabled: _builtins.bool,
@@ -8689,6 +9499,7 @@ class GetProjectsProjectResult(dict):
                  request_access_enabled: _builtins.bool,
                  requirements_access_level: _builtins.str,
                  resolve_outdated_diff_discussions: _builtins.bool,
+                 resource_group_default_process_mode: _builtins.str,
                  restrict_user_defined_variables: _builtins.bool,
                  runners_token: _builtins.str,
                  security_and_compliance_access_level: _builtins.str,
@@ -8708,7 +9519,7 @@ class GetProjectsProjectResult(dict):
                  wiki_access_level: _builtins.str,
                  wiki_enabled: _builtins.bool):
         """
-        :param Mapping[str, _builtins.str] _links: Links for the project.
+        :param Mapping[str, _builtins.str] _links: Links for the project. Use `links` instead. To be removed in 19.0.
         :param _builtins.bool allow_merge_on_skipped_pipeline: Whether allow_merge_on_skipped_pipeline is enabled for the project.
         :param _builtins.bool allow_pipeline_trigger_approve_deployment: Set whether or not a pipeline triggerer is allowed to approve deployments. Premium and Ultimate only.
         :param _builtins.str analytics_access_level: Set the analytics access level. Valid values are `disabled`, `private`, `enabled`.
@@ -8760,6 +9571,7 @@ class GetProjectsProjectResult(dict):
         :param _builtins.bool keep_latest_artifact: Disable or enable the ability to keep the latest artifact for this project.
         :param _builtins.str last_activity_at: Last activirty time for the project.
         :param _builtins.bool lfs_enabled: Whether LFS (large file storage) is enabled for the project.
+        :param Mapping[str, _builtins.str] links: Links for the project.
         :param _builtins.str merge_commit_template: Template used to create merge commit message in merge requests.
         :param _builtins.str merge_method: Merge method for the project.
         :param _builtins.bool merge_pipelines_enabled: Enable or disable merge pipelines.
@@ -8793,6 +9605,7 @@ class GetProjectsProjectResult(dict):
         :param _builtins.bool request_access_enabled: Whether requesting access is enabled for the project.
         :param _builtins.str requirements_access_level: Set the requirements access level. Valid values are `disabled`, `private`, `enabled`.
         :param _builtins.bool resolve_outdated_diff_discussions: Whether resolve_outdated_diff_discussions is enabled for the project
+        :param _builtins.str resource_group_default_process_mode: The default resource group process mode for the project.
         :param _builtins.bool restrict_user_defined_variables: Allow only users with the Maintainer role to pass user-defined variables when triggering a pipeline.
         :param _builtins.str runners_token: The runners token for the project.
         :param _builtins.str security_and_compliance_access_level: Set the security and compliance access level. Valid values are `disabled`, `private`, `enabled`.
@@ -8864,6 +9677,7 @@ class GetProjectsProjectResult(dict):
         pulumi.set(__self__, "keep_latest_artifact", keep_latest_artifact)
         pulumi.set(__self__, "last_activity_at", last_activity_at)
         pulumi.set(__self__, "lfs_enabled", lfs_enabled)
+        pulumi.set(__self__, "links", links)
         pulumi.set(__self__, "merge_commit_template", merge_commit_template)
         pulumi.set(__self__, "merge_method", merge_method)
         pulumi.set(__self__, "merge_pipelines_enabled", merge_pipelines_enabled)
@@ -8898,6 +9712,7 @@ class GetProjectsProjectResult(dict):
         pulumi.set(__self__, "request_access_enabled", request_access_enabled)
         pulumi.set(__self__, "requirements_access_level", requirements_access_level)
         pulumi.set(__self__, "resolve_outdated_diff_discussions", resolve_outdated_diff_discussions)
+        pulumi.set(__self__, "resource_group_default_process_mode", resource_group_default_process_mode)
         pulumi.set(__self__, "restrict_user_defined_variables", restrict_user_defined_variables)
         pulumi.set(__self__, "runners_token", runners_token)
         pulumi.set(__self__, "security_and_compliance_access_level", security_and_compliance_access_level)
@@ -8919,9 +9734,10 @@ class GetProjectsProjectResult(dict):
 
     @_builtins.property
     @pulumi.getter
+    @_utilities.deprecated("""Use `links` instead. To be removed in 19.0.""")
     def _links(self) -> Mapping[str, _builtins.str]:
         """
-        Links for the project.
+        Links for the project. Use `links` instead. To be removed in 19.0.
         """
         return pulumi.get(self, "_links")
 
@@ -9333,6 +10149,14 @@ class GetProjectsProjectResult(dict):
         """
         return pulumi.get(self, "lfs_enabled")
 
+    @_builtins.property
+    @pulumi.getter
+    def links(self) -> Mapping[str, _builtins.str]:
+        """
+        Links for the project.
+        """
+        return pulumi.get(self, "links")
+
     @_builtins.property
     @pulumi.getter(name="mergeCommitTemplate")
     def merge_commit_template(self) -> _builtins.str:
@@ -9602,6 +10426,14 @@ class GetProjectsProjectResult(dict):
         """
         return pulumi.get(self, "resolve_outdated_diff_discussions")
 
+    @_builtins.property
+    @pulumi.getter(name="resourceGroupDefaultProcessMode")
+    def resource_group_default_process_mode(self) -> _builtins.str:
+        """
+        The default resource group process mode for the project.
+        """
+        return pulumi.get(self, "resource_group_default_process_mode")
+
     @_builtins.property
     @pulumi.getter(name="restrictUserDefinedVariables")
     def restrict_user_defined_variables(self) -> _builtins.bool:
@@ -10254,13 +11086,13 @@ class GetReleaseLinksReleaseLinkResult(dict):
                  tag_name: _builtins.str,
                  url: _builtins.str):
         """
-        :param _builtins.str direct_asset_url: Full path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/index/#permanent-links-to-release-assets).
+        :param _builtins.str direct_asset_url: Full path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/release_fields/#permanent-links-to-latest-release-assets).
         :param _builtins.bool external: External or internal link.
-        :param _builtins.str filepath: Relative path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/index/#permanent-links-to-release-assets).
+        :param _builtins.str filepath: Relative path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/release_fields/#permanent-links-to-latest-release-assets).
         :param _builtins.int link_id: The ID of the link.
-        :param _builtins.str link_type: The type of the link. Valid values are `other`, `runbook`, `image`, `package`. Defaults to other.
+        :param _builtins.str link_type: The type of the link. Valid values are `other`, `runbook`, `image`, `package`.
         :param _builtins.str name: The name of the link. Link names must be unique within the release.
-        :param _builtins.str project: The ID or [URL-encoded path of the project](https://docs.gitlab.com/api/index/#namespaced-path-encoding).
+        :param _builtins.str project: The ID or Namespace path of the project.
         :param _builtins.str tag_name: The tag associated with the Release.
         :param _builtins.str url: The URL of the link. Link URLs must be unique within the release.
         """
@@ -10278,7 +11110,7 @@ class GetReleaseLinksReleaseLinkResult(dict):
     @pulumi.getter(name="directAssetUrl")
     def direct_asset_url(self) -> _builtins.str:
         """
-        Full path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/index/#permanent-links-to-release-assets).
+        Full path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/release_fields/#permanent-links-to-latest-release-assets).
         """
         return pulumi.get(self, "direct_asset_url")
 
@@ -10294,7 +11126,7 @@ class GetReleaseLinksReleaseLinkResult(dict):
     @pulumi.getter
     def filepath(self) -> _builtins.str:
         """
-        Relative path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/index/#permanent-links-to-release-assets).
+        Relative path for a [Direct Asset link](https://docs.gitlab.com/user/project/releases/release_fields/#permanent-links-to-latest-release-assets).
         """
         return pulumi.get(self, "filepath")
 
@@ -10310,7 +11142,7 @@ class GetReleaseLinksReleaseLinkResult(dict):
     @pulumi.getter(name="linkType")
     def link_type(self) -> _builtins.str:
         """
-        The type of the link. Valid values are `other`, `runbook`, `image`, `package`. Defaults to other.
+        The type of the link. Valid values are `other`, `runbook`, `image`, `package`.
         """
         return pulumi.get(self, "link_type")
 
@@ -10326,7 +11158,7 @@ class GetReleaseLinksReleaseLinkResult(dict):
     @pulumi.getter
     def project(self) -> _builtins.str:
         """
-        The ID or [URL-encoded path of the project](https://docs.gitlab.com/api/index/#namespaced-path-encoding).
+        The ID or Namespace path of the project.
         """
         return pulumi.get(self, "project")
 
@@ -10353,26 +11185,30 @@ class GetRepositoryTreeTreeResult(dict):
                  id: _builtins.str,
                  mode: _builtins.str,
                  name: _builtins.str,
+                 node_id: _builtins.str,
                  path: _builtins.str,
                  type: _builtins.str):
         """
-        :param _builtins.str id: The SHA-1 hash of the tree or blob in the repository.
+        :param _builtins.str id: The project ID. Use `node_id` instead. To be removed in 19.0.
         :param _builtins.str mode: Unix access mode of the file in the repository.
         :param _builtins.str name: Name of the blob or tree in the repository
+        :param _builtins.str node_id: The SHA-1 hash of the tree or blob in the repository.
         :param _builtins.str path: Path of the object inside of the repository.
         :param _builtins.str type: Type of object in the repository. Can be either type tree or of type blob
         """
         pulumi.set(__self__, "id", id)
         pulumi.set(__self__, "mode", mode)
         pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "node_id", node_id)
         pulumi.set(__self__, "path", path)
         pulumi.set(__self__, "type", type)
 
     @_builtins.property
     @pulumi.getter
+    @_utilities.deprecated("""Use `node_id` instead. To be removed in 19.0.""")
     def id(self) -> _builtins.str:
         """
-        The SHA-1 hash of the tree or blob in the repository.
+        The project ID. Use `node_id` instead. To be removed in 19.0.
         """
         return pulumi.get(self, "id")
 
@@ -10392,6 +11228,14 @@ class GetRepositoryTreeTreeResult(dict):
         """
         return pulumi.get(self, "name")
 
+    @_builtins.property
+    @pulumi.getter(name="nodeId")
+    def node_id(self) -> _builtins.str:
+        """
+        The SHA-1 hash of the tree or blob in the repository.
+        """
+        return pulumi.get(self, "node_id")
+
     @_builtins.property
     @pulumi.getter
     def path(self) -> _builtins.str:
@@ -10493,6 +11337,329 @@ class GetRunnersRunnerResult(dict):
         return pulumi.get(self, "status")
 
 
+@pulumi.output_type
+class GetSecurityPolicyDocumentScanExecutionPolicyResult(dict):
+    def __init__(__self__, *,
+                 actions: Sequence['outputs.GetSecurityPolicyDocumentScanExecutionPolicyActionResult'],
+                 enabled: _builtins.bool,
+                 name: _builtins.str,
+                 rules: Sequence['outputs.GetSecurityPolicyDocumentScanExecutionPolicyRuleResult'],
+                 description: Optional[_builtins.str] = None,
+                 policy_scope: Optional['outputs.GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeResult'] = None,
+                 skip_ci: Optional['outputs.GetSecurityPolicyDocumentScanExecutionPolicySkipCiResult'] = None):
+        """
+        :param Sequence['GetSecurityPolicyDocumentScanExecutionPolicyActionArgs'] actions: Actions to execute when rules match. At least one action is required.
+        :param _builtins.bool enabled: Whether the policy is enabled.
+        :param _builtins.str name: Name of the scan execution policy.
+        :param Sequence['GetSecurityPolicyDocumentScanExecutionPolicyRuleArgs'] rules: Rules that trigger the policy. At least one rule is required.
+        :param _builtins.str description: Description of the scan execution policy.
+        :param 'GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeArgs' policy_scope: Scope configuration to limit which projects the policy applies to.
+        :param 'GetSecurityPolicyDocumentScanExecutionPolicySkipCiArgs' skip_ci: Control whether users can use the skip-ci directive.
+        """
+        pulumi.set(__self__, "actions", actions)
+        pulumi.set(__self__, "enabled", enabled)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "rules", rules)
+        if description is not None:
+            pulumi.set(__self__, "description", description)
+        if policy_scope is not None:
+            pulumi.set(__self__, "policy_scope", policy_scope)
+        if skip_ci is not None:
+            pulumi.set(__self__, "skip_ci", skip_ci)
+
+    @_builtins.property
+    @pulumi.getter
+    def actions(self) -> Sequence['outputs.GetSecurityPolicyDocumentScanExecutionPolicyActionResult']:
+        """
+        Actions to execute when rules match. At least one action is required.
+        """
+        return pulumi.get(self, "actions")
+
+    @_builtins.property
+    @pulumi.getter
+    def enabled(self) -> _builtins.bool:
+        """
+        Whether the policy is enabled.
+        """
+        return pulumi.get(self, "enabled")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the scan execution policy.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def rules(self) -> Sequence['outputs.GetSecurityPolicyDocumentScanExecutionPolicyRuleResult']:
+        """
+        Rules that trigger the policy. At least one rule is required.
+        """
+        return pulumi.get(self, "rules")
+
+    @_builtins.property
+    @pulumi.getter
+    def description(self) -> Optional[_builtins.str]:
+        """
+        Description of the scan execution policy.
+        """
+        return pulumi.get(self, "description")
+
+    @_builtins.property
+    @pulumi.getter(name="policyScope")
+    def policy_scope(self) -> Optional['outputs.GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeResult']:
+        """
+        Scope configuration to limit which projects the policy applies to.
+        """
+        return pulumi.get(self, "policy_scope")
+
+    @_builtins.property
+    @pulumi.getter(name="skipCi")
+    def skip_ci(self) -> Optional['outputs.GetSecurityPolicyDocumentScanExecutionPolicySkipCiResult']:
+        """
+        Control whether users can use the skip-ci directive.
+        """
+        return pulumi.get(self, "skip_ci")
+
+
+@pulumi.output_type
+class GetSecurityPolicyDocumentScanExecutionPolicyActionResult(dict):
+    def __init__(__self__, *,
+                 scan: _builtins.str,
+                 scanner_profile: Optional[_builtins.str] = None,
+                 site_profile: Optional[_builtins.str] = None,
+                 tags_to_excludes: Optional[Sequence[_builtins.str]] = None,
+                 template: Optional[_builtins.str] = None,
+                 variables: Optional[Mapping[str, _builtins.str]] = None):
+        """
+        :param _builtins.str scan: Type of scan to run. Valid values: `sast`, `secret_detection`, `container_scanning`, `dependency_scanning`, `dast`, `sast_iac`, `cluster_image_scanning`, `api_fuzzing`, `coverage_fuzzing`.
+        :param _builtins.str scanner_profile: Scanner profile to use for DAST scans.
+        :param _builtins.str site_profile: Site profile to use for DAST scans.
+        :param Sequence[_builtins.str] tags_to_excludes: Tags to exclude from the scan.
+        :param _builtins.str template: The template to use for the scan. Valid values: `default`, `latest`.
+        :param Mapping[str, _builtins.str] variables: Environment variables to pass to the scan job.
+        """
+        pulumi.set(__self__, "scan", scan)
+        if scanner_profile is not None:
+            pulumi.set(__self__, "scanner_profile", scanner_profile)
+        if site_profile is not None:
+            pulumi.set(__self__, "site_profile", site_profile)
+        if tags_to_excludes is not None:
+            pulumi.set(__self__, "tags_to_excludes", tags_to_excludes)
+        if template is not None:
+            pulumi.set(__self__, "template", template)
+        if variables is not None:
+            pulumi.set(__self__, "variables", variables)
+
+    @_builtins.property
+    @pulumi.getter
+    def scan(self) -> _builtins.str:
+        """
+        Type of scan to run. Valid values: `sast`, `secret_detection`, `container_scanning`, `dependency_scanning`, `dast`, `sast_iac`, `cluster_image_scanning`, `api_fuzzing`, `coverage_fuzzing`.
+        """
+        return pulumi.get(self, "scan")
+
+    @_builtins.property
+    @pulumi.getter(name="scannerProfile")
+    def scanner_profile(self) -> Optional[_builtins.str]:
+        """
+        Scanner profile to use for DAST scans.
+        """
+        return pulumi.get(self, "scanner_profile")
+
+    @_builtins.property
+    @pulumi.getter(name="siteProfile")
+    def site_profile(self) -> Optional[_builtins.str]:
+        """
+        Site profile to use for DAST scans.
+        """
+        return pulumi.get(self, "site_profile")
+
+    @_builtins.property
+    @pulumi.getter(name="tagsToExcludes")
+    def tags_to_excludes(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        Tags to exclude from the scan.
+        """
+        return pulumi.get(self, "tags_to_excludes")
+
+    @_builtins.property
+    @pulumi.getter
+    def template(self) -> Optional[_builtins.str]:
+        """
+        The template to use for the scan. Valid values: `default`, `latest`.
+        """
+        return pulumi.get(self, "template")
+
+    @_builtins.property
+    @pulumi.getter
+    def variables(self) -> Optional[Mapping[str, _builtins.str]]:
+        """
+        Environment variables to pass to the scan job.
+        """
+        return pulumi.get(self, "variables")
+
+
+@pulumi.output_type
+class GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeResult(dict):
+    def __init__(__self__, *,
+                 compliance_frameworks: Optional[Sequence[_builtins.str]] = None,
+                 projects: Optional['outputs.GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeProjectsResult'] = None):
+        """
+        :param Sequence[_builtins.str] compliance_frameworks: Compliance framework names to scope the policy to.
+        :param 'GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeProjectsArgs' projects: Project scope configuration.
+        """
+        if compliance_frameworks is not None:
+            pulumi.set(__self__, "compliance_frameworks", compliance_frameworks)
+        if projects is not None:
+            pulumi.set(__self__, "projects", projects)
+
+    @_builtins.property
+    @pulumi.getter(name="complianceFrameworks")
+    def compliance_frameworks(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        Compliance framework names to scope the policy to.
+        """
+        return pulumi.get(self, "compliance_frameworks")
+
+    @_builtins.property
+    @pulumi.getter
+    def projects(self) -> Optional['outputs.GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeProjectsResult']:
+        """
+        Project scope configuration.
+        """
+        return pulumi.get(self, "projects")
+
+
+@pulumi.output_type
+class GetSecurityPolicyDocumentScanExecutionPolicyPolicyScopeProjectsResult(dict):
+    def __init__(__self__, *,
+                 excludings: Optional[Sequence[_builtins.int]] = None,
+                 includings: Optional[Sequence[_builtins.int]] = None):
+        """
+        :param Sequence[_builtins.int] excludings: List of project IDs to exclude from this policy.
+        :param Sequence[_builtins.int] includings: List of project IDs to explicitly include in this policy.
+        """
+        if excludings is not None:
+            pulumi.set(__self__, "excludings", excludings)
+        if includings is not None:
+            pulumi.set(__self__, "includings", includings)
+
+    @_builtins.property
+    @pulumi.getter
+    def excludings(self) -> Optional[Sequence[_builtins.int]]:
+        """
+        List of project IDs to exclude from this policy.
+        """
+        return pulumi.get(self, "excludings")
+
+    @_builtins.property
+    @pulumi.getter
+    def includings(self) -> Optional[Sequence[_builtins.int]]:
+        """
+        List of project IDs to explicitly include in this policy.
+        """
+        return pulumi.get(self, "includings")
+
+
+@pulumi.output_type
+class GetSecurityPolicyDocumentScanExecutionPolicyRuleResult(dict):
+    def __init__(__self__, *,
+                 type: _builtins.str,
+                 agents: Optional[Mapping[str, _builtins.str]] = None,
+                 branch_exceptions: Optional[Sequence[_builtins.str]] = None,
+                 branch_type: Optional[_builtins.str] = None,
+                 branches: Optional[Sequence[_builtins.str]] = None,
+                 cadence: Optional[_builtins.str] = None):
+        """
+        :param _builtins.str type: Type of rule. Valid values: `pipeline`, `schedule`, `agent`.
+        :param Mapping[str, _builtins.str] agents: Kubernetes agents configuration for agent-based policies.
+        :param Sequence[_builtins.str] branch_exceptions: Branches to exclude from the policy.
+        :param _builtins.str branch_type: Type of branches to match. Valid values: `all`, `protected`, `default`.
+        :param Sequence[_builtins.str] branches: Branch names or patterns to match.
+        :param _builtins.str cadence: Cron expression for schedule type rules (e.g., `*/15 * * * *` for every 15 minutes).
+        """
+        pulumi.set(__self__, "type", type)
+        if agents is not None:
+            pulumi.set(__self__, "agents", agents)
+        if branch_exceptions is not None:
+            pulumi.set(__self__, "branch_exceptions", branch_exceptions)
+        if branch_type is not None:
+            pulumi.set(__self__, "branch_type", branch_type)
+        if branches is not None:
+            pulumi.set(__self__, "branches", branches)
+        if cadence is not None:
+            pulumi.set(__self__, "cadence", cadence)
+
+    @_builtins.property
+    @pulumi.getter
+    def type(self) -> _builtins.str:
+        """
+        Type of rule. Valid values: `pipeline`, `schedule`, `agent`.
+        """
+        return pulumi.get(self, "type")
+
+    @_builtins.property
+    @pulumi.getter
+    def agents(self) -> Optional[Mapping[str, _builtins.str]]:
+        """
+        Kubernetes agents configuration for agent-based policies.
+        """
+        return pulumi.get(self, "agents")
+
+    @_builtins.property
+    @pulumi.getter(name="branchExceptions")
+    def branch_exceptions(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        Branches to exclude from the policy.
+        """
+        return pulumi.get(self, "branch_exceptions")
+
+    @_builtins.property
+    @pulumi.getter(name="branchType")
+    def branch_type(self) -> Optional[_builtins.str]:
+        """
+        Type of branches to match. Valid values: `all`, `protected`, `default`.
+        """
+        return pulumi.get(self, "branch_type")
+
+    @_builtins.property
+    @pulumi.getter
+    def branches(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        Branch names or patterns to match.
+        """
+        return pulumi.get(self, "branches")
+
+    @_builtins.property
+    @pulumi.getter
+    def cadence(self) -> Optional[_builtins.str]:
+        """
+        Cron expression for schedule type rules (e.g., `*/15 * * * *` for every 15 minutes).
+        """
+        return pulumi.get(self, "cadence")
+
+
+@pulumi.output_type
+class GetSecurityPolicyDocumentScanExecutionPolicySkipCiResult(dict):
+    def __init__(__self__, *,
+                 allowed: _builtins.bool):
+        """
+        :param _builtins.bool allowed: Allow (true) or prevent (false) the use of skip-ci directive.
+        """
+        pulumi.set(__self__, "allowed", allowed)
+
+    @_builtins.property
+    @pulumi.getter
+    def allowed(self) -> _builtins.bool:
+        """
+        Allow (true) or prevent (false) the use of skip-ci directive.
+        """
+        return pulumi.get(self, "allowed")
+
+
 @pulumi.output_type
 class GetUserSshkeysKeyResult(dict):
     def __init__(__self__, *,