pulumi-tailscale 1.0.0a1759907095__tar.gz → 1.0.0a1764138241__tar.gz

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulumi_tailscale
-Version: 1.0.0a1759907095
+Version: 1.0.0a1764138241
 Summary: A Pulumi package for creating and managing Tailscale cloud resources.
 License: Apache-2.0
 Project-URL: Homepage, https://pulumi.io

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale/acl.py

@@ -158,12 +158,12 @@ class Acl(pulumi.CustomResource):
         }))
         as_hujson = tailscale.Acl("as_hujson", acl=\"\"\"  {
             // Comments in HuJSON policy are preserved when the policy is applied.
-            "acls": [
+            \\"acls\\": [
               {
                 // Allow all users access to all ports.
-                action = "accept",
-                users  = ["*"],
-                ports  = ["*:*"],
+                action = \\"accept\\",
+                users  = [\\"*\\"],
+                ports  = [\\"*:*\\"],
               },
             ],
           }
@@ -213,12 +213,12 @@ class Acl(pulumi.CustomResource):
         }))
         as_hujson = tailscale.Acl("as_hujson", acl=\"\"\"  {
             // Comments in HuJSON policy are preserved when the policy is applied.
-            "acls": [
+            \\"acls\\": [
               {
                 // Allow all users access to all ports.
-                action = "accept",
-                users  = ["*"],
-                ports  = ["*:*"],
+                action = \\"accept\\",
+                users  = [\\"*\\"],
+                ports  = [\\"*:*\\"],
               },
             ],
           }

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale/config/__init__.pyi

@@ -24,24 +24,29 @@ baseUrl: Optional[str]
 The base URL of the Tailscale API. Defaults to https://api.tailscale.com. Can be set via the TAILSCALE_BASE_URL environment variable.
 """
 
+identityToken: Optional[str]
+"""
+The jwt identity token to exchange for a Tailscale API token when using a federated identity client. Can be set via the TAILSCALE_IDENTITY_TOKEN environment variable. Conflicts with 'api_key' and 'oauth_client_secret'.
+"""
+
 oauthClientId: Optional[str]
 """
-The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Either 'oauth_client_secret' or 'identity_token' must be set alongside 'oauth_client_id'. Conflicts with 'api_key'.
 """
 
 oauthClientSecret: Optional[str]
 """
-The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Conflicts with 'api_key' and 'identity_token'.
 """
 
 scopes: Optional[str]
 """
-The OAuth 2.0 scopes to request when for the access token generated using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
+The OAuth 2.0 scopes to request when generating the access token using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
 """
 
 tailnet: Optional[str]
 """
-The organization name of the Tailnet in which to perform actions. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
+The tailnet ID. Tailnets created before Oct 2025 can still use the legacy ID, but the Tailnet ID is the preferred identifier. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
 """
 
 userAgent: Optional[str]

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale/config/vars.py

@@ -34,31 +34,38 @@ class _ExportableConfig(types.ModuleType):
         """
         return __config__.get('baseUrl')
 
+    @_builtins.property
+    def identity_token(self) -> Optional[str]:
+        """
+        The jwt identity token to exchange for a Tailscale API token when using a federated identity client. Can be set via the TAILSCALE_IDENTITY_TOKEN environment variable. Conflicts with 'api_key' and 'oauth_client_secret'.
+        """
+        return __config__.get('identityToken')
+
     @_builtins.property
     def oauth_client_id(self) -> Optional[str]:
         """
-        The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+        The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Either 'oauth_client_secret' or 'identity_token' must be set alongside 'oauth_client_id'. Conflicts with 'api_key'.
         """
         return __config__.get('oauthClientId')
 
     @_builtins.property
     def oauth_client_secret(self) -> Optional[str]:
         """
-        The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+        The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Conflicts with 'api_key' and 'identity_token'.
         """
         return __config__.get('oauthClientSecret')
 
     @_builtins.property
     def scopes(self) -> Optional[str]:
         """
-        The OAuth 2.0 scopes to request when for the access token generated using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
+        The OAuth 2.0 scopes to request when generating the access token using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
         """
         return __config__.get('scopes')
 
     @_builtins.property
     def tailnet(self) -> Optional[str]:
         """
-        The organization name of the Tailnet in which to perform actions. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
+        The tailnet ID. Tailnets created before Oct 2025 can still use the legacy ID, but the Tailnet ID is the preferred identifier. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
         """
         return __config__.get('tailnet')
 

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale/provider.py

@@ -21,6 +21,7 @@ class ProviderArgs:
     def __init__(__self__, *,
                  api_key: Optional[pulumi.Input[_builtins.str]] = None,
                  base_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 identity_token: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_client_id: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
                  scopes: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -30,16 +31,19 @@ class ProviderArgs:
         The set of arguments for constructing a Provider resource.
         :param pulumi.Input[_builtins.str] api_key: The API key to use for authenticating requests to the API. Can be set via the TAILSCALE_API_KEY environment variable. Conflicts with 'oauth_client_id' and 'oauth_client_secret'.
         :param pulumi.Input[_builtins.str] base_url: The base URL of the Tailscale API. Defaults to https://api.tailscale.com. Can be set via the TAILSCALE_BASE_URL environment variable.
-        :param pulumi.Input[_builtins.str] oauth_client_id: The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
-        :param pulumi.Input[_builtins.str] oauth_client_secret: The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
-        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] scopes: The OAuth 2.0 scopes to request when for the access token generated using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
-        :param pulumi.Input[_builtins.str] tailnet: The organization name of the Tailnet in which to perform actions. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
+        :param pulumi.Input[_builtins.str] identity_token: The jwt identity token to exchange for a Tailscale API token when using a federated identity client. Can be set via the TAILSCALE_IDENTITY_TOKEN environment variable. Conflicts with 'api_key' and 'oauth_client_secret'.
+        :param pulumi.Input[_builtins.str] oauth_client_id: The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Either 'oauth_client_secret' or 'identity_token' must be set alongside 'oauth_client_id'. Conflicts with 'api_key'.
+        :param pulumi.Input[_builtins.str] oauth_client_secret: The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Conflicts with 'api_key' and 'identity_token'.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] scopes: The OAuth 2.0 scopes to request when generating the access token using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
+        :param pulumi.Input[_builtins.str] tailnet: The tailnet ID. Tailnets created before Oct 2025 can still use the legacy ID, but the Tailnet ID is the preferred identifier. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
         :param pulumi.Input[_builtins.str] user_agent: User-Agent header for API requests.
         """
         if api_key is not None:
             pulumi.set(__self__, "api_key", api_key)
         if base_url is not None:
             pulumi.set(__self__, "base_url", base_url)
+        if identity_token is not None:
+            pulumi.set(__self__, "identity_token", identity_token)
         if oauth_client_id is not None:
             pulumi.set(__self__, "oauth_client_id", oauth_client_id)
         if oauth_client_secret is not None:
@@ -75,11 +79,23 @@ class ProviderArgs:
     def base_url(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "base_url", value)
 
+    @_builtins.property
+    @pulumi.getter(name="identityToken")
+    def identity_token(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The jwt identity token to exchange for a Tailscale API token when using a federated identity client. Can be set via the TAILSCALE_IDENTITY_TOKEN environment variable. Conflicts with 'api_key' and 'oauth_client_secret'.
+        """
+        return pulumi.get(self, "identity_token")
+
+    @identity_token.setter
+    def identity_token(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "identity_token", value)
+
     @_builtins.property
     @pulumi.getter(name="oauthClientId")
     def oauth_client_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+        The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Either 'oauth_client_secret' or 'identity_token' must be set alongside 'oauth_client_id'. Conflicts with 'api_key'.
         """
         return pulumi.get(self, "oauth_client_id")
 
@@ -91,7 +107,7 @@ class ProviderArgs:
     @pulumi.getter(name="oauthClientSecret")
     def oauth_client_secret(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+        The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Conflicts with 'api_key' and 'identity_token'.
         """
         return pulumi.get(self, "oauth_client_secret")
 
@@ -103,7 +119,7 @@ class ProviderArgs:
     @pulumi.getter
     def scopes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
-        The OAuth 2.0 scopes to request when for the access token generated using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
+        The OAuth 2.0 scopes to request when generating the access token using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
         """
         return pulumi.get(self, "scopes")
 
@@ -115,7 +131,7 @@ class ProviderArgs:
     @pulumi.getter
     def tailnet(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The organization name of the Tailnet in which to perform actions. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
+        The tailnet ID. Tailnets created before Oct 2025 can still use the legacy ID, but the Tailnet ID is the preferred identifier. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
         """
         return pulumi.get(self, "tailnet")
 
@@ -144,6 +160,7 @@ class Provider(pulumi.ProviderResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  api_key: Optional[pulumi.Input[_builtins.str]] = None,
                  base_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 identity_token: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_client_id: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
                  scopes: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -160,10 +177,11 @@ class Provider(pulumi.ProviderResource):
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.str] api_key: The API key to use for authenticating requests to the API. Can be set via the TAILSCALE_API_KEY environment variable. Conflicts with 'oauth_client_id' and 'oauth_client_secret'.
         :param pulumi.Input[_builtins.str] base_url: The base URL of the Tailscale API. Defaults to https://api.tailscale.com. Can be set via the TAILSCALE_BASE_URL environment variable.
-        :param pulumi.Input[_builtins.str] oauth_client_id: The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
-        :param pulumi.Input[_builtins.str] oauth_client_secret: The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
-        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] scopes: The OAuth 2.0 scopes to request when for the access token generated using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
-        :param pulumi.Input[_builtins.str] tailnet: The organization name of the Tailnet in which to perform actions. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
+        :param pulumi.Input[_builtins.str] identity_token: The jwt identity token to exchange for a Tailscale API token when using a federated identity client. Can be set via the TAILSCALE_IDENTITY_TOKEN environment variable. Conflicts with 'api_key' and 'oauth_client_secret'.
+        :param pulumi.Input[_builtins.str] oauth_client_id: The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Either 'oauth_client_secret' or 'identity_token' must be set alongside 'oauth_client_id'. Conflicts with 'api_key'.
+        :param pulumi.Input[_builtins.str] oauth_client_secret: The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Conflicts with 'api_key' and 'identity_token'.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] scopes: The OAuth 2.0 scopes to request when generating the access token using the supplied OAuth client credentials. See https://tailscale.com/kb/1215/oauth-clients/#scopes for available scopes. Only valid when both 'oauth_client_id' and 'oauth_client_secret' are set.
+        :param pulumi.Input[_builtins.str] tailnet: The tailnet ID. Tailnets created before Oct 2025 can still use the legacy ID, but the Tailnet ID is the preferred identifier. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
         :param pulumi.Input[_builtins.str] user_agent: User-Agent header for API requests.
         """
         ...
@@ -195,6 +213,7 @@ class Provider(pulumi.ProviderResource):
                  opts: Optional[pulumi.ResourceOptions] = None,
                  api_key: Optional[pulumi.Input[_builtins.str]] = None,
                  base_url: Optional[pulumi.Input[_builtins.str]] = None,
+                 identity_token: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_client_id: Optional[pulumi.Input[_builtins.str]] = None,
                  oauth_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
                  scopes: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
@@ -211,12 +230,13 @@ class Provider(pulumi.ProviderResource):
 
             __props__.__dict__["api_key"] = None if api_key is None else pulumi.Output.secret(api_key)
             __props__.__dict__["base_url"] = base_url
+            __props__.__dict__["identity_token"] = None if identity_token is None else pulumi.Output.secret(identity_token)
             __props__.__dict__["oauth_client_id"] = oauth_client_id
             __props__.__dict__["oauth_client_secret"] = None if oauth_client_secret is None else pulumi.Output.secret(oauth_client_secret)
             __props__.__dict__["scopes"] = pulumi.Output.from_input(scopes).apply(pulumi.runtime.to_json) if scopes is not None else None
             __props__.__dict__["tailnet"] = tailnet
             __props__.__dict__["user_agent"] = user_agent
-        secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["apiKey", "oauthClientSecret"])
+        secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["apiKey", "identityToken", "oauthClientSecret"])
         opts = pulumi.ResourceOptions.merge(opts, secret_opts)
         super(Provider, __self__).__init__(
             'tailscale',
@@ -240,11 +260,19 @@ class Provider(pulumi.ProviderResource):
         """
         return pulumi.get(self, "base_url")
 
+    @_builtins.property
+    @pulumi.getter(name="identityToken")
+    def identity_token(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The jwt identity token to exchange for a Tailscale API token when using a federated identity client. Can be set via the TAILSCALE_IDENTITY_TOKEN environment variable. Conflicts with 'api_key' and 'oauth_client_secret'.
+        """
+        return pulumi.get(self, "identity_token")
+
     @_builtins.property
     @pulumi.getter(name="oauthClientId")
     def oauth_client_id(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+        The OAuth application's ID when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_ID environment variable. Either 'oauth_client_secret' or 'identity_token' must be set alongside 'oauth_client_id'. Conflicts with 'api_key'.
         """
         return pulumi.get(self, "oauth_client_id")
 
@@ -252,7 +280,7 @@ class Provider(pulumi.ProviderResource):
     @pulumi.getter(name="oauthClientSecret")
     def oauth_client_secret(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Both 'oauth_client_id' and 'oauth_client_secret' must be set. Conflicts with 'api_key'.
+        The OAuth application's secret when using OAuth client credentials. Can be set via the TAILSCALE_OAUTH_CLIENT_SECRET environment variable. Conflicts with 'api_key' and 'identity_token'.
         """
         return pulumi.get(self, "oauth_client_secret")
 
@@ -260,7 +288,7 @@ class Provider(pulumi.ProviderResource):
     @pulumi.getter
     def tailnet(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        The organization name of the Tailnet in which to perform actions. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
+        The tailnet ID. Tailnets created before Oct 2025 can still use the legacy ID, but the Tailnet ID is the preferred identifier. Can be set via the TAILSCALE_TAILNET environment variable. Default is the tailnet that owns API credentials passed to the provider.
         """
         return pulumi.get(self, "tailnet")
 

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale/pulumi-plugin.json

@@ -1,5 +1,5 @@
 {
   "resource": true,
   "name": "tailscale",
-  "version": "1.0.0-alpha.1759907095"
+  "version": "1.0.0-alpha.1764138241"
 }

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale/tailnet_settings.py

@@ -24,6 +24,7 @@ class TailnetSettingsArgs:
                  devices_approval_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_auto_updates_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_key_duration_days: Optional[pulumi.Input[_builtins.int]] = None,
+                 https_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  network_flow_logging_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  posture_identity_collection_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  regional_routing_on: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -35,7 +36,8 @@ class TailnetSettingsArgs:
         :param pulumi.Input[_builtins.bool] devices_approval_on: Whether device approval is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] devices_auto_updates_on: Whether auto updates are enabled for devices that belong to this tailnet
         :param pulumi.Input[_builtins.int] devices_key_duration_days: The key expiry duration for devices on this tailnet
-        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flog logs are enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] https_enabled: Whether provisioning of HTTPS certificates is enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flow logs are enabled for the tailnet
         :param pulumi.Input[_builtins.bool] posture_identity_collection_on: Whether identity collection is enabled for device posture integrations for the tailnet
         :param pulumi.Input[_builtins.bool] regional_routing_on: Whether regional routing is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] users_approval_on: Whether user approval is enabled for this tailnet
@@ -51,6 +53,8 @@ class TailnetSettingsArgs:
             pulumi.set(__self__, "devices_auto_updates_on", devices_auto_updates_on)
         if devices_key_duration_days is not None:
             pulumi.set(__self__, "devices_key_duration_days", devices_key_duration_days)
+        if https_enabled is not None:
+            pulumi.set(__self__, "https_enabled", https_enabled)
         if network_flow_logging_on is not None:
             pulumi.set(__self__, "network_flow_logging_on", network_flow_logging_on)
         if posture_identity_collection_on is not None:
@@ -119,11 +123,23 @@ class TailnetSettingsArgs:
     def devices_key_duration_days(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "devices_key_duration_days", value)
 
+    @_builtins.property
+    @pulumi.getter(name="httpsEnabled")
+    def https_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Whether provisioning of HTTPS certificates is enabled for the tailnet
+        """
+        return pulumi.get(self, "https_enabled")
+
+    @https_enabled.setter
+    def https_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "https_enabled", value)
+
     @_builtins.property
     @pulumi.getter(name="networkFlowLoggingOn")
     def network_flow_logging_on(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        Whether network flog logs are enabled for the tailnet
+        Whether network flow logs are enabled for the tailnet
         """
         return pulumi.get(self, "network_flow_logging_on")
 
@@ -188,6 +204,7 @@ class _TailnetSettingsState:
                  devices_approval_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_auto_updates_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_key_duration_days: Optional[pulumi.Input[_builtins.int]] = None,
+                 https_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  network_flow_logging_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  posture_identity_collection_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  regional_routing_on: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -199,7 +216,8 @@ class _TailnetSettingsState:
         :param pulumi.Input[_builtins.bool] devices_approval_on: Whether device approval is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] devices_auto_updates_on: Whether auto updates are enabled for devices that belong to this tailnet
         :param pulumi.Input[_builtins.int] devices_key_duration_days: The key expiry duration for devices on this tailnet
-        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flog logs are enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] https_enabled: Whether provisioning of HTTPS certificates is enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flow logs are enabled for the tailnet
         :param pulumi.Input[_builtins.bool] posture_identity_collection_on: Whether identity collection is enabled for device posture integrations for the tailnet
         :param pulumi.Input[_builtins.bool] regional_routing_on: Whether regional routing is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] users_approval_on: Whether user approval is enabled for this tailnet
@@ -215,6 +233,8 @@ class _TailnetSettingsState:
             pulumi.set(__self__, "devices_auto_updates_on", devices_auto_updates_on)
         if devices_key_duration_days is not None:
             pulumi.set(__self__, "devices_key_duration_days", devices_key_duration_days)
+        if https_enabled is not None:
+            pulumi.set(__self__, "https_enabled", https_enabled)
         if network_flow_logging_on is not None:
             pulumi.set(__self__, "network_flow_logging_on", network_flow_logging_on)
         if posture_identity_collection_on is not None:
@@ -283,11 +303,23 @@ class _TailnetSettingsState:
     def devices_key_duration_days(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "devices_key_duration_days", value)
 
+    @_builtins.property
+    @pulumi.getter(name="httpsEnabled")
+    def https_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Whether provisioning of HTTPS certificates is enabled for the tailnet
+        """
+        return pulumi.get(self, "https_enabled")
+
+    @https_enabled.setter
+    def https_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "https_enabled", value)
+
     @_builtins.property
     @pulumi.getter(name="networkFlowLoggingOn")
     def network_flow_logging_on(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
-        Whether network flog logs are enabled for the tailnet
+        Whether network flow logs are enabled for the tailnet
         """
         return pulumi.get(self, "network_flow_logging_on")
 
@@ -355,6 +387,7 @@ class TailnetSettings(pulumi.CustomResource):
                  devices_approval_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_auto_updates_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_key_duration_days: Optional[pulumi.Input[_builtins.int]] = None,
+                 https_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  network_flow_logging_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  posture_identity_collection_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  regional_routing_on: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -378,7 +411,8 @@ class TailnetSettings(pulumi.CustomResource):
             devices_key_duration_days=5,
             users_approval_on=True,
             users_role_allowed_to_join_external_tailnet="member",
-            posture_identity_collection_on=True)
+            posture_identity_collection_on=True,
+            https_enabled=True)
         ```
 
         ## Import
@@ -397,7 +431,8 @@ class TailnetSettings(pulumi.CustomResource):
         :param pulumi.Input[_builtins.bool] devices_approval_on: Whether device approval is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] devices_auto_updates_on: Whether auto updates are enabled for devices that belong to this tailnet
         :param pulumi.Input[_builtins.int] devices_key_duration_days: The key expiry duration for devices on this tailnet
-        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flog logs are enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] https_enabled: Whether provisioning of HTTPS certificates is enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flow logs are enabled for the tailnet
         :param pulumi.Input[_builtins.bool] posture_identity_collection_on: Whether identity collection is enabled for device posture integrations for the tailnet
         :param pulumi.Input[_builtins.bool] regional_routing_on: Whether regional routing is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] users_approval_on: Whether user approval is enabled for this tailnet
@@ -426,7 +461,8 @@ class TailnetSettings(pulumi.CustomResource):
             devices_key_duration_days=5,
             users_approval_on=True,
             users_role_allowed_to_join_external_tailnet="member",
-            posture_identity_collection_on=True)
+            posture_identity_collection_on=True,
+            https_enabled=True)
         ```
 
         ## Import
@@ -459,6 +495,7 @@ class TailnetSettings(pulumi.CustomResource):
                  devices_approval_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_auto_updates_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  devices_key_duration_days: Optional[pulumi.Input[_builtins.int]] = None,
+                 https_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  network_flow_logging_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  posture_identity_collection_on: Optional[pulumi.Input[_builtins.bool]] = None,
                  regional_routing_on: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -478,6 +515,7 @@ class TailnetSettings(pulumi.CustomResource):
             __props__.__dict__["devices_approval_on"] = devices_approval_on
             __props__.__dict__["devices_auto_updates_on"] = devices_auto_updates_on
             __props__.__dict__["devices_key_duration_days"] = devices_key_duration_days
+            __props__.__dict__["https_enabled"] = https_enabled
             __props__.__dict__["network_flow_logging_on"] = network_flow_logging_on
             __props__.__dict__["posture_identity_collection_on"] = posture_identity_collection_on
             __props__.__dict__["regional_routing_on"] = regional_routing_on
@@ -498,6 +536,7 @@ class TailnetSettings(pulumi.CustomResource):
             devices_approval_on: Optional[pulumi.Input[_builtins.bool]] = None,
             devices_auto_updates_on: Optional[pulumi.Input[_builtins.bool]] = None,
             devices_key_duration_days: Optional[pulumi.Input[_builtins.int]] = None,
+            https_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
             network_flow_logging_on: Optional[pulumi.Input[_builtins.bool]] = None,
             posture_identity_collection_on: Optional[pulumi.Input[_builtins.bool]] = None,
             regional_routing_on: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -514,7 +553,8 @@ class TailnetSettings(pulumi.CustomResource):
         :param pulumi.Input[_builtins.bool] devices_approval_on: Whether device approval is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] devices_auto_updates_on: Whether auto updates are enabled for devices that belong to this tailnet
         :param pulumi.Input[_builtins.int] devices_key_duration_days: The key expiry duration for devices on this tailnet
-        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flog logs are enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] https_enabled: Whether provisioning of HTTPS certificates is enabled for the tailnet
+        :param pulumi.Input[_builtins.bool] network_flow_logging_on: Whether network flow logs are enabled for the tailnet
         :param pulumi.Input[_builtins.bool] posture_identity_collection_on: Whether identity collection is enabled for device posture integrations for the tailnet
         :param pulumi.Input[_builtins.bool] regional_routing_on: Whether regional routing is enabled for the tailnet
         :param pulumi.Input[_builtins.bool] users_approval_on: Whether user approval is enabled for this tailnet
@@ -529,6 +569,7 @@ class TailnetSettings(pulumi.CustomResource):
         __props__.__dict__["devices_approval_on"] = devices_approval_on
         __props__.__dict__["devices_auto_updates_on"] = devices_auto_updates_on
         __props__.__dict__["devices_key_duration_days"] = devices_key_duration_days
+        __props__.__dict__["https_enabled"] = https_enabled
         __props__.__dict__["network_flow_logging_on"] = network_flow_logging_on
         __props__.__dict__["posture_identity_collection_on"] = posture_identity_collection_on
         __props__.__dict__["regional_routing_on"] = regional_routing_on
@@ -573,11 +614,19 @@ class TailnetSettings(pulumi.CustomResource):
         """
         return pulumi.get(self, "devices_key_duration_days")
 
+    @_builtins.property
+    @pulumi.getter(name="httpsEnabled")
+    def https_enabled(self) -> pulumi.Output[_builtins.bool]:
+        """
+        Whether provisioning of HTTPS certificates is enabled for the tailnet
+        """
+        return pulumi.get(self, "https_enabled")
+
     @_builtins.property
     @pulumi.getter(name="networkFlowLoggingOn")
     def network_flow_logging_on(self) -> pulumi.Output[_builtins.bool]:
         """
-        Whether network flog logs are enabled for the tailnet
+        Whether network flow logs are enabled for the tailnet
         """
         return pulumi.get(self, "network_flow_logging_on")
 

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pulumi_tailscale.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulumi_tailscale
-Version: 1.0.0a1759907095
+Version: 1.0.0a1764138241
 Summary: A Pulumi package for creating and managing Tailscale cloud resources.
 License: Apache-2.0
 Project-URL: Homepage, https://pulumi.io

{pulumi_tailscale-1.0.0a1759907095 → pulumi_tailscale-1.0.0a1764138241}/pyproject.toml

@@ -5,7 +5,7 @@
   keywords = ["pulumi", "tailscale"]
   readme = "README.md"
   requires-python = ">=3.9"
-  version = "1.0.0a1759907095"
+  version = "1.0.0a1764138241"
   [project.license]
     text = "Apache-2.0"
   [project.urls]