Pulumi Rancher2

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-rancher2 repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-rancher2 repo.

class pulumi_rancher2.ActiveDirectory(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, certificate=None, connection_timeout=None, default_login_domain=None, enabled=None, group_dn_attribute=None, group_member_mapping_attribute=None, group_member_user_attribute=None, group_name_attribute=None, group_object_class=None, group_search_attribute=None, group_search_base=None, group_search_filter=None, labels=None, nested_group_membership_enabled=None, port=None, servers=None, service_account_password=None, service_account_username=None, tls=None, user_disabled_bit_mask=None, user_enabled_attribute=None, user_login_attribute=None, user_name_attribute=None, user_object_class=None, user_search_attribute=None, user_search_base=None, user_search_filter=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config ActiveDirectory resource. This can be used to configure and enable Auth Config ActiveDirectory for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • certificate (pulumi.Input[str]) – CA certificate for TLS if selfsigned (string)

  • connection_timeout (pulumi.Input[float]) – ActiveDirectory connection timeout. Default 5000 (int)

  • default_login_domain (pulumi.Input[str]) – ActiveDirectory defult lgoin domain (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • group_dn_attribute (pulumi.Input[str]) – Group DN attribute. Default distinguishedName (string)

  • group_member_mapping_attribute (pulumi.Input[str]) – Group member mapping attribute. Default member (string)

  • group_member_user_attribute (pulumi.Input[str]) – Group member user attribute. Default distinguishedName (string)

  • group_name_attribute (pulumi.Input[str]) – Group name attribute. Default name (string)

  • group_object_class (pulumi.Input[str]) – Group object class. Default group (string)

  • group_search_attribute (pulumi.Input[str]) – Group search attribute. Default sAMAccountName (string)

  • group_search_base (pulumi.Input[str]) – Group search base (string)

  • group_search_filter (pulumi.Input[str]) – Group search filter (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • nested_group_membership_enabled (pulumi.Input[bool]) – Nested group membership enable. Default false (bool)

  • port (pulumi.Input[float]) – ActiveDirectory port. Default 389 (int)

  • servers (pulumi.Input[list]) – ActiveDirectory servers list (list)

  • service_account_password (pulumi.Input[str]) – Service account password for access ActiveDirectory service (string)

  • service_account_username (pulumi.Input[str]) – Service account DN for access ActiveDirectory service (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection (bool)

  • user_disabled_bit_mask (pulumi.Input[float]) – User disabled bit mask. Default 2 (int)

  • user_enabled_attribute (pulumi.Input[str]) – User enable attribute (string)

  • user_login_attribute (pulumi.Input[str]) – User login attribute. Default sAMAccountName (string)

  • user_name_attribute (pulumi.Input[str]) – User name attribute. Default name (string)

  • user_object_class (pulumi.Input[str]) – User object class. Default person (string)

  • user_search_attribute (pulumi.Input[str]) – User search attribute. Default sAMAccountName|sn|givenName (string)

  • user_search_base (pulumi.Input[str]) – User search base DN (string)

  • user_search_filter (pulumi.Input[str]) – User search filter (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

annotations = None

Annotations of the resource (map)

certificate = None

CA certificate for TLS if selfsigned (string)

connection_timeout = None

ActiveDirectory connection timeout. Default 5000 (int)

default_login_domain = None

ActiveDirectory defult lgoin domain (string)

enabled = None

Enable auth config provider. Default true (bool)

group_dn_attribute = None

Group DN attribute. Default distinguishedName (string)

group_member_mapping_attribute = None

Group member mapping attribute. Default member (string)

group_member_user_attribute = None

Group member user attribute. Default distinguishedName (string)

group_name_attribute = None

Group name attribute. Default name (string)

group_object_class = None

Group object class. Default group (string)

group_search_attribute = None

Group search attribute. Default sAMAccountName (string)

group_search_base = None

Group search base (string)

group_search_filter = None

Group search filter (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

nested_group_membership_enabled = None

Nested group membership enable. Default false (bool)

port = None

ActiveDirectory port. Default 389 (int)

servers = None

ActiveDirectory servers list (list)

service_account_password = None

Service account password for access ActiveDirectory service (string)

service_account_username = None

Service account DN for access ActiveDirectory service (string)

tls = None

Enable TLS connection (bool)

type = None

(Computed) The type of the resource (string)

user_disabled_bit_mask = None

User disabled bit mask. Default 2 (int)

user_enabled_attribute = None

User enable attribute (string)

user_login_attribute = None

User login attribute. Default sAMAccountName (string)

user_name_attribute = None

User name attribute. Default name (string)

user_object_class = None

User object class. Default person (string)

user_search_attribute = None

User search attribute. Default sAMAccountName|sn|givenName (string)

user_search_base = None

User search base DN (string)

user_search_filter = None

User search filter (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, certificate=None, connection_timeout=None, default_login_domain=None, enabled=None, group_dn_attribute=None, group_member_mapping_attribute=None, group_member_user_attribute=None, group_name_attribute=None, group_object_class=None, group_search_attribute=None, group_search_base=None, group_search_filter=None, labels=None, name=None, nested_group_membership_enabled=None, port=None, servers=None, service_account_password=None, service_account_username=None, tls=None, type=None, user_disabled_bit_mask=None, user_enabled_attribute=None, user_login_attribute=None, user_name_attribute=None, user_object_class=None, user_search_attribute=None, user_search_base=None, user_search_filter=None)

Get an existing ActiveDirectory resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: activedirectory_user://<DN> activedirectory_group://<DN> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • certificate (pulumi.Input[str]) – CA certificate for TLS if selfsigned (string)

  • connection_timeout (pulumi.Input[float]) – ActiveDirectory connection timeout. Default 5000 (int)

  • default_login_domain (pulumi.Input[str]) – ActiveDirectory defult lgoin domain (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • group_dn_attribute (pulumi.Input[str]) – Group DN attribute. Default distinguishedName (string)

  • group_member_mapping_attribute (pulumi.Input[str]) – Group member mapping attribute. Default member (string)

  • group_member_user_attribute (pulumi.Input[str]) – Group member user attribute. Default distinguishedName (string)

  • group_name_attribute (pulumi.Input[str]) – Group name attribute. Default name (string)

  • group_object_class (pulumi.Input[str]) – Group object class. Default group (string)

  • group_search_attribute (pulumi.Input[str]) – Group search attribute. Default sAMAccountName (string)

  • group_search_base (pulumi.Input[str]) – Group search base (string)

  • group_search_filter (pulumi.Input[str]) – Group search filter (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • nested_group_membership_enabled (pulumi.Input[bool]) – Nested group membership enable. Default false (bool)

  • port (pulumi.Input[float]) – ActiveDirectory port. Default 389 (int)

  • servers (pulumi.Input[list]) – ActiveDirectory servers list (list)

  • service_account_password (pulumi.Input[str]) – Service account password for access ActiveDirectory service (string)

  • service_account_username (pulumi.Input[str]) – Service account DN for access ActiveDirectory service (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection (bool)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • user_disabled_bit_mask (pulumi.Input[float]) – User disabled bit mask. Default 2 (int)

  • user_enabled_attribute (pulumi.Input[str]) – User enable attribute (string)

  • user_login_attribute (pulumi.Input[str]) – User login attribute. Default sAMAccountName (string)

  • user_name_attribute (pulumi.Input[str]) – User name attribute. Default name (string)

  • user_object_class (pulumi.Input[str]) – User object class. Default person (string)

  • user_search_attribute (pulumi.Input[str]) – User search attribute. Default sAMAccountName|sn|givenName (string)

  • user_search_base (pulumi.Input[str]) – User search base DN (string)

  • user_search_filter (pulumi.Input[str]) – User search filter (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.App(resource_name, opts=None, annotations=None, answers=None, catalog_name=None, description=None, force_upgrade=None, labels=None, name=None, project_id=None, revision_id=None, target_namespace=None, template_name=None, template_version=None, values_yaml=None, __props__=None, __name__=None, __opts__=None)

Create a App resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] annotations: Annotations for App object (map) :param pulumi.Input[dict] answers: Answers for the app template. If modified, app will be upgraded (map) :param pulumi.Input[str] catalog_name: Catalog name of the app. If modified, app will be upgraded. For use scoped catalogs:

* add cluster ID before name, `c-XXXXX:<name>`
* add project ID before name, `p-XXXXX:<name>`
Parameters
  • description (pulumi.Input[str]) – Description for the app (string)

  • force_upgrade (pulumi.Input[bool]) – Force app upgrade (string)

  • labels (pulumi.Input[dict]) – Labels for App object (map)

  • name (pulumi.Input[str]) – The name of the app (string)

  • project_id (pulumi.Input[str]) – The project id where the app will be installed (string)

  • revision_id (pulumi.Input[str]) – Current revision id for the app. If modified, If this argument is provided or modified, app will be rollbacked to revision_id (string)

  • target_namespace (pulumi.Input[str]) – The namespace name where the app will be installed (string)

  • template_name (pulumi.Input[str]) – Template name of the app. If modified, app will be upgraded (string)

  • template_version (pulumi.Input[str]) – Template version of the app. If modified, app will be upgraded. Default: latest (string)

  • values_yaml (pulumi.Input[str]) – values.yaml base64 encoded file content for the app template. If modified, app will be upgraded (string)

annotations = None

Annotations for App object (map)

answers = None

Answers for the app template. If modified, app will be upgraded (map)

catalog_name = None

Catalog name of the app. If modified, app will be upgraded. For use scoped catalogs:

  • add cluster ID before name, c-XXXXX:<name>

  • add project ID before name, p-XXXXX:<name>

description = None

Description for the app (string)

external_id = None

(Computed) The url of the app template on a catalog (string)

force_upgrade = None

Force app upgrade (string)

labels = None

Labels for App object (map)

name = None

The name of the app (string)

project_id = None

The project id where the app will be installed (string)

revision_id = None

Current revision id for the app. If modified, If this argument is provided or modified, app will be rollbacked to revision_id (string)

target_namespace = None

The namespace name where the app will be installed (string)

template_name = None

Template name of the app. If modified, app will be upgraded (string)

template_version = None

Template version of the app. If modified, app will be upgraded. Default: latest (string)

values_yaml = None

values.yaml base64 encoded file content for the app template. If modified, app will be upgraded (string)

static get(resource_name, id, opts=None, annotations=None, answers=None, catalog_name=None, description=None, external_id=None, force_upgrade=None, labels=None, name=None, project_id=None, revision_id=None, target_namespace=None, template_name=None, template_version=None, values_yaml=None)

Get an existing App resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for App object (map)

  • answers (pulumi.Input[dict]) – Answers for the app template. If modified, app will be upgraded (map)

  • catalog_name (pulumi.Input[str]) – Catalog name of the app. If modified, app will be upgraded. For use scoped catalogs:

* add cluster ID before name, `c-XXXXX:<name>`
* add project ID before name, `p-XXXXX:<name>`
Parameters
  • description (pulumi.Input[str]) – Description for the app (string)

  • external_id (pulumi.Input[str]) – (Computed) The url of the app template on a catalog (string)

  • force_upgrade (pulumi.Input[bool]) – Force app upgrade (string)

  • labels (pulumi.Input[dict]) – Labels for App object (map)

  • name (pulumi.Input[str]) – The name of the app (string)

  • project_id (pulumi.Input[str]) – The project id where the app will be installed (string)

  • revision_id (pulumi.Input[str]) – Current revision id for the app. If modified, If this argument is provided or modified, app will be rollbacked to revision_id (string)

  • target_namespace (pulumi.Input[str]) – The namespace name where the app will be installed (string)

  • template_name (pulumi.Input[str]) – Template name of the app. If modified, app will be upgraded (string)

  • template_version (pulumi.Input[str]) – Template version of the app. If modified, app will be upgraded. Default: latest (string)

  • values_yaml (pulumi.Input[str]) – values.yaml base64 encoded file content for the app template. If modified, app will be upgraded (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigAdfs(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, rancher_api_host=None, sp_cert=None, sp_key=None, uid_field=None, user_name_field=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config ADFS resource. This can be used to configure and enable Auth Config ADFS for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: adfs_user://<USER_ID> adfs_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – ADFS display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – ADFS group field (string)

  • idp_metadata_content (pulumi.Input[str]) – ADFS IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – ADFS SP cert (string)

  • sp_key (pulumi.Input[str]) – ADFS SP key (string)

  • uid_field (pulumi.Input[str]) – ADFS UID field (string)

  • user_name_field (pulumi.Input[str]) – ADFS user name field (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: adfs_user://<USER_ID> adfs_group://<GROUP_ID> (list)

annotations = None

Annotations of the resource (map)

display_name_field = None

ADFS display name field (string)

enabled = None

Enable auth config provider. Default true (bool)

groups_field = None

ADFS group field (string)

idp_metadata_content = None

ADFS IDP metadata content (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

rancher_api_host = None

Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert = None

ADFS SP cert (string)

sp_key = None

ADFS SP key (string)

type = None

(Computed) The type of the resource (string)

uid_field = None

ADFS UID field (string)

user_name_field = None

ADFS user name field (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, name=None, rancher_api_host=None, sp_cert=None, sp_key=None, type=None, uid_field=None, user_name_field=None)

Get an existing AuthConfigAdfs resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: adfs_user://<USER_ID> adfs_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – ADFS display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – ADFS group field (string)

  • idp_metadata_content (pulumi.Input[str]) – ADFS IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – ADFS SP cert (string)

  • sp_key (pulumi.Input[str]) – ADFS SP key (string)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • uid_field (pulumi.Input[str]) – ADFS UID field (string)

  • user_name_field (pulumi.Input[str]) – ADFS user name field (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigAzureAd(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, application_id=None, application_secret=None, auth_endpoint=None, enabled=None, endpoint=None, graph_endpoint=None, labels=None, rancher_url=None, tenant_id=None, token_endpoint=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config AzureAD resource. This can be used to configure and enable Auth Config AzureAD for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: azuread_user://<USER_ID> azuread_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • application_id (pulumi.Input[str]) – AzureAD auth application ID (string)

  • application_secret (pulumi.Input[str]) – AzureAD auth application secret (string)

  • auth_endpoint (pulumi.Input[str]) – AzureAD auth endpoint (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • endpoint (pulumi.Input[str]) – AzureAD endpoint. Default https://login.microsoftonline.com/ (string)

  • graph_endpoint (pulumi.Input[str]) – AzureAD graph endpoint (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • rancher_url (pulumi.Input[str]) – Rancher URL (string). “/verify-auth-azure”

  • tenant_id (pulumi.Input[str]) – AzureAD tenant ID (string)

  • token_endpoint (pulumi.Input[str]) – AzureAD token endpoint (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: azuread_user://<USER_ID> azuread_group://<GROUP_ID> (list)

annotations = None

Annotations of the resource (map)

application_id = None

AzureAD auth application ID (string)

application_secret = None

AzureAD auth application secret (string)

auth_endpoint = None

AzureAD auth endpoint (string)

enabled = None

Enable auth config provider. Default true (bool)

endpoint = None

AzureAD endpoint. Default https://login.microsoftonline.com/ (string)

graph_endpoint = None

AzureAD graph endpoint (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

rancher_url = None

Rancher URL (string). “/verify-auth-azure”

tenant_id = None

AzureAD tenant ID (string)

token_endpoint = None

AzureAD token endpoint (string)

type = None

(Computed) The type of the resource (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, application_id=None, application_secret=None, auth_endpoint=None, enabled=None, endpoint=None, graph_endpoint=None, labels=None, name=None, rancher_url=None, tenant_id=None, token_endpoint=None, type=None)

Get an existing AuthConfigAzureAd resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: azuread_user://<USER_ID> azuread_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • application_id (pulumi.Input[str]) – AzureAD auth application ID (string)

  • application_secret (pulumi.Input[str]) – AzureAD auth application secret (string)

  • auth_endpoint (pulumi.Input[str]) – AzureAD auth endpoint (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • endpoint (pulumi.Input[str]) – AzureAD endpoint. Default https://login.microsoftonline.com/ (string)

  • graph_endpoint (pulumi.Input[str]) – AzureAD graph endpoint (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • rancher_url (pulumi.Input[str]) – Rancher URL (string). “/verify-auth-azure”

  • tenant_id (pulumi.Input[str]) – AzureAD tenant ID (string)

  • token_endpoint (pulumi.Input[str]) – AzureAD token endpoint (string)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigFreeIpa(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, certificate=None, connection_timeout=None, enabled=None, group_dn_attribute=None, group_member_mapping_attribute=None, group_member_user_attribute=None, group_name_attribute=None, group_object_class=None, group_search_attribute=None, group_search_base=None, labels=None, nested_group_membership_enabled=None, port=None, servers=None, service_account_distinguished_name=None, service_account_password=None, tls=None, user_disabled_bit_mask=None, user_enabled_attribute=None, user_login_attribute=None, user_member_attribute=None, user_name_attribute=None, user_object_class=None, user_search_attribute=None, user_search_base=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config FreeIpa resource. This can be used to configure and enable Auth Config FreeIpa for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: freeipa_user://<DN> freeipa_group://<DN> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • certificate (pulumi.Input[str]) – Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

  • connection_timeout (pulumi.Input[float]) – FreeIpa connection timeout. Default 5000 (int)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • group_dn_attribute (pulumi.Input[str]) – Group DN attribute. Default entryDN (string)

  • group_member_mapping_attribute (pulumi.Input[str]) – Group member mapping attribute. Default member (string)

  • group_member_user_attribute (pulumi.Input[str]) – Group member user attribute. Default entryDN (string)

  • group_name_attribute (pulumi.Input[str]) – Group name attribute. Default cn (string)

  • group_object_class (pulumi.Input[str]) – Group object class. Default groupOfNames (string)

  • group_search_attribute (pulumi.Input[str]) – Group search attribute. Default cn (string)

  • group_search_base (pulumi.Input[str]) – Group search base (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • nested_group_membership_enabled (pulumi.Input[bool]) – Nested group membership enable. Default false (bool)

  • port (pulumi.Input[float]) – FreeIpa port. Default 389 (int)

  • servers (pulumi.Input[list]) – FreeIpa servers list (list)

  • service_account_distinguished_name (pulumi.Input[str]) – Service account DN for access FreeIpa service (string)

  • service_account_password (pulumi.Input[str]) – Service account password for access FreeIpa service (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection (bool)

  • user_disabled_bit_mask (pulumi.Input[float]) – User disabled bit mask (int)

  • user_enabled_attribute (pulumi.Input[str]) – User enable attribute (string)

  • user_login_attribute (pulumi.Input[str]) – User login attribute. Default uid (string)

  • user_member_attribute (pulumi.Input[str]) – User member attribute. Default memberOf (string)

  • user_name_attribute (pulumi.Input[str]) – User name attribute. Default givenName (string)

  • user_object_class (pulumi.Input[str]) – User object class. Default inetorgperson (string)

  • user_search_attribute (pulumi.Input[str]) – User search attribute. Default uid|sn|givenName (string)

  • user_search_base (pulumi.Input[str]) – User search base DN (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: freeipa_user://<DN> freeipa_group://<DN> (list)

annotations = None

Annotations of the resource (map)

certificate = None

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

connection_timeout = None

FreeIpa connection timeout. Default 5000 (int)

enabled = None

Enable auth config provider. Default true (bool)

group_dn_attribute = None

Group DN attribute. Default entryDN (string)

group_member_mapping_attribute = None

Group member mapping attribute. Default member (string)

group_member_user_attribute = None

Group member user attribute. Default entryDN (string)

group_name_attribute = None

Group name attribute. Default cn (string)

group_object_class = None

Group object class. Default groupOfNames (string)

group_search_attribute = None

Group search attribute. Default cn (string)

group_search_base = None

Group search base (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

nested_group_membership_enabled = None

Nested group membership enable. Default false (bool)

port = None

FreeIpa port. Default 389 (int)

servers = None

FreeIpa servers list (list)

service_account_distinguished_name = None

Service account DN for access FreeIpa service (string)

service_account_password = None

Service account password for access FreeIpa service (string)

tls = None

Enable TLS connection (bool)

type = None

(Computed) The type of the resource (string)

user_disabled_bit_mask = None

User disabled bit mask (int)

user_enabled_attribute = None

User enable attribute (string)

user_login_attribute = None

User login attribute. Default uid (string)

user_member_attribute = None

User member attribute. Default memberOf (string)

user_name_attribute = None

User name attribute. Default givenName (string)

user_object_class = None

User object class. Default inetorgperson (string)

user_search_attribute = None

User search attribute. Default uid|sn|givenName (string)

user_search_base = None

User search base DN (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, certificate=None, connection_timeout=None, enabled=None, group_dn_attribute=None, group_member_mapping_attribute=None, group_member_user_attribute=None, group_name_attribute=None, group_object_class=None, group_search_attribute=None, group_search_base=None, labels=None, name=None, nested_group_membership_enabled=None, port=None, servers=None, service_account_distinguished_name=None, service_account_password=None, tls=None, type=None, user_disabled_bit_mask=None, user_enabled_attribute=None, user_login_attribute=None, user_member_attribute=None, user_name_attribute=None, user_object_class=None, user_search_attribute=None, user_search_base=None)

Get an existing AuthConfigFreeIpa resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: freeipa_user://<DN> freeipa_group://<DN> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • certificate (pulumi.Input[str]) – Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

  • connection_timeout (pulumi.Input[float]) – FreeIpa connection timeout. Default 5000 (int)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • group_dn_attribute (pulumi.Input[str]) – Group DN attribute. Default entryDN (string)

  • group_member_mapping_attribute (pulumi.Input[str]) – Group member mapping attribute. Default member (string)

  • group_member_user_attribute (pulumi.Input[str]) – Group member user attribute. Default entryDN (string)

  • group_name_attribute (pulumi.Input[str]) – Group name attribute. Default cn (string)

  • group_object_class (pulumi.Input[str]) – Group object class. Default groupOfNames (string)

  • group_search_attribute (pulumi.Input[str]) – Group search attribute. Default cn (string)

  • group_search_base (pulumi.Input[str]) – Group search base (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • nested_group_membership_enabled (pulumi.Input[bool]) – Nested group membership enable. Default false (bool)

  • port (pulumi.Input[float]) – FreeIpa port. Default 389 (int)

  • servers (pulumi.Input[list]) – FreeIpa servers list (list)

  • service_account_distinguished_name (pulumi.Input[str]) – Service account DN for access FreeIpa service (string)

  • service_account_password (pulumi.Input[str]) – Service account password for access FreeIpa service (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection (bool)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • user_disabled_bit_mask (pulumi.Input[float]) – User disabled bit mask (int)

  • user_enabled_attribute (pulumi.Input[str]) – User enable attribute (string)

  • user_login_attribute (pulumi.Input[str]) – User login attribute. Default uid (string)

  • user_member_attribute (pulumi.Input[str]) – User member attribute. Default memberOf (string)

  • user_name_attribute (pulumi.Input[str]) – User name attribute. Default givenName (string)

  • user_object_class (pulumi.Input[str]) – User object class. Default inetorgperson (string)

  • user_search_attribute (pulumi.Input[str]) – User search attribute. Default uid|sn|givenName (string)

  • user_search_base (pulumi.Input[str]) – User search base DN (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigGithub(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, client_id=None, client_secret=None, enabled=None, hostname=None, labels=None, tls=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config Github resource. This can be used to configure and enable Auth Config Github for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: github_user://<USER_ID> github_team://<GROUP_ID> github_org://<ORG_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • client_id (pulumi.Input[str]) – Github auth Client ID (string)

  • client_secret (pulumi.Input[str]) – Github auth Client secret (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • hostname (pulumi.Input[str]) – Github hostname to connect. Default github.com (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • tls (pulumi.Input[bool]) – Enable TLS connection. Default true (bool)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: github_user://<USER_ID> github_team://<GROUP_ID> github_org://<ORG_ID> (list)

annotations = None

Annotations of the resource (map)

client_id = None

Github auth Client ID (string)

client_secret = None

Github auth Client secret (string)

enabled = None

Enable auth config provider. Default true (bool)

hostname = None

Github hostname to connect. Default github.com (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

tls = None

Enable TLS connection. Default true (bool)

type = None

(Computed) The type of the resource (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, client_id=None, client_secret=None, enabled=None, hostname=None, labels=None, name=None, tls=None, type=None)

Get an existing AuthConfigGithub resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: github_user://<USER_ID> github_team://<GROUP_ID> github_org://<ORG_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • client_id (pulumi.Input[str]) – Github auth Client ID (string)

  • client_secret (pulumi.Input[str]) – Github auth Client secret (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • hostname (pulumi.Input[str]) – Github hostname to connect. Default github.com (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection. Default true (bool)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigKeycloak(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, rancher_api_host=None, sp_cert=None, sp_key=None, uid_field=None, user_name_field=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config KeyCloak resource. This can be used to configure and enable Auth Config KeyCloak for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – KeyCloak display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – KeyCloak group field (string)

  • idp_metadata_content (pulumi.Input[str]) – KeyCloak IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – KeyCloak SP cert (string)

  • sp_key (pulumi.Input[str]) – KeyCloak SP key (string)

  • uid_field (pulumi.Input[str]) – KeyCloak UID field (string)

  • user_name_field (pulumi.Input[str]) – KeyCloak user name field (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

annotations = None

Annotations of the resource (map)

display_name_field = None

KeyCloak display name field (string)

enabled = None

Enable auth config provider. Default true (bool)

groups_field = None

KeyCloak group field (string)

idp_metadata_content = None

KeyCloak IDP metadata content (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

rancher_api_host = None

Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert = None

KeyCloak SP cert (string)

sp_key = None

KeyCloak SP key (string)

type = None

(Computed) The type of the resource (string)

uid_field = None

KeyCloak UID field (string)

user_name_field = None

KeyCloak user name field (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, name=None, rancher_api_host=None, sp_cert=None, sp_key=None, type=None, uid_field=None, user_name_field=None)

Get an existing AuthConfigKeycloak resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: keycloak_user://<USER_ID> keycloak_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – KeyCloak display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – KeyCloak group field (string)

  • idp_metadata_content (pulumi.Input[str]) – KeyCloak IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – KeyCloak SP cert (string)

  • sp_key (pulumi.Input[str]) – KeyCloak SP key (string)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • uid_field (pulumi.Input[str]) – KeyCloak UID field (string)

  • user_name_field (pulumi.Input[str]) – KeyCloak user name field (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigOkta(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, rancher_api_host=None, sp_cert=None, sp_key=None, uid_field=None, user_name_field=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config OKTA resource. This can be used to configure and enable Auth Config OKTA for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – OKTA display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – OKTA group field (string)

  • idp_metadata_content (pulumi.Input[str]) – OKTA IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – OKTA SP cert (string)

  • sp_key (pulumi.Input[str]) – OKTA SP key (string)

  • uid_field (pulumi.Input[str]) – OKTA UID field (string)

  • user_name_field (pulumi.Input[str]) – OKTA user name field (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

annotations = None

Annotations of the resource (map)

display_name_field = None

OKTA display name field (string)

enabled = None

Enable auth config provider. Default true (bool)

groups_field = None

OKTA group field (string)

idp_metadata_content = None

OKTA IDP metadata content (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

rancher_api_host = None

Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert = None

OKTA SP cert (string)

sp_key = None

OKTA SP key (string)

type = None

(Computed) The type of the resource (string)

uid_field = None

OKTA UID field (string)

user_name_field = None

OKTA user name field (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, name=None, rancher_api_host=None, sp_cert=None, sp_key=None, type=None, uid_field=None, user_name_field=None)

Get an existing AuthConfigOkta resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: okta_user://<USER_ID> okta_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – OKTA display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – OKTA group field (string)

  • idp_metadata_content (pulumi.Input[str]) – OKTA IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – OKTA SP cert (string)

  • sp_key (pulumi.Input[str]) – OKTA SP key (string)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • uid_field (pulumi.Input[str]) – OKTA UID field (string)

  • user_name_field (pulumi.Input[str]) – OKTA user name field (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigOpenLdap(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, certificate=None, connection_timeout=None, enabled=None, group_dn_attribute=None, group_member_mapping_attribute=None, group_member_user_attribute=None, group_name_attribute=None, group_object_class=None, group_search_attribute=None, group_search_base=None, labels=None, nested_group_membership_enabled=None, port=None, servers=None, service_account_distinguished_name=None, service_account_password=None, tls=None, user_disabled_bit_mask=None, user_enabled_attribute=None, user_login_attribute=None, user_member_attribute=None, user_name_attribute=None, user_object_class=None, user_search_attribute=None, user_search_base=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config OpenLdap resource. This can be used to configure and enable Auth Config OpenLdap for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • certificate (pulumi.Input[str]) – Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

  • connection_timeout (pulumi.Input[float]) – OpenLdap connection timeout. Default 5000 (int)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • group_dn_attribute (pulumi.Input[str]) – Group DN attribute. Default entryDN (string)

  • group_member_mapping_attribute (pulumi.Input[str]) – Group member mapping attribute. Default member (string)

  • group_member_user_attribute (pulumi.Input[str]) – Group member user attribute. Default entryDN (string)

  • group_name_attribute (pulumi.Input[str]) – Group name attribute. Default cn (string)

  • group_object_class (pulumi.Input[str]) – Group object class. Default groupOfNames (string)

  • group_search_attribute (pulumi.Input[str]) – Group search attribute. Default cn (string)

  • group_search_base (pulumi.Input[str]) – Group search base (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • nested_group_membership_enabled (pulumi.Input[bool]) – Nested group membership enable. Default false (bool)

  • port (pulumi.Input[float]) – OpenLdap port. Default 389 (int)

  • servers (pulumi.Input[list]) – OpenLdap servers list (list)

  • service_account_distinguished_name (pulumi.Input[str]) – Service account DN for access OpenLdap service (string)

  • service_account_password (pulumi.Input[str]) – Service account password for access OpenLdap service (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection (bool)

  • user_disabled_bit_mask (pulumi.Input[float]) – User disabled bit mask (int)

  • user_enabled_attribute (pulumi.Input[str]) – User enable attribute (string)

  • user_login_attribute (pulumi.Input[str]) – User login attribute. Default uid (string)

  • user_member_attribute (pulumi.Input[str]) – User member attribute. Default memberOf (string)

  • user_name_attribute (pulumi.Input[str]) – User name attribute. Default givenName (string)

  • user_object_class (pulumi.Input[str]) – User object class. Default inetorgperson (string)

  • user_search_attribute (pulumi.Input[str]) – User search attribute. Default uid|sn|givenName (string)

  • user_search_base (pulumi.Input[str]) – User search base DN (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

annotations = None

Annotations of the resource (map)

certificate = None

Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

connection_timeout = None

OpenLdap connection timeout. Default 5000 (int)

enabled = None

Enable auth config provider. Default true (bool)

group_dn_attribute = None

Group DN attribute. Default entryDN (string)

group_member_mapping_attribute = None

Group member mapping attribute. Default member (string)

group_member_user_attribute = None

Group member user attribute. Default entryDN (string)

group_name_attribute = None

Group name attribute. Default cn (string)

group_object_class = None

Group object class. Default groupOfNames (string)

group_search_attribute = None

Group search attribute. Default cn (string)

group_search_base = None

Group search base (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

nested_group_membership_enabled = None

Nested group membership enable. Default false (bool)

port = None

OpenLdap port. Default 389 (int)

servers = None

OpenLdap servers list (list)

service_account_distinguished_name = None

Service account DN for access OpenLdap service (string)

service_account_password = None

Service account password for access OpenLdap service (string)

tls = None

Enable TLS connection (bool)

type = None

(Computed) The type of the resource (string)

user_disabled_bit_mask = None

User disabled bit mask (int)

user_enabled_attribute = None

User enable attribute (string)

user_login_attribute = None

User login attribute. Default uid (string)

user_member_attribute = None

User member attribute. Default memberOf (string)

user_name_attribute = None

User name attribute. Default givenName (string)

user_object_class = None

User object class. Default inetorgperson (string)

user_search_attribute = None

User search attribute. Default uid|sn|givenName (string)

user_search_base = None

User search base DN (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, certificate=None, connection_timeout=None, enabled=None, group_dn_attribute=None, group_member_mapping_attribute=None, group_member_user_attribute=None, group_name_attribute=None, group_object_class=None, group_search_attribute=None, group_search_base=None, labels=None, name=None, nested_group_membership_enabled=None, port=None, servers=None, service_account_distinguished_name=None, service_account_password=None, tls=None, type=None, user_disabled_bit_mask=None, user_enabled_attribute=None, user_login_attribute=None, user_member_attribute=None, user_name_attribute=None, user_object_class=None, user_search_attribute=None, user_search_base=None)

Get an existing AuthConfigOpenLdap resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: openldap_user://<DN> openldap_group://<DN> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • certificate (pulumi.Input[str]) – Base64 encoded CA certificate for TLS if self-signed. Use filebase64() for encoding file (string)

  • connection_timeout (pulumi.Input[float]) – OpenLdap connection timeout. Default 5000 (int)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • group_dn_attribute (pulumi.Input[str]) – Group DN attribute. Default entryDN (string)

  • group_member_mapping_attribute (pulumi.Input[str]) – Group member mapping attribute. Default member (string)

  • group_member_user_attribute (pulumi.Input[str]) – Group member user attribute. Default entryDN (string)

  • group_name_attribute (pulumi.Input[str]) – Group name attribute. Default cn (string)

  • group_object_class (pulumi.Input[str]) – Group object class. Default groupOfNames (string)

  • group_search_attribute (pulumi.Input[str]) – Group search attribute. Default cn (string)

  • group_search_base (pulumi.Input[str]) – Group search base (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • nested_group_membership_enabled (pulumi.Input[bool]) – Nested group membership enable. Default false (bool)

  • port (pulumi.Input[float]) – OpenLdap port. Default 389 (int)

  • servers (pulumi.Input[list]) – OpenLdap servers list (list)

  • service_account_distinguished_name (pulumi.Input[str]) – Service account DN for access OpenLdap service (string)

  • service_account_password (pulumi.Input[str]) – Service account password for access OpenLdap service (string)

  • tls (pulumi.Input[bool]) – Enable TLS connection (bool)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • user_disabled_bit_mask (pulumi.Input[float]) – User disabled bit mask (int)

  • user_enabled_attribute (pulumi.Input[str]) – User enable attribute (string)

  • user_login_attribute (pulumi.Input[str]) – User login attribute. Default uid (string)

  • user_member_attribute (pulumi.Input[str]) – User member attribute. Default memberOf (string)

  • user_name_attribute (pulumi.Input[str]) – User name attribute. Default givenName (string)

  • user_object_class (pulumi.Input[str]) – User object class. Default inetorgperson (string)

  • user_search_attribute (pulumi.Input[str]) – User search attribute. Default uid|sn|givenName (string)

  • user_search_base (pulumi.Input[str]) – User search base DN (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AuthConfigPing(resource_name, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, rancher_api_host=None, sp_cert=None, sp_key=None, uid_field=None, user_name_field=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Auth Config Ping resource. This can be used to configure and enable Auth Config Ping for Rancher v2 RKE clusters and retrieve their information.

In addition to the built-in local auth, only one external auth config provider can be enabled at a time.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: ping_user://<USER_ID> ping_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – Ping display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – Ping group field (string)

  • idp_metadata_content (pulumi.Input[str]) – Ping IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – Ping SP cert (string)

  • sp_key (pulumi.Input[str]) – Ping SP key (string)

  • uid_field (pulumi.Input[str]) – Ping UID field (string)

  • user_name_field (pulumi.Input[str]) – Ping user name field (string)

access_mode = None

Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

allowed_principal_ids = None

Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: ping_user://<USER_ID> ping_group://<GROUP_ID> (list)

annotations = None

Annotations of the resource (map)

display_name_field = None

Ping display name field (string)

enabled = None

Enable auth config provider. Default true (bool)

groups_field = None

Ping group field (string)

idp_metadata_content = None

Ping IDP metadata content (string)

labels = None

Labels of the resource (map)

name = None

(Computed) The name of the resource (string)

rancher_api_host = None

Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

sp_cert = None

Ping SP cert (string)

sp_key = None

Ping SP key (string)

type = None

(Computed) The type of the resource (string)

uid_field = None

Ping UID field (string)

user_name_field = None

Ping user name field (string)

static get(resource_name, id, opts=None, access_mode=None, allowed_principal_ids=None, annotations=None, display_name_field=None, enabled=None, groups_field=None, idp_metadata_content=None, labels=None, name=None, rancher_api_host=None, sp_cert=None, sp_key=None, type=None, uid_field=None, user_name_field=None)

Get an existing AuthConfigPing resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_mode (pulumi.Input[str]) – Access mode for auth. required, restricted, unrestricted are supported. Default unrestricted (string)

  • allowed_principal_ids (pulumi.Input[list]) – Allowed principal ids for auth. Required if access_mode is required or restricted. Ex: ping_user://<USER_ID> ping_group://<GROUP_ID> (list)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • display_name_field (pulumi.Input[str]) – Ping display name field (string)

  • enabled (pulumi.Input[bool]) – Enable auth config provider. Default true (bool)

  • groups_field (pulumi.Input[str]) – Ping group field (string)

  • idp_metadata_content (pulumi.Input[str]) – Ping IDP metadata content (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – (Computed) The name of the resource (string)

  • rancher_api_host (pulumi.Input[str]) – Rancher url. Schema needs to be specified, https://<RANCHER_API_HOST> (string)

  • sp_cert (pulumi.Input[str]) – Ping SP cert (string)

  • sp_key (pulumi.Input[str]) – Ping SP key (string)

  • type (pulumi.Input[str]) – (Computed) The type of the resource (string)

  • uid_field (pulumi.Input[str]) – Ping UID field (string)

  • user_name_field (pulumi.Input[str]) – Ping user name field (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.AwaitableGetAppResult(annotations=None, answers=None, catalog_name=None, description=None, external_id=None, id=None, labels=None, name=None, project_id=None, revision_id=None, target_namespace=None, template_name=None, template_version=None, values_yaml=None)
class pulumi_rancher2.AwaitableGetCatalogResult(annotations=None, branch=None, cluster_id=None, description=None, id=None, kind=None, labels=None, name=None, password=None, project_id=None, scope=None, url=None, username=None, version=None)
class pulumi_rancher2.AwaitableGetCertificateResult(annotations=None, certs=None, description=None, id=None, labels=None, name=None, namespace_id=None, project_id=None)
class pulumi_rancher2.AwaitableGetCloudCredentialResult(annotations=None, id=None, labels=None, name=None)
class pulumi_rancher2.AwaitableGetClusterAlertGroupResult(annotations=None, cluster_id=None, description=None, group_interval_seconds=None, group_wait_seconds=None, id=None, labels=None, name=None, recipients=None, repeat_interval_seconds=None)
class pulumi_rancher2.AwaitableGetClusterAlterRuleResult(annotations=None, cluster_id=None, event_rule=None, group_id=None, group_interval_seconds=None, group_wait_seconds=None, id=None, inherited=None, labels=None, metric_rule=None, name=None, node_rule=None, repeat_interval_seconds=None, severity=None, system_service_rule=None)
class pulumi_rancher2.AwaitableGetClusterDriverResult(active=None, actual_url=None, annotations=None, builtin=None, checksum=None, id=None, labels=None, name=None, ui_url=None, url=None, whitelist_domains=None)
class pulumi_rancher2.AwaitableGetClusterLoggingResult(annotations=None, cluster_id=None, custom_target_config=None, elasticsearch_config=None, enable_json_parsing=None, fluentd_config=None, id=None, kafka_config=None, kind=None, labels=None, name=None, namespace_id=None, output_flush_interval=None, output_tags=None, splunk_config=None, syslog_config=None)
class pulumi_rancher2.AwaitableGetClusterResult(aks_config=None, annotations=None, cluster_auth_endpoint=None, cluster_monitoring_input=None, cluster_registration_token=None, cluster_template_answers=None, cluster_template_id=None, cluster_template_questions=None, cluster_template_revision_id=None, default_pod_security_policy_template_id=None, default_project_id=None, description=None, driver=None, eks_config=None, enable_cluster_alerting=None, enable_cluster_monitoring=None, enable_network_policy=None, gke_config=None, id=None, k3s_config=None, kube_config=None, labels=None, name=None, rke_config=None, scheduled_cluster_scans=None, system_project_id=None)
class pulumi_rancher2.AwaitableGetClusterRoleTemplateBindingResult(annotations=None, cluster_id=None, group_id=None, group_principal_id=None, id=None, labels=None, name=None, role_template_id=None, user_id=None, user_principal_id=None)
class pulumi_rancher2.AwaitableGetClusterScanResult(annotations=None, cluster_id=None, id=None, labels=None, name=None, run_type=None, scan_config=None, scan_type=None, status=None)
class pulumi_rancher2.AwaitableGetClusterTemplateResult(annotations=None, default_revision_id=None, description=None, id=None, labels=None, members=None, name=None, template_revisions=None)
class pulumi_rancher2.AwaitableGetEtcdBackupResult(annotations=None, backup_config=None, cluster_id=None, filename=None, id=None, labels=None, manual=None, name=None, namespace_id=None)
class pulumi_rancher2.AwaitableGetGlobalRoleBindingResult(annotations=None, global_role_id=None, group_principal_id=None, id=None, labels=None, name=None, user_id=None)
class pulumi_rancher2.AwaitableGetMultiClusterAppResult(annotations=None, answers=None, catalog_name=None, id=None, labels=None, members=None, name=None, revision_history_limit=None, revision_id=None, roles=None, targets=None, template_name=None, template_version=None, template_version_id=None, upgrade_strategies=None)
class pulumi_rancher2.AwaitableGetNamespaceResult(annotations=None, container_resource_limit=None, description=None, id=None, labels=None, name=None, project_id=None, resource_quota=None)
class pulumi_rancher2.AwaitableGetNodeDriverResult(active=None, annotations=None, builtin=None, checksum=None, description=None, external_id=None, id=None, labels=None, name=None, ui_url=None, url=None, whitelist_domains=None)
class pulumi_rancher2.AwaitableGetNodePoolResult(annotations=None, cluster_id=None, control_plane=None, delete_not_ready_after_secs=None, etcd=None, hostname_prefix=None, id=None, labels=None, name=None, node_taints=None, node_template_id=None, quantity=None, worker=None)
class pulumi_rancher2.AwaitableGetNodeTemplateResult(annotations=None, cloud_credential_id=None, description=None, driver=None, engine_env=None, engine_insecure_registries=None, engine_install_url=None, engine_label=None, engine_opt=None, engine_registry_mirrors=None, engine_storage_driver=None, id=None, labels=None, name=None, use_internal_ip_address=None)
class pulumi_rancher2.AwaitableGetNotifierResult(annotations=None, cluster_id=None, description=None, id=None, labels=None, name=None, pagerduty_config=None, slack_config=None, smtp_config=None, webhook_config=None, wechat_config=None)
class pulumi_rancher2.AwaitableGetPodSecurityPolicyTemplateResult(allow_privilege_escalation=None, allowed_capabilities=None, allowed_csi_drivers=None, allowed_flex_volumes=None, allowed_host_paths=None, allowed_proc_mount_types=None, allowed_unsafe_sysctls=None, annotations=None, default_add_capabilities=None, default_allow_privilege_escalation=None, description=None, forbidden_sysctls=None, fs_group=None, host_ipc=None, host_network=None, host_pid=None, host_ports=None, id=None, labels=None, name=None, privileged=None, read_only_root_filesystem=None, required_drop_capabilities=None, run_as_group=None, run_as_user=None, runtime_class=None, se_linux=None, supplemental_group=None, volumes=None)
class pulumi_rancher2.AwaitableGetProjectAlertGroupResult(annotations=None, description=None, group_interval_seconds=None, group_wait_seconds=None, id=None, labels=None, name=None, project_id=None, recipients=None, repeat_interval_seconds=None)
class pulumi_rancher2.AwaitableGetProjectAlertRuleResult(annotations=None, group_id=None, group_interval_seconds=None, group_wait_seconds=None, id=None, inherited=None, labels=None, metric_rule=None, name=None, pod_rule=None, project_id=None, repeat_interval_seconds=None, severity=None, workload_rule=None)
class pulumi_rancher2.AwaitableGetProjectLoggingResult(annotations=None, custom_target_config=None, elasticsearch_config=None, enable_json_parsing=None, fluentd_config=None, id=None, kafka_config=None, kind=None, labels=None, name=None, namespace_id=None, output_flush_interval=None, output_tags=None, project_id=None, splunk_config=None, syslog_config=None)
class pulumi_rancher2.AwaitableGetProjectResult(annotations=None, cluster_id=None, container_resource_limit=None, description=None, enable_project_monitoring=None, id=None, labels=None, name=None, pod_security_policy_template_id=None, resource_quota=None, uuid=None)
class pulumi_rancher2.AwaitableGetProjectRoleTemplateBindingResult(annotations=None, group_id=None, group_principal_id=None, id=None, labels=None, name=None, project_id=None, role_template_id=None, user_id=None, user_principal_id=None)
class pulumi_rancher2.AwaitableGetRegistryResult(annotations=None, description=None, id=None, labels=None, name=None, namespace_id=None, project_id=None, registries=None)
class pulumi_rancher2.AwaitableGetRoleTempalteResult(administrative=None, annotations=None, builtin=None, context=None, default_role=None, description=None, external=None, hidden=None, id=None, labels=None, locked=None, name=None, role_template_ids=None, rules=None)
class pulumi_rancher2.AwaitableGetSecretResult(annotations=None, data=None, description=None, id=None, labels=None, name=None, namespace_id=None, project_id=None)
class pulumi_rancher2.AwaitableGetSettingResult(id=None, name=None, value=None)
class pulumi_rancher2.AwaitableGetUserResult(annotations=None, enabled=None, id=None, is_external=None, labels=None, name=None, principal_ids=None, username=None)
class pulumi_rancher2.Bootstrap(resource_name, opts=None, current_password=None, password=None, telemetry=None, token_ttl=None, token_update=None, __props__=None, __name__=None, __opts__=None)

Create a Bootstrap resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] current_password: Current password for Admin user. Just needed for recover if admin password has been changed from other resources and token is expired (string) :param pulumi.Input[str] password: Password for Admin user or random generated if empty (string) :param pulumi.Input[bool] telemetry: Send telemetry anonymous data. Default: false (bool) :param pulumi.Input[float] token_ttl: TTL in seconds for generated admin token. Default: 0 (int) :param pulumi.Input[bool] token_update: Regenerate admin token. Default: false (bool)

current_password = None

Current password for Admin user. Just needed for recover if admin password has been changed from other resources and token is expired (string)

password = None

Password for Admin user or random generated if empty (string)

telemetry = None

Send telemetry anonymous data. Default: false (bool)

temp_token = None

(Computed) Generated API temporary token as helper. Should be empty (string)

temp_token_id = None

(Computed) Generated API temporary token id as helper. Should be empty (string)

token = None

(Computed) Generated API token for Admin User (string)

token_id = None

(Computed) Generated API token id for Admin User (string)

token_ttl = None

TTL in seconds for generated admin token. Default: 0 (int)

token_update = None

Regenerate admin token. Default: false (bool)

url = None

(Computed) URL set as server-url (string)

user = None

(Computed) Admin username (string)

static get(resource_name, id, opts=None, current_password=None, password=None, telemetry=None, temp_token=None, temp_token_id=None, token=None, token_id=None, token_ttl=None, token_update=None, url=None, user=None)

Get an existing Bootstrap resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • current_password (pulumi.Input[str]) – Current password for Admin user. Just needed for recover if admin password has been changed from other resources and token is expired (string)

  • password (pulumi.Input[str]) – Password for Admin user or random generated if empty (string)

  • telemetry (pulumi.Input[bool]) – Send telemetry anonymous data. Default: false (bool)

  • temp_token (pulumi.Input[str]) – (Computed) Generated API temporary token as helper. Should be empty (string)

  • temp_token_id (pulumi.Input[str]) – (Computed) Generated API temporary token id as helper. Should be empty (string)

  • token (pulumi.Input[str]) – (Computed) Generated API token for Admin User (string)

  • token_id (pulumi.Input[str]) – (Computed) Generated API token id for Admin User (string)

  • token_ttl (pulumi.Input[float]) – TTL in seconds for generated admin token. Default: 0 (int)

  • token_update (pulumi.Input[bool]) – Regenerate admin token. Default: false (bool)

  • url (pulumi.Input[str]) – (Computed) URL set as server-url (string)

  • user (pulumi.Input[str]) – (Computed) Admin username (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.Catalog(resource_name, opts=None, annotations=None, branch=None, cluster_id=None, description=None, kind=None, labels=None, name=None, password=None, project_id=None, refresh=None, scope=None, url=None, username=None, version=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Catalog resource. This can be used to create cluster, global and/or project catalogs for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for the catalog (map)

  • branch (pulumi.Input[str]) – The branch of the catalog repo to use. Default master (string)

  • cluster_id (pulumi.Input[str]) – The cluster id of the catalog. Mandatory if scope = cluster (string)

  • description (pulumi.Input[str]) – A catalog description (string)

  • kind (pulumi.Input[str]) – The kind of the catalog. Just helm by the moment (string)

  • labels (pulumi.Input[dict]) – Labels for the catalog (map)

  • name (pulumi.Input[str]) – The name of the catalog (string)

  • password (pulumi.Input[str]) – The password to access the catalog if needed (string)

  • project_id (pulumi.Input[str]) – The project id of the catalog. Mandatory if scope = project (string)

  • refresh (pulumi.Input[bool]) – Catalog will wait for refresh after tf creation and on every tf read. Default false (bool)

  • scope (pulumi.Input[str]) – The scope of the catalog. cluster, global, and project are supported. Default global (string)

  • url (pulumi.Input[str]) – The url of the catalog repo (string)

  • username (pulumi.Input[str]) – The username to access the catalog if needed (string)

  • version (pulumi.Input[str]) – Helm version for the catalog. Available options: helm_v2 (default) and helm_v3 (string)

annotations = None

Annotations for the catalog (map)

branch = None

The branch of the catalog repo to use. Default master (string)

cluster_id = None

The cluster id of the catalog. Mandatory if scope = cluster (string)

description = None

A catalog description (string)

kind = None

The kind of the catalog. Just helm by the moment (string)

labels = None

Labels for the catalog (map)

name = None

The name of the catalog (string)

password = None

The password to access the catalog if needed (string)

project_id = None

The project id of the catalog. Mandatory if scope = project (string)

refresh = None

Catalog will wait for refresh after tf creation and on every tf read. Default false (bool)

scope = None

The scope of the catalog. cluster, global, and project are supported. Default global (string)

url = None

The url of the catalog repo (string)

username = None

The username to access the catalog if needed (string)

version = None

Helm version for the catalog. Available options: helm_v2 (default) and helm_v3 (string)

static get(resource_name, id, opts=None, annotations=None, branch=None, cluster_id=None, description=None, kind=None, labels=None, name=None, password=None, project_id=None, refresh=None, scope=None, url=None, username=None, version=None)

Get an existing Catalog resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for the catalog (map)

  • branch (pulumi.Input[str]) – The branch of the catalog repo to use. Default master (string)

  • cluster_id (pulumi.Input[str]) – The cluster id of the catalog. Mandatory if scope = cluster (string)

  • description (pulumi.Input[str]) – A catalog description (string)

  • kind (pulumi.Input[str]) – The kind of the catalog. Just helm by the moment (string)

  • labels (pulumi.Input[dict]) – Labels for the catalog (map)

  • name (pulumi.Input[str]) – The name of the catalog (string)

  • password (pulumi.Input[str]) – The password to access the catalog if needed (string)

  • project_id (pulumi.Input[str]) – The project id of the catalog. Mandatory if scope = project (string)

  • refresh (pulumi.Input[bool]) – Catalog will wait for refresh after tf creation and on every tf read. Default false (bool)

  • scope (pulumi.Input[str]) – The scope of the catalog. cluster, global, and project are supported. Default global (string)

  • url (pulumi.Input[str]) – The url of the catalog repo (string)

  • username (pulumi.Input[str]) – The username to access the catalog if needed (string)

  • version (pulumi.Input[str]) – Helm version for the catalog. Available options: helm_v2 (default) and helm_v3 (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.Certificate(resource_name, opts=None, annotations=None, certs=None, description=None, key=None, labels=None, name=None, namespace_id=None, project_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 certificate resource. This can be used to create certificates for Rancher v2 environments and retrieve their information.

There are 2 types of Rancher v2 certificates:

  • Project certificate: Available to all namespaces in the project_id

  • Namespaced certificate: Available to just namespace_id in the project_id

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for certificate object (map)

  • certs (pulumi.Input[str]) – Base64 encoded public certs (string)

  • description (pulumi.Input[str]) – A certificate description (string)

  • key (pulumi.Input[str]) – Base64 encoded private key (string)

  • labels (pulumi.Input[dict]) – Labels for certificate object (map)

  • name (pulumi.Input[str]) – The name of the certificate (string)

  • namespace_id (pulumi.Input[str]) – The namespace id where the namespaced certificate should be created (string)

  • project_id (pulumi.Input[str]) – The project id where the certificate should be created (string)

annotations = None

Annotations for certificate object (map)

certs = None

Base64 encoded public certs (string)

description = None

A certificate description (string)

key = None

Base64 encoded private key (string)

labels = None

Labels for certificate object (map)

name = None

The name of the certificate (string)

namespace_id = None

The namespace id where the namespaced certificate should be created (string)

project_id = None

The project id where the certificate should be created (string)

static get(resource_name, id, opts=None, annotations=None, certs=None, description=None, key=None, labels=None, name=None, namespace_id=None, project_id=None)

Get an existing Certificate resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for certificate object (map)

  • certs (pulumi.Input[str]) – Base64 encoded public certs (string)

  • description (pulumi.Input[str]) – A certificate description (string)

  • key (pulumi.Input[str]) – Base64 encoded private key (string)

  • labels (pulumi.Input[dict]) – Labels for certificate object (map)

  • name (pulumi.Input[str]) – The name of the certificate (string)

  • namespace_id (pulumi.Input[str]) – The namespace id where the namespaced certificate should be created (string)

  • project_id (pulumi.Input[str]) – The project id where the certificate should be created (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.CloudCredential(resource_name, opts=None, amazonec2_credential_config=None, annotations=None, azure_credential_config=None, description=None, digitalocean_credential_config=None, labels=None, name=None, openstack_credential_config=None, vsphere_credential_config=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cloud Credential resource. This can be used to create Cloud Credential for Rancher v2.2.x and retrieve their information.

amazonec2, azure, digitalocean, openstack and vsphere credentials config are supported for Cloud Credential.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • amazonec2_credential_config (pulumi.Input[dict]) – AWS config for the Cloud Credential (list maxitems:1)

  • annotations (pulumi.Input[dict]) – Annotations for Cloud Credential object (map)

  • azure_credential_config (pulumi.Input[dict]) – Azure config for the Cloud Credential (list maxitems:1)

  • description (pulumi.Input[str]) – Description for the Cloud Credential (string)

  • digitalocean_credential_config (pulumi.Input[dict]) – DigitalOcean config for the Cloud Credential (list maxitems:1)

  • labels (pulumi.Input[dict]) – Labels for Cloud Credential object (map)

  • name (pulumi.Input[str]) – The name of the Cloud Credential (string)

  • openstack_credential_config (pulumi.Input[dict]) – OpenStack config for the Cloud Credential (list maxitems:1)

  • vsphere_credential_config (pulumi.Input[dict]) – vSphere config for the Cloud Credential (list maxitems:1)

The amazonec2_credential_config object supports the following:

  • access_key (pulumi.Input[str]) - AWS access key (string)

  • secret_key (pulumi.Input[str]) - AWS secret key (string)

The azure_credential_config object supports the following:

  • client_id (pulumi.Input[str]) - Azure Service Principal Account ID (string)

  • client_secret (pulumi.Input[str]) - Azure Service Principal Account password (string)

  • subscriptionId (pulumi.Input[str]) - Azure Subscription ID (string)

The digitalocean_credential_config object supports the following:

  • accessToken (pulumi.Input[str]) - DigitalOcean access token (string)

The openstack_credential_config object supports the following:

  • password (pulumi.Input[str]) - vSphere password (string)

The vsphere_credential_config object supports the following:

  • password (pulumi.Input[str]) - vSphere password (string)

  • username (pulumi.Input[str]) - vSphere username (string)

  • vcenter (pulumi.Input[str]) - vSphere IP/hostname for vCenter (string)

  • vcenterPort (pulumi.Input[str]) - vSphere Port for vCenter. Default 443 (string)

amazonec2_credential_config = None

AWS config for the Cloud Credential (list maxitems:1)

  • access_key (str) - AWS access key (string)

  • secret_key (str) - AWS secret key (string)

annotations = None

Annotations for Cloud Credential object (map)

azure_credential_config = None

Azure config for the Cloud Credential (list maxitems:1)

  • client_id (str) - Azure Service Principal Account ID (string)

  • client_secret (str) - Azure Service Principal Account password (string)

  • subscriptionId (str) - Azure Subscription ID (string)

description = None

Description for the Cloud Credential (string)

digitalocean_credential_config = None

DigitalOcean config for the Cloud Credential (list maxitems:1)

  • accessToken (str) - DigitalOcean access token (string)

driver = None

(Computed) The driver of the Cloud Credential (string)

labels = None

Labels for Cloud Credential object (map)

name = None

The name of the Cloud Credential (string)

openstack_credential_config = None

OpenStack config for the Cloud Credential (list maxitems:1)

  • password (str) - vSphere password (string)

vsphere_credential_config = None

vSphere config for the Cloud Credential (list maxitems:1)

  • password (str) - vSphere password (string)

  • username (str) - vSphere username (string)

  • vcenter (str) - vSphere IP/hostname for vCenter (string)

  • vcenterPort (str) - vSphere Port for vCenter. Default 443 (string)

static get(resource_name, id, opts=None, amazonec2_credential_config=None, annotations=None, azure_credential_config=None, description=None, digitalocean_credential_config=None, driver=None, labels=None, name=None, openstack_credential_config=None, vsphere_credential_config=None)

Get an existing CloudCredential resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • amazonec2_credential_config (pulumi.Input[dict]) – AWS config for the Cloud Credential (list maxitems:1)

  • annotations (pulumi.Input[dict]) – Annotations for Cloud Credential object (map)

  • azure_credential_config (pulumi.Input[dict]) – Azure config for the Cloud Credential (list maxitems:1)

  • description (pulumi.Input[str]) – Description for the Cloud Credential (string)

  • digitalocean_credential_config (pulumi.Input[dict]) – DigitalOcean config for the Cloud Credential (list maxitems:1)

  • driver (pulumi.Input[str]) – (Computed) The driver of the Cloud Credential (string)

  • labels (pulumi.Input[dict]) – Labels for Cloud Credential object (map)

  • name (pulumi.Input[str]) – The name of the Cloud Credential (string)

  • openstack_credential_config (pulumi.Input[dict]) – OpenStack config for the Cloud Credential (list maxitems:1)

  • vsphere_credential_config (pulumi.Input[dict]) – vSphere config for the Cloud Credential (list maxitems:1)

The amazonec2_credential_config object supports the following:

  • access_key (pulumi.Input[str]) - AWS access key (string)

  • secret_key (pulumi.Input[str]) - AWS secret key (string)

The azure_credential_config object supports the following:

  • client_id (pulumi.Input[str]) - Azure Service Principal Account ID (string)

  • client_secret (pulumi.Input[str]) - Azure Service Principal Account password (string)

  • subscriptionId (pulumi.Input[str]) - Azure Subscription ID (string)

The digitalocean_credential_config object supports the following:

  • accessToken (pulumi.Input[str]) - DigitalOcean access token (string)

The openstack_credential_config object supports the following:

  • password (pulumi.Input[str]) - vSphere password (string)

The vsphere_credential_config object supports the following:

  • password (pulumi.Input[str]) - vSphere password (string)

  • username (pulumi.Input[str]) - vSphere username (string)

  • vcenter (pulumi.Input[str]) - vSphere IP/hostname for vCenter (string)

  • vcenterPort (pulumi.Input[str]) - vSphere Port for vCenter. Default 443 (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.Cluster(resource_name, opts=None, aks_config=None, annotations=None, cluster_auth_endpoint=None, cluster_monitoring_input=None, cluster_template_answers=None, cluster_template_id=None, cluster_template_questions=None, cluster_template_revision_id=None, default_pod_security_policy_template_id=None, description=None, desired_agent_image=None, desired_auth_image=None, docker_root_dir=None, driver=None, eks_config=None, enable_cluster_alerting=None, enable_cluster_istio=None, enable_cluster_monitoring=None, enable_network_policy=None, gke_config=None, k3s_config=None, labels=None, name=None, rke_config=None, scheduled_cluster_scan=None, windows_prefered_cluster=None, __props__=None, __name__=None, __opts__=None)
Provides a Rancher v2 Cluster resource. This can be used to create Clusters for Rancher v2 environments and retrieve their information.

> This content is derived from https://github.com/terraform-providers/terraform-provider-rancher2/blob/master/website/docs/r/cluster.html.markdown.

:param str resource_name: The name of the resource.
:param pulumi.ResourceOptions opts: Options for the resource.
:param pulumi.Input[dict] aks_config: The Azure AKS configuration for `aks` Clusters. Conflicts with `eks_config`, `gke_config`, `k3s_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[dict] annotations: Annotations for cluster registration token object (map)
:param pulumi.Input[dict] cluster_auth_endpoint: Enabling the [local cluster authorized endpoint](https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/options/#local-cluster-auth-endpoint) allows direct communication with the cluster, bypassing the Rancher API proxy. (list maxitems:1)
:param pulumi.Input[dict] cluster_monitoring_input: Cluster monitoring config. Any parameter defined in [rancher-monitoring charts](https://github.com/rancher/system-charts/tree/dev/charts/rancher-monitoring) could be configured  (list maxitems:1)
:param pulumi.Input[dict] cluster_template_answers: Cluster template answers. Just for Rancher v2.3.x and above (list maxitems:1)
:param pulumi.Input[str] cluster_template_id: Cluster template ID. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[list] cluster_template_questions: Cluster template questions. Just for Rancher v2.3.x and above (list)
:param pulumi.Input[str] cluster_template_revision_id: Cluster template revision ID. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] default_pod_security_policy_template_id: [Default pod security policy template id](https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/options/#pod-security-policy-support) (string)
:param pulumi.Input[str] description: An optional description of this cluster (string)
:param pulumi.Input[str] desired_agent_image: Desired agent image. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] desired_auth_image: Desired auth image. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] docker_root_dir: Desired auth image. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] driver: (Computed) The driver used for the Cluster. `imported`, `azurekubernetesservice`, `amazonelasticcontainerservice`, `googlekubernetesengine` and `rancherKubernetesEngine` are supported (string)
:param pulumi.Input[dict] eks_config: The Amazon EKS configuration for `eks` Clusters. Conflicts with `aks_config`, `gke_config`, `k3s_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[bool] enable_cluster_alerting: Enable built-in cluster alerting. Default `false` (bool)
:param pulumi.Input[bool] enable_cluster_istio: Enable built-in cluster istio. Default `false`. Just for Rancher v2.3.x and above (bool)
:param pulumi.Input[bool] enable_cluster_monitoring: Enable built-in cluster monitoring. Default `false` (bool)
:param pulumi.Input[bool] enable_network_policy: Enable project network isolation. Default `false` (bool)
       * `scheduled_cluster_scan`- (Optional) Cluster scheduled cis scan. For Rancher v2.4.0 or above (List maxitems:1)
:param pulumi.Input[dict] gke_config: The Google GKE configuration for `gke` Clusters. Conflicts with `aks_config`, `eks_config`, `k3s_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[dict] k3s_config: The K3S configuration for `k3s` imported Clusters. Conflicts with `aks_config`, `eks_config`, `gke_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[dict] labels: Labels for cluster registration token object (map)
:param pulumi.Input[str] name: Name of cluster registration token (string)
:param pulumi.Input[dict] rke_config: The RKE configuration for `rke` Clusters. Conflicts with `aks_config`, `eks_config`, `gke_config` and `k3s_config` (list maxitems:1)
:param pulumi.Input[dict] scheduled_cluster_scan: Cluster scheduled scan
:param pulumi.Input[bool] windows_prefered_cluster: Windows preferred cluster. Default: `false` (bool)

The **aks_config** object supports the following:

  * `aadServerAppSecret` (`pulumi.Input[str]`) - The secret of an Azure Active Directory server application (string)
  * `aadTenantId` (`pulumi.Input[str]`) - The ID of an Azure Active Directory tenant (string)
  * `addClientAppId` (`pulumi.Input[str]`) - The ID of an Azure Active Directory client application of type "Native". This application is for user login via kubectl (string)
  * `addServerAppId` (`pulumi.Input[str]`) - The ID of an Azure Active Directory server application of type "Web app/API". This application represents the managed cluster's apiserver (Server application) (string)
  * `adminUsername` (`pulumi.Input[str]`) - The administrator username to use for Linux hosts. Default `azureuser` (string)
  * `agentDnsPrefix` (`pulumi.Input[str]`) - DNS prefix to be used to create the FQDN for the agent pool (string)
  * `agentOsDiskSize` (`pulumi.Input[float]`) - GB size to be used to specify the disk for every machine in the agent pool. If you specify 0, it will apply the default according to the "agent vm size" specified. Default `0` (int)
  * `agentPoolName` (`pulumi.Input[str]`) - Name for the agent pool, upto 12 alphanumeric characters. Default `agentpool0` (string)
  * `agentStorageProfile` (`pulumi.Input[str]`) - Storage profile specifies what kind of storage used on machine in the agent pool. Chooses from [ManagedDisks StorageAccount]. Default `ManagedDisks` (string)
  * `agentVmSize` (`pulumi.Input[str]`) - Size of machine in the agent pool. Default `Standard_D1_v2` (string)
  * `authBaseUrl` (`pulumi.Input[str]`) - Different authentication API url to use. Default `https://login.microsoftonline.com/` (string)
  * `baseUrl` (`pulumi.Input[str]`) - Different resource management API url to use. Default `https://management.azure.com/` (string)
  * `client_id` (`pulumi.Input[str]`) - Azure client ID to use (string)
  * `client_secret` (`pulumi.Input[str]`) - Azure client secret associated with the "client id" (string)
  * `count` (`pulumi.Input[float]`) - Number of machines (VMs) in the agent pool. Allowed values must be in the range of 1 to 100 (inclusive). Default `1` (int)
  * `dnsServiceIp` (`pulumi.Input[str]`) - An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes Service address range specified in "service cidr". Default `10.0.0.10` (string)
  * `dockerBridgeCidr` (`pulumi.Input[str]`) - A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes Service address range specified in "service cidr". Default `172.17.0.1/16` (string)
  * `enableHttpApplicationRouting` (`pulumi.Input[bool]`) - Enable the Kubernetes ingress with automatic public DNS name creation. Default `false` (bool)
  * `enableMonitoring` (`pulumi.Input[bool]`) - Turn on Azure Log Analytics monitoring. Uses the Log Analytics "Default" workspace if it exists, else creates one. if using an existing workspace, specifies "log analytics workspace resource id". Default `true` (bool)
  * `kubernetesVersion` (`pulumi.Input[str]`) - The Kubernetes master version (string)
  * `location` (`pulumi.Input[str]`) - Azure Kubernetes cluster location. Default `eastus` (string)
  * `logAnalyticsWorkspace` (`pulumi.Input[str]`) - The name of an existing Azure Log Analytics Workspace to use for storing monitoring data. If not specified, uses '{resource group}-{subscription id}-{location code}' (string)
  * `logAnalyticsWorkspaceResourceGroup` (`pulumi.Input[str]`) - The resource group of an existing Azure Log Analytics Workspace to use for storing monitoring data. If not specified, uses the 'Cluster' resource group (string)
  * `masterDnsPrefix` (`pulumi.Input[str]`) - DNS prefix to use the Kubernetes cluster control pane (string)
  * `maxPods` (`pulumi.Input[float]`) - Maximum number of pods that can run on a node. Default `110` (int)
  * `networkPlugin` (`pulumi.Input[str]`) - Network plugin used for building Kubernetes network. Chooses from `azure` or `kubenet`. Default `azure` (string)
  * `networkPolicy` (`pulumi.Input[str]`) - Network policy used for building Kubernetes network. Chooses from `calico` (string)
  * `podCidr` (`pulumi.Input[str]`) - A CIDR notation IP range from which to assign Kubernetes Pod IPs when "network plugin" is specified in "kubenet". Default `172.244.0.0/16` (string)
  * `resourceGroup` (`pulumi.Input[str]`) - The name of the Cluster resource group (string)
  * `serviceCidr` (`pulumi.Input[str]`) - A CIDR notation IP range from which to assign Kubernetes Service cluster IPs. It must not overlap with any Subnet IP ranges. Default `10.0.0.0/16` (string)
  * `sshPublicKeyContents` (`pulumi.Input[str]`) - Contents of the SSH public key used to authenticate with Linux hosts (string)
  * `subnet` (`pulumi.Input[str]`) - The name of an existing Azure Virtual Subnet. Composite of agent virtual network subnet ID (string)
  * `subscriptionId` (`pulumi.Input[str]`) - Subscription credentials which uniquely identify Microsoft Azure subscription (string)
  * `tag` (`pulumi.Input[dict]`) - Tags for Kubernetes cluster. For example, foo=bar (map)
  * `tenant_id` (`pulumi.Input[str]`) - Azure tenant ID to use (string)
  * `virtualNetwork` (`pulumi.Input[str]`) - The name of the virtual network to use. If it's not specified Rancher will create a new VPC (string)
  * `virtualNetworkResourceGroup` (`pulumi.Input[str]`) - The resource group of an existing Azure Virtual Network. Composite of agent virtual network subnet ID (string)

The **cluster_auth_endpoint** object supports the following:

  * `ca_certs` (`pulumi.Input[str]`) - CA certs for the authorized cluster endpoint (string)
  * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
  * `fqdn` (`pulumi.Input[str]`) - FQDN for the authorized cluster endpoint (string)

The **cluster_monitoring_input** object supports the following:

  * `answers` (`pulumi.Input[dict]`) - Key/value answers for monitor input (map)

The **cluster_template_answers** object supports the following:

  * `cluster_id` (`pulumi.Input[str]`) - Cluster ID (string)
  * `project_id` (`pulumi.Input[str]`) - Project ID to apply answer (string)
  * `values` (`pulumi.Input[dict]`) - Key/values for answer (map)

The **cluster_template_questions** object supports the following:

  * `default` (`pulumi.Input[str]`) - Default variable value (string)
  * `required` (`pulumi.Input[bool]`) - Required variable. Default `false` (bool)
  * `type` (`pulumi.Input[str]`) - Variable type. `boolean`, `int` and `string` are allowed. Default `string` (string)
  * `variable` (`pulumi.Input[str]`) - Variable name (string)

The **eks_config** object supports the following:

  * `access_key` (`pulumi.Input[str]`) - The AWS Client ID to use (string)
  * `ami` (`pulumi.Input[str]`) - AMI ID to use for the worker nodes instead of the default (string)
  * `associateWorkerNodePublicIp` (`pulumi.Input[bool]`) - Associate public ip EKS worker nodes. Default `true` (bool)
  * `desiredNodes` (`pulumi.Input[float]`) - The desired number of worker nodes. Just for Rancher v2.3.x and above. Default `3` (int)
  * `instanceType` (`pulumi.Input[str]`) - The type of machine to use for worker nodes. Default `t2.medium` (string)
  * `keyPairName` (`pulumi.Input[str]`) - Allow user to specify key name to use. Just for Rancher v2.2.7 and above (string)
  * `kubernetesVersion` (`pulumi.Input[str]`) - The Kubernetes master version (string)
  * `maximumNodes` (`pulumi.Input[float]`) - The maximum number of worker nodes. Default `3` (int)
  * `minimumNodes` (`pulumi.Input[float]`) - The minimum number of worker nodes. Default `1` (int)
  * `nodeVolumeSize` (`pulumi.Input[float]`) - The volume size for each node. Default `20` (int)
  * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
  * `secret_key` (`pulumi.Input[str]`) - The AWS Client Secret associated with the Client ID (string)
  * `securityGroups` (`pulumi.Input[list]`) - List of security groups to use for the cluster. If it's not specified Rancher will create a new security group (list)
  * `serviceRole` (`pulumi.Input[str]`) - The service role to use to perform the cluster operations in AWS. If it's not specified Rancher will create a new service role (string)
  * `sessionToken` (`pulumi.Input[str]`) - A session token to use with the client key and secret if applicable (string)
  * `subnets` (`pulumi.Input[list]`) - List of subnets in the virtual network to use. If it's not specified Rancher will create 3 news subnets (list)
  * `userData` (`pulumi.Input[str]`) - Pass user-data to the nodes to perform automated configuration tasks (string)
  * `virtualNetwork` (`pulumi.Input[str]`) - The name of the virtual network to use. If it's not specified Rancher will create a new VPC (string)

The **gke_config** object supports the following:

  * `clusterIpv4Cidr` (`pulumi.Input[str]`) - The IP address range of the container pods (string)
  * `credential` (`pulumi.Input[str]`) - The contents of the GC credential file (string)
  * `description` (`pulumi.Input[str]`) - An optional description of this cluster (string)
  * `diskSizeGb` (`pulumi.Input[float]`) - Size of the disk attached to each node. Default `100` (int)
  * `diskType` (`pulumi.Input[str]`) - Type of the disk attached to each node (string)
  * `enableAlphaFeature` (`pulumi.Input[bool]`) - To enable Kubernetes alpha feature. Default `true` (bool)
  * `enableAutoRepair` (`pulumi.Input[bool]`) - Specifies whether the node auto-repair is enabled for the node pool. Default `false` (bool)
  * `enableAutoUpgrade` (`pulumi.Input[bool]`) - Specifies whether node auto-upgrade is enabled for the node pool. Default `false` (bool)
  * `enableHorizontalPodAutoscaling` (`pulumi.Input[bool]`) - Enable horizontal pod autoscaling for the cluster. Default `true` (bool)
  * `enableHttpLoadBalancing` (`pulumi.Input[bool]`) - Enable HTTP load balancing on GKE cluster. Default `true` (bool)
  * `enableKubernetesDashboard` (`pulumi.Input[bool]`) - Whether to enable the Kubernetes dashboard. Default `false` (bool)
  * `enableLegacyAbac` (`pulumi.Input[bool]`) - Whether to enable legacy abac on the cluster. Default `false` (bool)
  * `enableMasterAuthorizedNetwork` (`pulumi.Input[bool]`)
  * `enableNetworkPolicyConfig` (`pulumi.Input[bool]`) - Enable stackdriver logging. Default `true` (bool)
  * `enableNodepoolAutoscaling` (`pulumi.Input[bool]`) - Enable nodepool autoscaling. Default `false` (bool)
  * `enablePrivateEndpoint` (`pulumi.Input[bool]`) - Whether the master's internal IP address is used as the cluster endpoint. Default `false` (bool)
  * `enablePrivateNodes` (`pulumi.Input[bool]`) - Whether nodes have internal IP address only. Default `false` (bool)
  * `enableStackdriverLogging` (`pulumi.Input[bool]`) - Enable stackdriver monitoring. Default `true` (bool)
  * `enableStackdriverMonitoring` (`pulumi.Input[bool]`) - Enable stackdriver monitoring on GKE cluster (bool)
  * `imageType` (`pulumi.Input[str]`) - The image to use for the worker nodes (string)
  * `ipPolicyClusterIpv4CidrBlock` (`pulumi.Input[str]`) - The IP address range for the cluster pod IPs (string)
  * `ipPolicyClusterSecondaryRangeName` (`pulumi.Input[str]`) - The name of the secondary range to be used for the cluster CIDR block (string)
  * `ipPolicyCreateSubnetwork` (`pulumi.Input[bool]`) - Whether a new subnetwork will be created automatically for the cluster. Default `false` (bool)
  * `ipPolicyNodeIpv4CidrBlock` (`pulumi.Input[str]`) - The IP address range of the instance IPs in this cluster (string)
  * `ipPolicyServicesIpv4CidrBlock` (`pulumi.Input[str]`) - The IP address range of the services IPs in this cluster (string)
  * `ipPolicyServicesSecondaryRangeName` (`pulumi.Input[str]`) - The name of the secondary range to be used for the services CIDR block (string)
  * `ipPolicySubnetworkName` (`pulumi.Input[str]`) - A custom subnetwork name to be used if createSubnetwork is true (string)
  * `issueClientCertificate` (`pulumi.Input[bool]`) - Issue a client certificate. Default `false` (bool)
  * `kubernetesDashboard` (`pulumi.Input[bool]`) - Enable the Kubernetes dashboard. Default `false` (bool)
  * `labels` (`pulumi.Input[dict]`) - Labels for cluster registration token object (map)
  * `localSsdCount` (`pulumi.Input[float]`) - The number of local SSD disks to be attached to the node. Default `0` (int)
  * `locations` (`pulumi.Input[list]`) - Locations for GKE cluster (list)
  * `machineType` (`pulumi.Input[str]`) - Machine type for GKE cluster (string)
  * `maintenanceWindow` (`pulumi.Input[str]`) - Maintenance window for GKE cluster (string)
  * `masterAuthorizedNetworkCidrBlocks` (`pulumi.Input[list]`) - Define up to 10 external networks that could access Kubernetes master through HTTPS (list)
  * `masterIpv4CidrBlock` (`pulumi.Input[str]`) - The IP range in CIDR notation to use for the hosted master network (string)
  * `masterVersion` (`pulumi.Input[str]`) - Master version for GKE cluster (string)
  * `maxNodeCount` (`pulumi.Input[float]`) - Maximum number of nodes in the NodePool. Must be >= minNodeCount. There has to enough quota to scale up the cluster. Default `0` (int)
  * `minNodeCount` (`pulumi.Input[float]`) - Minimmum number of nodes in the NodePool. Must be >= 1 and <= maxNodeCount. Default `0` (int)
  * `network` (`pulumi.Input[str]`) - Network for GKE cluster (string)
  * `nodeCount` (`pulumi.Input[float]`) - Node count for GKE cluster. Default `3` (int)
  * `nodePool` (`pulumi.Input[str]`) - The ID of the cluster node pool (string)
  * `nodeVersion` (`pulumi.Input[str]`) - Node version for GKE cluster (string)
  * `oauthScopes` (`pulumi.Input[list]`) - The set of Google API scopes to be made available on all of the node VMs under the default service account (list)
  * `preemptible` (`pulumi.Input[bool]`) - Whether the nodes are created as preemptible VM instances. Default `false` (bool)
  * `project_id` (`pulumi.Input[str]`) - Project ID to apply answer (string)
  * `resourceLabels` (`pulumi.Input[dict]`) - The map of Kubernetes labels to be applied to each cluster (map)
  * `serviceAccount` (`pulumi.Input[str]`) - The Google Cloud Platform Service Account to be used by the node VMs (string)
  * `subNetwork` (`pulumi.Input[str]`) - Subnetwork for GKE cluster (string)
  * `taints` (`pulumi.Input[list]`) - List of Kubernetes taints to be applied to each node (list)
  * `useIpAliases` (`pulumi.Input[bool]`) - Whether alias IPs will be used for pod IPs in the cluster. Default `false` (bool)
  * `zone` (`pulumi.Input[str]`) - Zone GKE cluster (string)

The **k3s_config** object supports the following:

  * `upgrade_strategy` (`pulumi.Input[dict]`) - K3S upgrade strategy (List maxitems: 1)
    * `drainServerNodes` (`pulumi.Input[bool]`) - Drain server nodes. Default: `false` (bool)
    * `drainWorkerNodes` (`pulumi.Input[bool]`) - Drain worker nodes. Default: `false` (bool)
    * `serverConcurrency` (`pulumi.Input[float]`) - Server concurrency. Default: `1` (int)
    * `workerConcurrency` (`pulumi.Input[float]`) - Worker concurrency. Default: `1` (int)

  * `version` (`pulumi.Input[str]`) - K3S kubernetes version (string)

The **rke_config** object supports the following:

  * `addonJobTimeout` (`pulumi.Input[float]`) - Duration in seconds of addon job (int)
  * `addons` (`pulumi.Input[str]`) - Addons descripton to deploy on RKE cluster.
  * `addonsIncludes` (`pulumi.Input[list]`) - Addons yaml manifests to deploy on RKE cluster (list)
  * `authentication` (`pulumi.Input[dict]`) - Kubernetes cluster authentication (list maxitems:1)
    * `sans` (`pulumi.Input[list]`) - RKE sans for authentication ([]string)
    * `strategy` (`pulumi.Input[str]`) - RKE strategy for authentication (string)

  * `authorization` (`pulumi.Input[dict]`) - Kubernetes cluster authorization (list maxitems:1)
    * `mode` (`pulumi.Input[str]`) - RKE mode for authorization. `rbac` and `none` modes are available. Default `rbac` (string)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)

  * `bastionHost` (`pulumi.Input[dict]`) - RKE bastion host (list maxitems:1)
    * `address` (`pulumi.Input[str]`) - Address ip for node (string)
    * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
    * `sshAgentAuth` (`pulumi.Input[bool]`) - Use ssh agent auth. Default `false` (bool)
    * `sshKey` (`pulumi.Input[str]`) - Node SSH private key (string)
    * `sshKeyPath` (`pulumi.Input[str]`) - Node SSH private key path (string)
    * `user` (`pulumi.Input[str]`) - Registry user (string)

  * `cloudProvider` (`pulumi.Input[dict]`) - RKE options for Calico network provider (string)
    * `awsCloudProvider` (`pulumi.Input[dict]`) - RKE AWS Cloud Provider config for Cloud Provider [rke-aws-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/aws/) (list maxitems:1)
      * `global` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `disableSecurityGroupIngress` (`pulumi.Input[bool]`) - Default `false` (bool)
        * `disableStrictZoneCheck` (`pulumi.Input[bool]`) - Default `false` (bool)
        * `elbSecurityGroup` (`pulumi.Input[str]`) - (string)
        * `kubernetesClusterId` (`pulumi.Input[str]`) - (string)
        * `kubernetesClusterTag` (`pulumi.Input[str]`) - (string)
        * `roleArn` (`pulumi.Input[str]`) - (string)
        * `routeTableId` (`pulumi.Input[str]`) - (string)
        * `subnetId` (`pulumi.Input[str]`) - (string)
        * `vpc` (`pulumi.Input[str]`) - (string)
        * `zone` (`pulumi.Input[str]`) - Zone GKE cluster (string)

      * `serviceOverrides` (`pulumi.Input[list]`) - (list)
        * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
        * `service` (`pulumi.Input[str]`) - (string)
        * `signingMethod` (`pulumi.Input[str]`) - (string)
        * `signingName` (`pulumi.Input[str]`) - (string)
        * `signingRegion` (`pulumi.Input[str]`) - (string)
        * `url` (`pulumi.Input[str]`) - Registry URL (string)

    * `azureCloudProvider` (`pulumi.Input[dict]`) - RKE Azure Cloud Provider config for Cloud Provider [rke-azure-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/azure/) (list maxitems:1)
      * `aadClientCertPassword` (`pulumi.Input[str]`) - (string)
      * `aadClientCertPath` (`pulumi.Input[str]`) - (string)
      * `aadClientId` (`pulumi.Input[str]`) - (string)
      * `aadClientSecret` (`pulumi.Input[str]`) - (string)
      * `cloud` (`pulumi.Input[str]`) - (string)
      * `cloudProviderBackoff` (`pulumi.Input[bool]`) - (bool)
      * `cloudProviderBackoffDuration` (`pulumi.Input[float]`) - (int)
      * `cloudProviderBackoffExponent` (`pulumi.Input[float]`) - (int)
      * `cloudProviderBackoffJitter` (`pulumi.Input[float]`) - (int)
      * `cloudProviderBackoffRetries` (`pulumi.Input[float]`) - (int)
      * `cloudProviderRateLimit` (`pulumi.Input[bool]`) - (bool)
      * `cloudProviderRateLimitBucket` (`pulumi.Input[float]`) - (int)
      * `cloudProviderRateLimitQps` (`pulumi.Input[float]`) - (int)
      * `location` (`pulumi.Input[str]`) - Azure Kubernetes cluster location. Default `eastus` (string)
      * `maximumLoadBalancerRuleCount` (`pulumi.Input[float]`) - (int)
      * `primaryAvailabilitySetName` (`pulumi.Input[str]`) - (string)
      * `primaryScaleSetName` (`pulumi.Input[str]`) - (string)
      * `resourceGroup` (`pulumi.Input[str]`) - The name of the Cluster resource group (string)
      * `routeTableName` (`pulumi.Input[str]`) - (string)
      * `securityGroupName` (`pulumi.Input[str]`) - (string)
      * `subnetName` (`pulumi.Input[str]`) - (string)
      * `subscriptionId` (`pulumi.Input[str]`) - Subscription credentials which uniquely identify Microsoft Azure subscription (string)
      * `tenant_id` (`pulumi.Input[str]`) - Azure tenant ID to use (string)
      * `useInstanceMetadata` (`pulumi.Input[bool]`) - (bool)
      * `useManagedIdentityExtension` (`pulumi.Input[bool]`) - (bool)
      * `vmType` (`pulumi.Input[str]`) - (string)
      * `vnetName` (`pulumi.Input[str]`) - (string)
      * `vnetResourceGroup` (`pulumi.Input[str]`) - (string)

    * `customCloudProvider` (`pulumi.Input[str]`) - RKE Custom Cloud Provider config for Cloud Provider (string) (string)
    * `name` (`pulumi.Input[str]`) - Name of cluster registration token (string)
    * `openstackCloudProvider` (`pulumi.Input[dict]`) - RKE Openstack Cloud Provider config for Cloud Provider [rke-openstack-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/openstack/) (list maxitems:1)
      * `blockStorage` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `bsVersion` (`pulumi.Input[str]`) - (string)
        * `ignoreVolumeAz` (`pulumi.Input[bool]`) - (string)
        * `trustDevicePath` (`pulumi.Input[bool]`) - (string)

      * `global` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `authUrl` (`pulumi.Input[str]`) - (string)
        * `caFile` (`pulumi.Input[str]`) - (string)
        * `domainId` (`pulumi.Input[str]`) - Required if `domain_name` not provided. (string)
        * `domainName` (`pulumi.Input[str]`) - Required if `domain_id` not provided. (string)
        * `password` (`pulumi.Input[str]`) - Registry password (string)
        * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
        * `tenant_id` (`pulumi.Input[str]`) - Azure tenant ID to use (string)
        * `tenantName` (`pulumi.Input[str]`) - Required if `tenant_id` not provided. (string)
        * `trustId` (`pulumi.Input[str]`) - (string)
        * `username` (`pulumi.Input[str]`) - (string)

      * `loadBalancer` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `createMonitor` (`pulumi.Input[bool]`) - (bool)
        * `floatingNetworkId` (`pulumi.Input[str]`) - (string)
        * `lbMethod` (`pulumi.Input[str]`) - (string)
        * `lbProvider` (`pulumi.Input[str]`) - (string)
        * `lbVersion` (`pulumi.Input[str]`) - (string)
        * `manageSecurityGroups` (`pulumi.Input[bool]`) - (bool)
        * `monitorDelay` (`pulumi.Input[str]`) - Default `60s` (string)
        * `monitorMaxRetries` (`pulumi.Input[float]`) - Default 5 (int)
        * `monitorTimeout` (`pulumi.Input[str]`) - Default `30s` (string)
        * `subnetId` (`pulumi.Input[str]`) - (string)
        * `useOctavia` (`pulumi.Input[bool]`) - (bool)

      * `metadata` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `requestTimeout` (`pulumi.Input[float]`) - (int)
        * `searchOrder` (`pulumi.Input[str]`) - (string)

      * `route` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `routerId` (`pulumi.Input[str]`) - (string)

    * `vsphereCloudProvider` (`pulumi.Input[dict]`) - RKE Vsphere Cloud Provider config for Cloud Provider [rke-vsphere-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/vsphere/) Extra argument `name` is required on `virtual_center` configuration. (list maxitems:1)
      * `disk` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `scsiControllerType` (`pulumi.Input[str]`) - (string)

      * `global` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `datacenters` (`pulumi.Input[str]`) - (string)
        * `insecureFlag` (`pulumi.Input[bool]`) - (bool)
        * `password` (`pulumi.Input[str]`) - Registry password (string)
        * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
        * `soapRoundtripCount` (`pulumi.Input[float]`) - (int)
        * `user` (`pulumi.Input[str]`) - Registry user (string)

      * `network` (`pulumi.Input[dict]`) - Network for GKE cluster (string)
        * `publicNetwork` (`pulumi.Input[str]`) - (string)

      * `virtualCenters` (`pulumi.Input[list]`) - (List)
        * `datacenters` (`pulumi.Input[str]`) - (string)
        * `name` (`pulumi.Input[str]`) - Name of cluster registration token (string)
        * `password` (`pulumi.Input[str]`) - Registry password (string)
        * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
        * `soapRoundtripCount` (`pulumi.Input[float]`) - (int)
        * `user` (`pulumi.Input[str]`) - Registry user (string)

      * `workspace` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `datacenter` (`pulumi.Input[str]`) - (string)
        * `defaultDatastore` (`pulumi.Input[str]`) - (string)
        * `folder` (`pulumi.Input[str]`) - Folder for S3 service. Available from Rancher v2.2.7 (string)
        * `resourcepoolPath` (`pulumi.Input[str]`) - (string)
        * `server` (`pulumi.Input[str]`) - (string)

  * `dns` (`pulumi.Input[dict]`) - RKE dns add-on. Just for Rancher v2.2.x (list maxitems:1)
    * `nodeSelector` (`pulumi.Input[dict]`) - Node selector for RKE Ingress (map)
    * `provider` (`pulumi.Input[str]`) - Provider for RKE monitoring (string)
    * `reverseCidrs` (`pulumi.Input[list]`) - DNS add-on reverse cidr  (list)
    * `upstreamNameservers` (`pulumi.Input[list]`) - DNS add-on upstream nameservers  (list)

  * `ignoreDockerVersion` (`pulumi.Input[bool]`) - Ignore docker version. Default `true` (bool)
  * `ingress` (`pulumi.Input[dict]`) - Kubernetes ingress configuration (list maxitems:1)
    * `dnsPolicy` (`pulumi.Input[str]`) - Ingress controller DNS policy. `ClusterFirstWithHostNet`, `ClusterFirst`, `Default`, and `None` are supported. [K8S dns Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) (string)
    * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
    * `nodeSelector` (`pulumi.Input[dict]`) - Node selector for RKE Ingress (map)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)
    * `provider` (`pulumi.Input[str]`) - Provider for RKE monitoring (string)

  * `kubernetesVersion` (`pulumi.Input[str]`) - The Kubernetes master version (string)
  * `monitoring` (`pulumi.Input[dict]`) - Kubernetes cluster monitoring (list maxitems:1)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)
    * `provider` (`pulumi.Input[str]`) - Provider for RKE monitoring (string)

  * `network` (`pulumi.Input[dict]`) - Network for GKE cluster (string)
    * `calicoNetworkProvider` (`pulumi.Input[dict]`) - Calico provider config for RKE network (list maxitems:1)
      * `cloudProvider` (`pulumi.Input[str]`) - RKE options for Calico network provider (string)

    * `canalNetworkProvider` (`pulumi.Input[dict]`) - Canal provider config for RKE network (list maxitems:1)
      * `iface` (`pulumi.Input[str]`) - Iface config Flannel network provider (string)

    * `flannelNetworkProvider` (`pulumi.Input[dict]`) - Flannel provider config for RKE network (list maxitems:1)
      * `iface` (`pulumi.Input[str]`) - Iface config Flannel network provider (string)

    * `mtu` (`pulumi.Input[float]`) - Network provider MTU. Default `0` (int)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)
    * `plugin` (`pulumi.Input[str]`) - Plugin for RKE network. `canal` (default), `flannel`, `calico`, `none` and `weave` are supported. (string)
    * `weaveNetworkProvider` (`pulumi.Input[dict]`) - Weave provider config for RKE network (list maxitems:1)
      * `password` (`pulumi.Input[str]`) - Registry password (string)

  * `nodes` (`pulumi.Input[list]`) - RKE cluster nodes (list)
    * `address` (`pulumi.Input[str]`) - Address ip for node (string)
    * `dockerSocket` (`pulumi.Input[str]`) - Docker socket for node (string)
    * `hostnameOverride` (`pulumi.Input[str]`) - Hostname override for node (string)
    * `internalAddress` (`pulumi.Input[str]`) - Internal ip for node (string)
    * `labels` (`pulumi.Input[dict]`) - Labels for cluster registration token object (map)
    * `nodeId` (`pulumi.Input[str]`) - Id for the node (string)
    * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
    * `roles` (`pulumi.Input[list]`) - Roles for the node. `controlplane`, `etcd` and `worker` are supported. (list)
    * `sshAgentAuth` (`pulumi.Input[bool]`) - Use ssh agent auth. Default `false` (bool)
    * `sshKey` (`pulumi.Input[str]`) - Node SSH private key (string)
    * `sshKeyPath` (`pulumi.Input[str]`) - Node SSH private key path (string)
    * `user` (`pulumi.Input[str]`) - Registry user (string)

  * `prefixPath` (`pulumi.Input[str]`) - Prefix to customize Kubernetes path (string)
  * `privateRegistries` (`pulumi.Input[list]`) - private registries for docker images (list)
    * `isDefault` (`pulumi.Input[bool]`) - Set as default registry. Default `false` (bool)
    * `password` (`pulumi.Input[str]`) - Registry password (string)
    * `url` (`pulumi.Input[str]`) - Registry URL (string)
    * `user` (`pulumi.Input[str]`) - Registry user (string)

  * `services` (`pulumi.Input[dict]`) - Kubernetes cluster services (list maxitems:1)
    * `etcd` (`pulumi.Input[dict]`) - Etcd options for RKE services (list maxitems:1)
      * `backup_config` (`pulumi.Input[dict]`) - Backup options for etcd service. Just for Rancher v2.2.x (list maxitems:1)
        * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        * `intervalHours` (`pulumi.Input[float]`) - Interval hours for etcd backup. Default `12` (int)
        * `retention` (`pulumi.Input[float]`) - Retention for etcd backup. Default `6` (int)
        * `s3BackupConfig` (`pulumi.Input[dict]`) - S3 config options for etcd backup (list maxitems:1)
          * `access_key` (`pulumi.Input[str]`) - The AWS Client ID to use (string)
          * `bucketName` (`pulumi.Input[str]`) - Bucket name for S3 service (string)
          * `customCa` (`pulumi.Input[str]`) - Base64 encoded custom CA for S3 service. Use filebase64(<FILE>) for encoding file. Available from Rancher v2.2.5 (string)
          * `endpoint` (`pulumi.Input[str]`) - Endpoint for S3 service (string)
          * `folder` (`pulumi.Input[str]`) - Folder for S3 service. Available from Rancher v2.2.7 (string)
          * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
          * `secret_key` (`pulumi.Input[str]`) - The AWS Client Secret associated with the Client ID (string)

        * `safeTimestamp` (`pulumi.Input[bool]`) - Safe timestamp for etcd backup. Default: `false` (bool)

      * `caCert` (`pulumi.Input[str]`) - TLS CA certificate for etcd service (string)
      * `cert` (`pulumi.Input[str]`) - TLS certificate for etcd service (string)
      * `creation` (`pulumi.Input[str]`) - Creation option for etcd service (string)
      * `externalUrls` (`pulumi.Input[list]`) - External urls for etcd service (list)
      * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
      * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
      * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
      * `gid` (`pulumi.Input[float]`) - Etcd service GID. Default: `0`. For Rancher v2.3.x or above (int)
      * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
      * `key` (`pulumi.Input[str]`) - TLS key for etcd service (string)
      * `path` (`pulumi.Input[str]`) - (Optional) Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
      * `retention` (`pulumi.Input[str]`) - Retention for etcd backup. Default `6` (int)
      * `snapshot` (`pulumi.Input[bool]`) - Snapshot option for etcd service (bool)
      * `uid` (`pulumi.Input[float]`) - Etcd service UID. Default: `0`. For Rancher v2.3.x or above (int)

    * `kubeApi` (`pulumi.Input[dict]`) - Kube API options for RKE services (list maxitems:1)
      * `admissionConfiguration` (`pulumi.Input[dict]`) - Admission configuration (map)
      * `alwaysPullImages` (`pulumi.Input[bool]`) - Enable [AlwaysPullImages](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages) Admission controller plugin. [Rancher docs](https://rancher.com/docs/rke/latest/en/config-options/services/#kubernetes-api-server-options) Default: `false` (bool)
      * `auditLog` (`pulumi.Input[dict]`) - K8s audit log configuration. (list maxitems: 1)
        * `configuration` (`pulumi.Input[dict]`) - Event rate limit configuration. (map)
          * `format` (`pulumi.Input[str]`) - Audit log format. Default: 'json' (string)
          * `maxAge` (`pulumi.Input[float]`) - Audit log max age. Default: `30` (int)
          * `maxBackup` (`pulumi.Input[float]`) - Audit log max backup. Default: `10` (int)
          * `maxSize` (`pulumi.Input[float]`) - Audit log max size. Default: `100` (int)
          * `path` (`pulumi.Input[str]`) - (Optional) Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
          * `policy` (`pulumi.Input[str]`) - Audit policy yaml encoded definition. `apiVersion` and `kind: Policy

rules:”fields are required in the yaml. Ex.”apiVersion: audit.k8s.io/v1 kind: Policy rules:

  • level: RequestResponse resources:

    • resources:

      • pods “` More info (string)

               * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        
             * `eventRateLimit` (`pulumi.Input[dict]`) - K8s event rate limit configuration. (list maxitems: 1)
               * `configuration` (`pulumi.Input[dict]`) - Event rate limit configuration. (map)
               * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
             * `podSecurityPolicy` (`pulumi.Input[bool]`) - Pod Security Policy option for kube API service. Default `false` (bool)
             * `secretsEncryptionConfig` (`pulumi.Input[dict]`) - [Encrypt k8s secret data configration](https://rancher.com/docs/rke/latest/en/config-options/secrets-encryption/). (list maxitem: 1)
               * `customConfig` (`pulumi.Input[dict]`) - Secrets encryption configuration. (map)
               * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        
             * `serviceClusterIpRange` (`pulumi.Input[str]`) - Service Cluster ip Range option for kube controller service (string)
             * `serviceNodePortRange` (`pulumi.Input[str]`) - Service Node Port Range option for kube API service (string)
        
           * `kubeController` (`pulumi.Input[dict]`) - Kube Controller options for RKE services (list maxitems:1)
             * `clusterCidr` (`pulumi.Input[str]`) - Cluster CIDR option for kube controller service (string)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
             * `serviceClusterIpRange` (`pulumi.Input[str]`) - Service Cluster ip Range option for kube controller service (string)
        
           * `kubelet` (`pulumi.Input[dict]`) - Kubelet options for RKE services (list maxitems:1)
             * `clusterDnsServer` (`pulumi.Input[str]`) - Cluster DNS Server option for kubelet service (string)
             * `clusterDomain` (`pulumi.Input[str]`) - Cluster Domain option for kubelet service (string)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `failSwapOn` (`pulumi.Input[bool]`) - Enable or disable failing when swap on is not supported (bool)
               * `generate_serving_certificate` [Generate a certificate signed by the kube-ca](https://rancher.com/docs/rke/latest/en/config-options/services/#kubelet-serving-certificate-requirements). Default `false` (bool)
             * `generateServingCertificate` (`pulumi.Input[bool]`)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
             * `infraContainerImage` (`pulumi.Input[str]`) - Infra container image for kubelet service (string)
        
           * `kubeproxy` (`pulumi.Input[dict]`) - Kubeproxy options for RKE services (list maxitems:1)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
        
           * `scheduler` (`pulumi.Input[dict]`) - Scheduler options for RKE services (list maxitems:1)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
        
         * `sshAgentAuth` (`pulumi.Input[bool]`) - Use ssh agent auth. Default `false` (bool)
         * `sshCertPath` (`pulumi.Input[str]`) - Cluster level SSH certificate path (string)
         * `sshKeyPath` (`pulumi.Input[str]`) - Node SSH private key path (string)
         * `upgrade_strategy` (`pulumi.Input[dict]`) - K3S upgrade strategy (List maxitems: 1)
           * `drain` (`pulumi.Input[bool]`) - RKE drain nodes. Default: `false` (bool)
           * `drainInput` (`pulumi.Input[dict]`) - RKE drain node input (list Maxitems: 1)
             * `deleteLocalData` (`pulumi.Input[bool]`) - Delete RKE node local data. Default: `false` (bool)
             * `force` (`pulumi.Input[bool]`) - Force RKE node drain. Default: `false` (bool)
             * `gracePeriod` (`pulumi.Input[float]`) - RKE node drain grace period. Default: `-1` (int)
             * `ignoreDaemonSets` (`pulumi.Input[bool]`) - Ignore RKE daemon sets. Default: `true` (bool)
             * `timeout` (`pulumi.Input[float]`) - RKE node drain timeout. Default: `60` (int)
        
           * `maxUnavailableControlplane` (`pulumi.Input[str]`) - RKE max unavailable controlplane nodes. Default: `1` (string)
           * `maxUnavailableWorker` (`pulumi.Input[str]`) - RKE max unavailable worker nodes. Default: `10%` (string)
        
        
        The **scheduled_cluster_scan** object supports the following:
        
        * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        * `scanConfig` (`pulumi.Input[dict]`) - Cluster scan config (List maxitems:1)
          * `cisScanConfig` (`pulumi.Input[dict]`) - Cluster Cis Scan config (List maxitems:1)
            * `debugMaster` (`pulumi.Input[bool]`) - Debug master. Default: `false` (bool)
            * `debugWorker` (`pulumi.Input[bool]`) - Debug worker. Default: `false` (bool)
            * `overrideBenchmarkVersion` (`pulumi.Input[str]`) - Override benchmark version (string)
            * `overrideSkips` (`pulumi.Input[list]`) - Override skip (string)
            * `profile` (`pulumi.Input[str]`) - Cis scan profile. Allowed values: `"permissive" (default) || "hardened"` (string)
        
        * `scheduleConfig` (`pulumi.Input[dict]`) - Cluster scan schedule config (list maxitems:1)
          * `cronSchedule` (`pulumi.Input[str]`) - Crontab schedule. It should contains 5 fields `"<min> <hour> <month_day> <month> <week_day>"` (string)
          * `retention` (`pulumi.Input[float]`) - Retention for etcd backup. Default `6` (int)
        
aks_config = None

The Azure AKS configuration for aks Clusters. Conflicts with eks_config, gke_config, k3s_config and rke_config (list maxitems:1)

  • aadServerAppSecret (str) - The secret of an Azure Active Directory server application (string)

  • aadTenantId (str) - The ID of an Azure Active Directory tenant (string)

  • addClientAppId (str) - The ID of an Azure Active Directory client application of type “Native”. This application is for user login via kubectl (string)

  • addServerAppId (str) - The ID of an Azure Active Directory server application of type “Web app/API”. This application represents the managed cluster’s apiserver (Server application) (string)

  • adminUsername (str) - The administrator username to use for Linux hosts. Default azureuser (string)

  • agentDnsPrefix (str) - DNS prefix to be used to create the FQDN for the agent pool (string)

  • agentOsDiskSize (float) - GB size to be used to specify the disk for every machine in the agent pool. If you specify 0, it will apply the default according to the “agent vm size” specified. Default 0 (int)

  • agentPoolName (str) - Name for the agent pool, upto 12 alphanumeric characters. Default agentpool0 (string)

  • agentStorageProfile (str) - Storage profile specifies what kind of storage used on machine in the agent pool. Chooses from [ManagedDisks StorageAccount]. Default ManagedDisks (string)

  • agentVmSize (str) - Size of machine in the agent pool. Default Standard_D1_v2 (string)

  • authBaseUrl (str) - Different authentication API url to use. Default https://login.microsoftonline.com/ (string)

  • baseUrl (str) - Different resource management API url to use. Default https://management.azure.com/ (string)

  • client_id (str) - Azure client ID to use (string)

  • client_secret (str) - Azure client secret associated with the “client id” (string)

  • count (float) - Number of machines (VMs) in the agent pool. Allowed values must be in the range of 1 to 100 (inclusive). Default 1 (int)

  • dnsServiceIp (str) - An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes Service address range specified in “service cidr”. Default 10.0.0.10 (string)

  • dockerBridgeCidr (str) - A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes Service address range specified in “service cidr”. Default 172.17.0.1/16 (string)

  • enableHttpApplicationRouting (bool) - Enable the Kubernetes ingress with automatic public DNS name creation. Default false (bool)

  • enableMonitoring (bool) - Turn on Azure Log Analytics monitoring. Uses the Log Analytics “Default” workspace if it exists, else creates one. if using an existing workspace, specifies “log analytics workspace resource id”. Default true (bool)

  • kubernetesVersion (str) - The Kubernetes master version (string)

  • location (str) - Azure Kubernetes cluster location. Default eastus (string)

  • logAnalyticsWorkspace (str) - The name of an existing Azure Log Analytics Workspace to use for storing monitoring data. If not specified, uses ‘{resource group}-{subscription id}-{location code}’ (string)

  • logAnalyticsWorkspaceResourceGroup (str) - The resource group of an existing Azure Log Analytics Workspace to use for storing monitoring data. If not specified, uses the ‘Cluster’ resource group (string)

  • masterDnsPrefix (str) - DNS prefix to use the Kubernetes cluster control pane (string)

  • maxPods (float) - Maximum number of pods that can run on a node. Default 110 (int)

  • networkPlugin (str) - Network plugin used for building Kubernetes network. Chooses from azure or kubenet. Default azure (string)

  • networkPolicy (str) - Network policy used for building Kubernetes network. Chooses from calico (string)

  • podCidr (str) - A CIDR notation IP range from which to assign Kubernetes Pod IPs when “network plugin” is specified in “kubenet”. Default 172.244.0.0/16 (string)

  • resourceGroup (str) - The name of the Cluster resource group (string)

  • serviceCidr (str) - A CIDR notation IP range from which to assign Kubernetes Service cluster IPs. It must not overlap with any Subnet IP ranges. Default 10.0.0.0/16 (string)

  • sshPublicKeyContents (str) - Contents of the SSH public key used to authenticate with Linux hosts (string)

  • subnet (str) - The name of an existing Azure Virtual Subnet. Composite of agent virtual network subnet ID (string)

  • subscriptionId (str) - Subscription credentials which uniquely identify Microsoft Azure subscription (string)

  • tag (dict) - Tags for Kubernetes cluster. For example, foo=bar (map)

  • tenant_id (str) - Azure tenant ID to use (string)

  • virtualNetwork (str) - The name of the virtual network to use. If it’s not specified Rancher will create a new VPC (string)

  • virtualNetworkResourceGroup (str) - The resource group of an existing Azure Virtual Network. Composite of agent virtual network subnet ID (string)

annotations = None

Annotations for cluster registration token object (map)

cluster_auth_endpoint = None

Enabling the local cluster authorized endpoint allows direct communication with the cluster, bypassing the Rancher API proxy. (list maxitems:1)

  • ca_certs (str) - CA certs for the authorized cluster endpoint (string)

  • enabled (bool) - Enable scheduled cluster scan. Default: false (bool)

  • fqdn (str) - FQDN for the authorized cluster endpoint (string)

cluster_monitoring_input = None

Cluster monitoring config. Any parameter defined in rancher-monitoring charts could be configured (list maxitems:1)

  • answers (dict) - Key/value answers for monitor input (map)

cluster_registration_token = None

(Computed) Cluster Registration Token generated for the cluster (list maxitems:1)

  • annotations (dict) - Annotations for cluster registration token object (map)

  • cluster_id (str) - Cluster ID (string)

  • command (str) - Command to execute in a imported k8s cluster (string)

  • id (str) - (Computed) The ID of the resource (string)

  • insecureCommand (str) - Insecure command to execute in a imported k8s cluster (string)

  • labels (dict) - Labels for cluster registration token object (map)

  • manifestUrl (str) - K8s manifest url to execute with kubectl to import an existing k8s cluster (string)

  • name (str) - Name of cluster registration token (string)

  • nodeCommand (str) - Node command to execute in linux nodes for custom k8s cluster (string)

  • token (str) - Token for cluster registration token object (string)

  • windowsNodeCommand (str) - Node command to execute in windows nodes for custom k8s cluster (string)

cluster_template_answers = None

Cluster template answers. Just for Rancher v2.3.x and above (list maxitems:1)

  • cluster_id (str) - Cluster ID (string)

  • project_id (str) - Project ID to apply answer (string)

  • values (dict) - Key/values for answer (map)

cluster_template_id = None

Cluster template ID. Just for Rancher v2.3.x and above (string)

cluster_template_questions = None

Cluster template questions. Just for Rancher v2.3.x and above (list)

  • default (str) - Default variable value (string)

  • required (bool) - Required variable. Default false (bool)

  • type (str) - Variable type. boolean, int and string are allowed. Default string (string)

  • variable (str) - Variable name (string)

cluster_template_revision_id = None

Cluster template revision ID. Just for Rancher v2.3.x and above (string)

default_pod_security_policy_template_id = None

Default pod security policy template id (string)

default_project_id = None

(Computed) Default project ID for the cluster (string)

description = None

An optional description of this cluster (string)

desired_agent_image = None

Desired agent image. Just for Rancher v2.3.x and above (string)

desired_auth_image = None

Desired auth image. Just for Rancher v2.3.x and above (string)

docker_root_dir = None

Desired auth image. Just for Rancher v2.3.x and above (string)

driver = None

(Computed) The driver used for the Cluster. imported, azurekubernetesservice, amazonelasticcontainerservice, googlekubernetesengine and rancherKubernetesEngine are supported (string)

eks_config = None

The Amazon EKS configuration for eks Clusters. Conflicts with aks_config, gke_config, k3s_config and rke_config (list maxitems:1)

  • access_key (str) - The AWS Client ID to use (string)

  • ami (str) - AMI ID to use for the worker nodes instead of the default (string)

  • associateWorkerNodePublicIp (bool) - Associate public ip EKS worker nodes. Default true (bool)

  • desiredNodes (float) - The desired number of worker nodes. Just for Rancher v2.3.x and above. Default 3 (int)

  • instanceType (str) - The type of machine to use for worker nodes. Default t2.medium (string)

  • keyPairName (str) - Allow user to specify key name to use. Just for Rancher v2.2.7 and above (string)

  • kubernetesVersion (str) - The Kubernetes master version (string)

  • maximumNodes (float) - The maximum number of worker nodes. Default 3 (int)

  • minimumNodes (float) - The minimum number of worker nodes. Default 1 (int)

  • nodeVolumeSize (float) - The volume size for each node. Default 20 (int)

  • region (str) - The AWS Region to create the EKS cluster in. Default us-west-2 (string)

  • secret_key (str) - The AWS Client Secret associated with the Client ID (string)

  • securityGroups (list) - List of security groups to use for the cluster. If it’s not specified Rancher will create a new security group (list)

  • serviceRole (str) - The service role to use to perform the cluster operations in AWS. If it’s not specified Rancher will create a new service role (string)

  • sessionToken (str) - A session token to use with the client key and secret if applicable (string)

  • subnets (list) - List of subnets in the virtual network to use. If it’s not specified Rancher will create 3 news subnets (list)

  • userData (str) - Pass user-data to the nodes to perform automated configuration tasks (string)

  • virtualNetwork (str) - The name of the virtual network to use. If it’s not specified Rancher will create a new VPC (string)

enable_cluster_alerting = None

Enable built-in cluster alerting. Default false (bool)

enable_cluster_istio = None

Enable built-in cluster istio. Default false. Just for Rancher v2.3.x and above (bool)

enable_cluster_monitoring = None

Enable built-in cluster monitoring. Default false (bool)

enable_network_policy = None

Enable project network isolation. Default false (bool)

  • scheduled_cluster_scan- (Optional) Cluster scheduled cis scan. For Rancher v2.4.0 or above (List maxitems:1)

gke_config = None

The Google GKE configuration for gke Clusters. Conflicts with aks_config, eks_config, k3s_config and rke_config (list maxitems:1)

  • clusterIpv4Cidr (str) - The IP address range of the container pods (string)

  • credential (str) - The contents of the GC credential file (string)

  • description (str) - An optional description of this cluster (string)

  • diskSizeGb (float) - Size of the disk attached to each node. Default 100 (int)

  • diskType (str) - Type of the disk attached to each node (string)

  • enableAlphaFeature (bool) - To enable Kubernetes alpha feature. Default true (bool)

  • enableAutoRepair (bool) - Specifies whether the node auto-repair is enabled for the node pool. Default false (bool)

  • enableAutoUpgrade (bool) - Specifies whether node auto-upgrade is enabled for the node pool. Default false (bool)

  • enableHorizontalPodAutoscaling (bool) - Enable horizontal pod autoscaling for the cluster. Default true (bool)

  • enableHttpLoadBalancing (bool) - Enable HTTP load balancing on GKE cluster. Default true (bool)

  • enableKubernetesDashboard (bool) - Whether to enable the Kubernetes dashboard. Default false (bool)

  • enableLegacyAbac (bool) - Whether to enable legacy abac on the cluster. Default false (bool)

  • enableMasterAuthorizedNetwork (bool)

  • enableNetworkPolicyConfig (bool) - Enable stackdriver logging. Default true (bool)

  • enableNodepoolAutoscaling (bool) - Enable nodepool autoscaling. Default false (bool)

  • enablePrivateEndpoint (bool) - Whether the master’s internal IP address is used as the cluster endpoint. Default false (bool)

  • enablePrivateNodes (bool) - Whether nodes have internal IP address only. Default false (bool)

  • enableStackdriverLogging (bool) - Enable stackdriver monitoring. Default true (bool)

  • enableStackdriverMonitoring (bool) - Enable stackdriver monitoring on GKE cluster (bool)

  • imageType (str) - The image to use for the worker nodes (string)

  • ipPolicyClusterIpv4CidrBlock (str) - The IP address range for the cluster pod IPs (string)

  • ipPolicyClusterSecondaryRangeName (str) - The name of the secondary range to be used for the cluster CIDR block (string)

  • ipPolicyCreateSubnetwork (bool) - Whether a new subnetwork will be created automatically for the cluster. Default false (bool)

  • ipPolicyNodeIpv4CidrBlock (str) - The IP address range of the instance IPs in this cluster (string)

  • ipPolicyServicesIpv4CidrBlock (str) - The IP address range of the services IPs in this cluster (string)

  • ipPolicyServicesSecondaryRangeName (str) - The name of the secondary range to be used for the services CIDR block (string)

  • ipPolicySubnetworkName (str) - A custom subnetwork name to be used if createSubnetwork is true (string)

  • issueClientCertificate (bool) - Issue a client certificate. Default false (bool)

  • kubernetesDashboard (bool) - Enable the Kubernetes dashboard. Default false (bool)

  • labels (dict) - Labels for cluster registration token object (map)

  • localSsdCount (float) - The number of local SSD disks to be attached to the node. Default 0 (int)

  • locations (list) - Locations for GKE cluster (list)

  • machineType (str) - Machine type for GKE cluster (string)

  • maintenanceWindow (str) - Maintenance window for GKE cluster (string)

  • masterAuthorizedNetworkCidrBlocks (list) - Define up to 10 external networks that could access Kubernetes master through HTTPS (list)

  • masterIpv4CidrBlock (str) - The IP range in CIDR notation to use for the hosted master network (string)

  • masterVersion (str) - Master version for GKE cluster (string)

  • maxNodeCount (float) - Maximum number of nodes in the NodePool. Must be >= minNodeCount. There has to enough quota to scale up the cluster. Default 0 (int)

  • minNodeCount (float) - Minimmum number of nodes in the NodePool. Must be >= 1 and <= maxNodeCount. Default 0 (int)

  • network (str) - Network for GKE cluster (string)

  • nodeCount (float) - Node count for GKE cluster. Default 3 (int)

  • nodePool (str) - The ID of the cluster node pool (string)

  • nodeVersion (str) - Node version for GKE cluster (string)

  • oauthScopes (list) - The set of Google API scopes to be made available on all of the node VMs under the default service account (list)

  • preemptible (bool) - Whether the nodes are created as preemptible VM instances. Default false (bool)

  • project_id (str) - Project ID to apply answer (string)

  • resourceLabels (dict) - The map of Kubernetes labels to be applied to each cluster (map)

  • serviceAccount (str) - The Google Cloud Platform Service Account to be used by the node VMs (string)

  • subNetwork (str) - Subnetwork for GKE cluster (string)

  • taints (list) - List of Kubernetes taints to be applied to each node (list)

  • useIpAliases (bool) - Whether alias IPs will be used for pod IPs in the cluster. Default false (bool)

  • zone (str) - Zone GKE cluster (string)

k3s_config = None

The K3S configuration for k3s imported Clusters. Conflicts with aks_config, eks_config, gke_config and rke_config (list maxitems:1)

  • upgrade_strategy (dict) - K3S upgrade strategy (List maxitems: 1)

    • drainServerNodes (bool) - Drain server nodes. Default: false (bool)

    • drainWorkerNodes (bool) - Drain worker nodes. Default: false (bool)

    • serverConcurrency (float) - Server concurrency. Default: 1 (int)

    • workerConcurrency (float) - Worker concurrency. Default: 1 (int)

  • version (str) - K3S kubernetes version (string)

kube_config = None

(Computed/Sensitive) Kube Config generated for the cluster (string)

labels = None

Labels for cluster registration token object (map)

name = None

Name of cluster registration token (string)

rke_config = None
The RKE configuration for `rke` Clusters. Conflicts with `aks_config`, `eks_config`, `gke_config` and `k3s_config` (list maxitems:1)

  * `addonJobTimeout` (`float`) - Duration in seconds of addon job (int)
  * `addons` (`str`) - Addons descripton to deploy on RKE cluster.
  * `addonsIncludes` (`list`) - Addons yaml manifests to deploy on RKE cluster (list)
  * `authentication` (`dict`) - Kubernetes cluster authentication (list maxitems:1)
    * `sans` (`list`) - RKE sans for authentication ([]string)
    * `strategy` (`str`) - RKE strategy for authentication (string)

  * `authorization` (`dict`) - Kubernetes cluster authorization (list maxitems:1)
    * `mode` (`str`) - RKE mode for authorization. `rbac` and `none` modes are available. Default `rbac` (string)
    * `options` (`dict`) - RKE options for network (map)

  * `bastionHost` (`dict`) - RKE bastion host (list maxitems:1)
    * `address` (`str`) - Address ip for node (string)
    * `port` (`str`) - Port for node. Default `22` (string)
    * `sshAgentAuth` (`bool`) - Use ssh agent auth. Default `false` (bool)
    * `sshKey` (`str`) - Node SSH private key (string)
    * `sshKeyPath` (`str`) - Node SSH private key path (string)
    * `user` (`str`) - Registry user (string)

  * `cloudProvider` (`dict`) - RKE options for Calico network provider (string)
    * `awsCloudProvider` (`dict`) - RKE AWS Cloud Provider config for Cloud Provider [rke-aws-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/aws/) (list maxitems:1)
      * `global` (`dict`) - (list maxitems:1)
        * `disableSecurityGroupIngress` (`bool`) - Default `false` (bool)
        * `disableStrictZoneCheck` (`bool`) - Default `false` (bool)
        * `elbSecurityGroup` (`str`) - (string)
        * `kubernetesClusterId` (`str`) - (string)
        * `kubernetesClusterTag` (`str`) - (string)
        * `roleArn` (`str`) - (string)
        * `routeTableId` (`str`) - (string)
        * `subnetId` (`str`) - (string)
        * `vpc` (`str`) - (string)
        * `zone` (`str`) - Zone GKE cluster (string)

      * `serviceOverrides` (`list`) - (list)
        * `region` (`str`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
        * `service` (`str`) - (string)
        * `signingMethod` (`str`) - (string)
        * `signingName` (`str`) - (string)
        * `signingRegion` (`str`) - (string)
        * `url` (`str`) - Registry URL (string)

    * `azureCloudProvider` (`dict`) - RKE Azure Cloud Provider config for Cloud Provider [rke-azure-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/azure/) (list maxitems:1)
      * `aadClientCertPassword` (`str`) - (string)
      * `aadClientCertPath` (`str`) - (string)
      * `aadClientId` (`str`) - (string)
      * `aadClientSecret` (`str`) - (string)
      * `cloud` (`str`) - (string)
      * `cloudProviderBackoff` (`bool`) - (bool)
      * `cloudProviderBackoffDuration` (`float`) - (int)
      * `cloudProviderBackoffExponent` (`float`) - (int)
      * `cloudProviderBackoffJitter` (`float`) - (int)
      * `cloudProviderBackoffRetries` (`float`) - (int)
      * `cloudProviderRateLimit` (`bool`) - (bool)
      * `cloudProviderRateLimitBucket` (`float`) - (int)
      * `cloudProviderRateLimitQps` (`float`) - (int)
      * `location` (`str`) - Azure Kubernetes cluster location. Default `eastus` (string)
      * `maximumLoadBalancerRuleCount` (`float`) - (int)
      * `primaryAvailabilitySetName` (`str`) - (string)
      * `primaryScaleSetName` (`str`) - (string)
      * `resourceGroup` (`str`) - The name of the Cluster resource group (string)
      * `routeTableName` (`str`) - (string)
      * `securityGroupName` (`str`) - (string)
      * `subnetName` (`str`) - (string)
      * `subscriptionId` (`str`) - Subscription credentials which uniquely identify Microsoft Azure subscription (string)
      * `tenant_id` (`str`) - Azure tenant ID to use (string)
      * `useInstanceMetadata` (`bool`) - (bool)
      * `useManagedIdentityExtension` (`bool`) - (bool)
      * `vmType` (`str`) - (string)
      * `vnetName` (`str`) - (string)
      * `vnetResourceGroup` (`str`) - (string)

    * `customCloudProvider` (`str`) - RKE Custom Cloud Provider config for Cloud Provider (string) (string)
    * `name` (`str`) - Name of cluster registration token (string)
    * `openstackCloudProvider` (`dict`) - RKE Openstack Cloud Provider config for Cloud Provider [rke-openstack-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/openstack/) (list maxitems:1)
      * `blockStorage` (`dict`) - (list maxitems:1)
        * `bsVersion` (`str`) - (string)
        * `ignoreVolumeAz` (`bool`) - (string)
        * `trustDevicePath` (`bool`) - (string)

      * `global` (`dict`) - (list maxitems:1)
        * `authUrl` (`str`) - (string)
        * `caFile` (`str`) - (string)
        * `domainId` (`str`) - Required if `domain_name` not provided. (string)
        * `domainName` (`str`) - Required if `domain_id` not provided. (string)
        * `password` (`str`) - Registry password (string)
        * `region` (`str`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
        * `tenant_id` (`str`) - Azure tenant ID to use (string)
        * `tenantName` (`str`) - Required if `tenant_id` not provided. (string)
        * `trustId` (`str`) - (string)
        * `username` (`str`) - (string)

      * `loadBalancer` (`dict`) - (list maxitems:1)
        * `createMonitor` (`bool`) - (bool)
        * `floatingNetworkId` (`str`) - (string)
        * `lbMethod` (`str`) - (string)
        * `lbProvider` (`str`) - (string)
        * `lbVersion` (`str`) - (string)
        * `manageSecurityGroups` (`bool`) - (bool)
        * `monitorDelay` (`str`) - Default `60s` (string)
        * `monitorMaxRetries` (`float`) - Default 5 (int)
        * `monitorTimeout` (`str`) - Default `30s` (string)
        * `subnetId` (`str`) - (string)
        * `useOctavia` (`bool`) - (bool)

      * `metadata` (`dict`) - (list maxitems:1)
        * `requestTimeout` (`float`) - (int)
        * `searchOrder` (`str`) - (string)

      * `route` (`dict`) - (list maxitems:1)
        * `routerId` (`str`) - (string)

    * `vsphereCloudProvider` (`dict`) - RKE Vsphere Cloud Provider config for Cloud Provider [rke-vsphere-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/vsphere/) Extra argument `name` is required on `virtual_center` configuration. (list maxitems:1)
      * `disk` (`dict`) - (list maxitems:1)
        * `scsiControllerType` (`str`) - (string)

      * `global` (`dict`) - (list maxitems:1)
        * `datacenters` (`str`) - (string)
        * `insecureFlag` (`bool`) - (bool)
        * `password` (`str`) - Registry password (string)
        * `port` (`str`) - Port for node. Default `22` (string)
        * `soapRoundtripCount` (`float`) - (int)
        * `user` (`str`) - Registry user (string)

      * `network` (`dict`) - Network for GKE cluster (string)
        * `publicNetwork` (`str`) - (string)

      * `virtualCenters` (`list`) - (List)
        * `datacenters` (`str`) - (string)
        * `name` (`str`) - Name of cluster registration token (string)
        * `password` (`str`) - Registry password (string)
        * `port` (`str`) - Port for node. Default `22` (string)
        * `soapRoundtripCount` (`float`) - (int)
        * `user` (`str`) - Registry user (string)

      * `workspace` (`dict`) - (list maxitems:1)
        * `datacenter` (`str`) - (string)
        * `defaultDatastore` (`str`) - (string)
        * `folder` (`str`) - Folder for S3 service. Available from Rancher v2.2.7 (string)
        * `resourcepoolPath` (`str`) - (string)
        * `server` (`str`) - (string)

  * `dns` (`dict`) - RKE dns add-on. Just for Rancher v2.2.x (list maxitems:1)
    * `nodeSelector` (`dict`) - Node selector for RKE Ingress (map)
    * `provider` (`str`) - Provider for RKE monitoring (string)
    * `reverseCidrs` (`list`) - DNS add-on reverse cidr  (list)
    * `upstreamNameservers` (`list`) - DNS add-on upstream nameservers  (list)

  * `ignoreDockerVersion` (`bool`) - Ignore docker version. Default `true` (bool)
  * `ingress` (`dict`) - Kubernetes ingress configuration (list maxitems:1)
    * `dnsPolicy` (`str`) - Ingress controller DNS policy. `ClusterFirstWithHostNet`, `ClusterFirst`, `Default`, and `None` are supported. [K8S dns Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) (string)
    * `extraArgs` (`dict`) - Extra arguments for scheduler service (map)
    * `nodeSelector` (`dict`) - Node selector for RKE Ingress (map)
    * `options` (`dict`) - RKE options for network (map)
    * `provider` (`str`) - Provider for RKE monitoring (string)

  * `kubernetesVersion` (`str`) - The Kubernetes master version (string)
  * `monitoring` (`dict`) - Kubernetes cluster monitoring (list maxitems:1)
    * `options` (`dict`) - RKE options for network (map)
    * `provider` (`str`) - Provider for RKE monitoring (string)

  * `network` (`dict`) - Network for GKE cluster (string)
    * `calicoNetworkProvider` (`dict`) - Calico provider config for RKE network (list maxitems:1)
      * `cloudProvider` (`str`) - RKE options for Calico network provider (string)

    * `canalNetworkProvider` (`dict`) - Canal provider config for RKE network (list maxitems:1)
      * `iface` (`str`) - Iface config Flannel network provider (string)

    * `flannelNetworkProvider` (`dict`) - Flannel provider config for RKE network (list maxitems:1)
      * `iface` (`str`) - Iface config Flannel network provider (string)

    * `mtu` (`float`) - Network provider MTU. Default `0` (int)
    * `options` (`dict`) - RKE options for network (map)
    * `plugin` (`str`) - Plugin for RKE network. `canal` (default), `flannel`, `calico`, `none` and `weave` are supported. (string)
    * `weaveNetworkProvider` (`dict`) - Weave provider config for RKE network (list maxitems:1)
      * `password` (`str`) - Registry password (string)

  * `nodes` (`list`) - RKE cluster nodes (list)
    * `address` (`str`) - Address ip for node (string)
    * `dockerSocket` (`str`) - Docker socket for node (string)
    * `hostnameOverride` (`str`) - Hostname override for node (string)
    * `internalAddress` (`str`) - Internal ip for node (string)
    * `labels` (`dict`) - Labels for cluster registration token object (map)
    * `nodeId` (`str`) - Id for the node (string)
    * `port` (`str`) - Port for node. Default `22` (string)
    * `roles` (`list`) - Roles for the node. `controlplane`, `etcd` and `worker` are supported. (list)
    * `sshAgentAuth` (`bool`) - Use ssh agent auth. Default `false` (bool)
    * `sshKey` (`str`) - Node SSH private key (string)
    * `sshKeyPath` (`str`) - Node SSH private key path (string)
    * `user` (`str`) - Registry user (string)

  * `prefixPath` (`str`) - Prefix to customize Kubernetes path (string)
  * `privateRegistries` (`list`) - private registries for docker images (list)
    * `isDefault` (`bool`) - Set as default registry. Default `false` (bool)
    * `password` (`str`) - Registry password (string)
    * `url` (`str`) - Registry URL (string)
    * `user` (`str`) - Registry user (string)

  * `services` (`dict`) - Kubernetes cluster services (list maxitems:1)
    * `etcd` (`dict`) - Etcd options for RKE services (list maxitems:1)
      * `backup_config` (`dict`) - Backup options for etcd service. Just for Rancher v2.2.x (list maxitems:1)
        * `enabled` (`bool`) - Enable scheduled cluster scan. Default: `false` (bool)
        * `intervalHours` (`float`) - Interval hours for etcd backup. Default `12` (int)
        * `retention` (`float`) - Retention for etcd backup. Default `6` (int)
        * `s3BackupConfig` (`dict`) - S3 config options for etcd backup (list maxitems:1)
          * `access_key` (`str`) - The AWS Client ID to use (string)
          * `bucketName` (`str`) - Bucket name for S3 service (string)
          * `customCa` (`str`) - Base64 encoded custom CA for S3 service. Use filebase64(<FILE>) for encoding file. Available from Rancher v2.2.5 (string)
          * `endpoint` (`str`) - Endpoint for S3 service (string)
          * `folder` (`str`) - Folder for S3 service. Available from Rancher v2.2.7 (string)
          * `region` (`str`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
          * `secret_key` (`str`) - The AWS Client Secret associated with the Client ID (string)

        * `safeTimestamp` (`bool`) - Safe timestamp for etcd backup. Default: `false` (bool)

      * `caCert` (`str`) - TLS CA certificate for etcd service (string)
      * `cert` (`str`) - TLS certificate for etcd service (string)
      * `creation` (`str`) - Creation option for etcd service (string)
      * `externalUrls` (`list`) - External urls for etcd service (list)
      * `extraArgs` (`dict`) - Extra arguments for scheduler service (map)
      * `extraBinds` (`list`) - Extra binds for scheduler service (list)
      * `extraEnvs` (`list`) - Extra environment for scheduler service (list)
      * `gid` (`float`) - Etcd service GID. Default: `0`. For Rancher v2.3.x or above (int)
      * `image` (`str`) - Docker image for scheduler service (string)
      * `key` (`str`) - TLS key for etcd service (string)
      * `path` (`str`) - (Optional) Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
      * `retention` (`str`) - Retention for etcd backup. Default `6` (int)
      * `snapshot` (`bool`) - Snapshot option for etcd service (bool)
      * `uid` (`float`) - Etcd service UID. Default: `0`. For Rancher v2.3.x or above (int)

    * `kubeApi` (`dict`) - Kube API options for RKE services (list maxitems:1)
      * `admissionConfiguration` (`dict`) - Admission configuration (map)
      * `alwaysPullImages` (`bool`) - Enable [AlwaysPullImages](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages) Admission controller plugin. [Rancher docs](https://rancher.com/docs/rke/latest/en/config-options/services/#kubernetes-api-server-options) Default: `false` (bool)
      * `auditLog` (`dict`) - K8s audit log configuration. (list maxitems: 1)
        * `configuration` (`dict`) - Event rate limit configuration. (map)
          * `format` (`str`) - Audit log format. Default: 'json' (string)
          * `maxAge` (`float`) - Audit log max age. Default: `30` (int)
          * `maxBackup` (`float`) - Audit log max backup. Default: `10` (int)
          * `maxSize` (`float`) - Audit log max size. Default: `100` (int)
          * `path` (`str`) - (Optional) Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
          * `policy` (`str`) - Audit policy yaml encoded definition. `apiVersion` and `kind: Policy

rules:”fields are required in the yaml. Ex.”apiVersion: audit.k8s.io/v1 kind: Policy rules:

  • level: RequestResponse resources:

    • resources:

      • pods “` More info (string)

          * `enabled` (`bool`) - Enable scheduled cluster scan. Default: `false` (bool)
        
        * `eventRateLimit` (`dict`) - K8s event rate limit configuration. (list maxitems: 1)
          * `configuration` (`dict`) - Event rate limit configuration. (map)
          * `enabled` (`bool`) - Enable scheduled cluster scan. Default: `false` (bool)
        
        * `extraArgs` (`dict`) - Extra arguments for scheduler service (map)
        * `extraBinds` (`list`) - Extra binds for scheduler service (list)
        * `extraEnvs` (`list`) - Extra environment for scheduler service (list)
        * `image` (`str`) - Docker image for scheduler service (string)
        * `podSecurityPolicy` (`bool`) - Pod Security Policy option for kube API service. Default `false` (bool)
        * `secretsEncryptionConfig` (`dict`) - [Encrypt k8s secret data configration](https://rancher.com/docs/rke/latest/en/config-options/secrets-encryption/). (list maxitem: 1)
          * `customConfig` (`dict`) - Secrets encryption configuration. (map)
          * `enabled` (`bool`) - Enable scheduled cluster scan. Default: `false` (bool)
        
        * `serviceClusterIpRange` (`str`) - Service Cluster ip Range option for kube controller service (string)
        * `serviceNodePortRange` (`str`) - Service Node Port Range option for kube API service (string)
        
        • kubeController (dict) - Kube Controller options for RKE services (list maxitems:1)

          • clusterCidr (str) - Cluster CIDR option for kube controller service (string)

          • extraArgs (dict) - Extra arguments for scheduler service (map)

          • extraBinds (list) - Extra binds for scheduler service (list)

          • extraEnvs (list) - Extra environment for scheduler service (list)

          • image (str) - Docker image for scheduler service (string)

          • serviceClusterIpRange (str) - Service Cluster ip Range option for kube controller service (string)

        • kubelet (dict) - Kubelet options for RKE services (list maxitems:1)

          • clusterDnsServer (str) - Cluster DNS Server option for kubelet service (string)

          • clusterDomain (str) - Cluster Domain option for kubelet service (string)

          • extraArgs (dict) - Extra arguments for scheduler service (map)

          • extraBinds (list) - Extra binds for scheduler service (list)

          • extraEnvs (list) - Extra environment for scheduler service (list)

          • failSwapOn (bool) - Enable or disable failing when swap on is not supported (bool)

          • generateServingCertificate (bool)

          • image (str) - Docker image for scheduler service (string)

          • infraContainerImage (str) - Infra container image for kubelet service (string)

        • kubeproxy (dict) - Kubeproxy options for RKE services (list maxitems:1)

          • extraArgs (dict) - Extra arguments for scheduler service (map)

          • extraBinds (list) - Extra binds for scheduler service (list)

          • extraEnvs (list) - Extra environment for scheduler service (list)

          • image (str) - Docker image for scheduler service (string)

        • scheduler (dict) - Scheduler options for RKE services (list maxitems:1)

          • extraArgs (dict) - Extra arguments for scheduler service (map)

          • extraBinds (list) - Extra binds for scheduler service (list)

          • extraEnvs (list) - Extra environment for scheduler service (list)

          • image (str) - Docker image for scheduler service (string)

        • sshAgentAuth (bool) - Use ssh agent auth. Default false (bool)

        • sshCertPath (str) - Cluster level SSH certificate path (string)

        • sshKeyPath (str) - Node SSH private key path (string)

        • upgrade_strategy (dict) - K3S upgrade strategy (List maxitems: 1)

          • drain (bool) - RKE drain nodes. Default: false (bool)

          • drainInput (dict) - RKE drain node input (list Maxitems: 1)

            • deleteLocalData (bool) - Delete RKE node local data. Default: false (bool)

            • force (bool) - Force RKE node drain. Default: false (bool)

            • gracePeriod (float) - RKE node drain grace period. Default: -1 (int)

            • ignoreDaemonSets (bool) - Ignore RKE daemon sets. Default: true (bool)

            • timeout (float) - RKE node drain timeout. Default: 60 (int)

          • maxUnavailableControlplane (str) - RKE max unavailable controlplane nodes. Default: 1 (string)

          • maxUnavailableWorker (str) - RKE max unavailable worker nodes. Default: 10% (string)

scheduled_cluster_scan = None

Cluster scheduled scan

  • enabled (bool) - Enable scheduled cluster scan. Default: false (bool)

  • scanConfig (dict) - Cluster scan config (List maxitems:1)

    • cisScanConfig (dict) - Cluster Cis Scan config (List maxitems:1)

      • debugMaster (bool) - Debug master. Default: false (bool)

      • debugWorker (bool) - Debug worker. Default: false (bool)

      • overrideBenchmarkVersion (str) - Override benchmark version (string)

      • overrideSkips (list) - Override skip (string)

      • profile (str) - Cis scan profile. Allowed values: "permissive" (default) || "hardened" (string)

  • scheduleConfig (dict) - Cluster scan schedule config (list maxitems:1)

    • cronSchedule (str) - Crontab schedule. It should contains 5 fields "<min> <hour> <month_day> <month> <week_day>" (string)

    • retention (float) - Retention for etcd backup. Default 6 (int)

system_project_id = None

(Computed) System project ID for the cluster (string)

windows_prefered_cluster = None

Windows preferred cluster. Default: false (bool)

static get(resource_name, id, opts=None, aks_config=None, annotations=None, cluster_auth_endpoint=None, cluster_monitoring_input=None, cluster_registration_token=None, cluster_template_answers=None, cluster_template_id=None, cluster_template_questions=None, cluster_template_revision_id=None, default_pod_security_policy_template_id=None, default_project_id=None, description=None, desired_agent_image=None, desired_auth_image=None, docker_root_dir=None, driver=None, eks_config=None, enable_cluster_alerting=None, enable_cluster_istio=None, enable_cluster_monitoring=None, enable_network_policy=None, gke_config=None, k3s_config=None, kube_config=None, labels=None, name=None, rke_config=None, scheduled_cluster_scan=None, system_project_id=None, windows_prefered_cluster=None)
Get an existing Cluster resource's state with the given name, id, and optional extra
properties used to qualify the lookup.

:param str resource_name: The unique name of the resulting resource.
:param str id: The unique provider ID of the resource to lookup.
:param pulumi.ResourceOptions opts: Options for the resource.
:param pulumi.Input[dict] aks_config: The Azure AKS configuration for `aks` Clusters. Conflicts with `eks_config`, `gke_config`, `k3s_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[dict] annotations: Annotations for cluster registration token object (map)
:param pulumi.Input[dict] cluster_auth_endpoint: Enabling the [local cluster authorized endpoint](https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/options/#local-cluster-auth-endpoint) allows direct communication with the cluster, bypassing the Rancher API proxy. (list maxitems:1)
:param pulumi.Input[dict] cluster_monitoring_input: Cluster monitoring config. Any parameter defined in [rancher-monitoring charts](https://github.com/rancher/system-charts/tree/dev/charts/rancher-monitoring) could be configured  (list maxitems:1)
:param pulumi.Input[dict] cluster_registration_token: (Computed) Cluster Registration Token generated for the cluster (list maxitems:1)
:param pulumi.Input[dict] cluster_template_answers: Cluster template answers. Just for Rancher v2.3.x and above (list maxitems:1)
:param pulumi.Input[str] cluster_template_id: Cluster template ID. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[list] cluster_template_questions: Cluster template questions. Just for Rancher v2.3.x and above (list)
:param pulumi.Input[str] cluster_template_revision_id: Cluster template revision ID. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] default_pod_security_policy_template_id: [Default pod security policy template id](https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/options/#pod-security-policy-support) (string)
:param pulumi.Input[str] default_project_id: (Computed) Default project ID for the cluster (string)
:param pulumi.Input[str] description: An optional description of this cluster (string)
:param pulumi.Input[str] desired_agent_image: Desired agent image. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] desired_auth_image: Desired auth image. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] docker_root_dir: Desired auth image. Just for Rancher v2.3.x and above (string)
:param pulumi.Input[str] driver: (Computed) The driver used for the Cluster. `imported`, `azurekubernetesservice`, `amazonelasticcontainerservice`, `googlekubernetesengine` and `rancherKubernetesEngine` are supported (string)
:param pulumi.Input[dict] eks_config: The Amazon EKS configuration for `eks` Clusters. Conflicts with `aks_config`, `gke_config`, `k3s_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[bool] enable_cluster_alerting: Enable built-in cluster alerting. Default `false` (bool)
:param pulumi.Input[bool] enable_cluster_istio: Enable built-in cluster istio. Default `false`. Just for Rancher v2.3.x and above (bool)
:param pulumi.Input[bool] enable_cluster_monitoring: Enable built-in cluster monitoring. Default `false` (bool)
:param pulumi.Input[bool] enable_network_policy: Enable project network isolation. Default `false` (bool)
       * `scheduled_cluster_scan`- (Optional) Cluster scheduled cis scan. For Rancher v2.4.0 or above (List maxitems:1)
:param pulumi.Input[dict] gke_config: The Google GKE configuration for `gke` Clusters. Conflicts with `aks_config`, `eks_config`, `k3s_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[dict] k3s_config: The K3S configuration for `k3s` imported Clusters. Conflicts with `aks_config`, `eks_config`, `gke_config` and `rke_config` (list maxitems:1)
:param pulumi.Input[str] kube_config: (Computed/Sensitive) Kube Config generated for the cluster (string)
:param pulumi.Input[dict] labels: Labels for cluster registration token object (map)
:param pulumi.Input[str] name: Name of cluster registration token (string)
:param pulumi.Input[dict] rke_config: The RKE configuration for `rke` Clusters. Conflicts with `aks_config`, `eks_config`, `gke_config` and `k3s_config` (list maxitems:1)
:param pulumi.Input[dict] scheduled_cluster_scan: Cluster scheduled scan
:param pulumi.Input[str] system_project_id: (Computed) System project ID for the cluster (string)
:param pulumi.Input[bool] windows_prefered_cluster: Windows preferred cluster. Default: `false` (bool)

The **aks_config** object supports the following:

  * `aadServerAppSecret` (`pulumi.Input[str]`) - The secret of an Azure Active Directory server application (string)
  * `aadTenantId` (`pulumi.Input[str]`) - The ID of an Azure Active Directory tenant (string)
  * `addClientAppId` (`pulumi.Input[str]`) - The ID of an Azure Active Directory client application of type "Native". This application is for user login via kubectl (string)
  * `addServerAppId` (`pulumi.Input[str]`) - The ID of an Azure Active Directory server application of type "Web app/API". This application represents the managed cluster's apiserver (Server application) (string)
  * `adminUsername` (`pulumi.Input[str]`) - The administrator username to use for Linux hosts. Default `azureuser` (string)
  * `agentDnsPrefix` (`pulumi.Input[str]`) - DNS prefix to be used to create the FQDN for the agent pool (string)
  * `agentOsDiskSize` (`pulumi.Input[float]`) - GB size to be used to specify the disk for every machine in the agent pool. If you specify 0, it will apply the default according to the "agent vm size" specified. Default `0` (int)
  * `agentPoolName` (`pulumi.Input[str]`) - Name for the agent pool, upto 12 alphanumeric characters. Default `agentpool0` (string)
  * `agentStorageProfile` (`pulumi.Input[str]`) - Storage profile specifies what kind of storage used on machine in the agent pool. Chooses from [ManagedDisks StorageAccount]. Default `ManagedDisks` (string)
  * `agentVmSize` (`pulumi.Input[str]`) - Size of machine in the agent pool. Default `Standard_D1_v2` (string)
  * `authBaseUrl` (`pulumi.Input[str]`) - Different authentication API url to use. Default `https://login.microsoftonline.com/` (string)
  * `baseUrl` (`pulumi.Input[str]`) - Different resource management API url to use. Default `https://management.azure.com/` (string)
  * `client_id` (`pulumi.Input[str]`) - Azure client ID to use (string)
  * `client_secret` (`pulumi.Input[str]`) - Azure client secret associated with the "client id" (string)
  * `count` (`pulumi.Input[float]`) - Number of machines (VMs) in the agent pool. Allowed values must be in the range of 1 to 100 (inclusive). Default `1` (int)
  * `dnsServiceIp` (`pulumi.Input[str]`) - An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes Service address range specified in "service cidr". Default `10.0.0.10` (string)
  * `dockerBridgeCidr` (`pulumi.Input[str]`) - A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes Service address range specified in "service cidr". Default `172.17.0.1/16` (string)
  * `enableHttpApplicationRouting` (`pulumi.Input[bool]`) - Enable the Kubernetes ingress with automatic public DNS name creation. Default `false` (bool)
  * `enableMonitoring` (`pulumi.Input[bool]`) - Turn on Azure Log Analytics monitoring. Uses the Log Analytics "Default" workspace if it exists, else creates one. if using an existing workspace, specifies "log analytics workspace resource id". Default `true` (bool)
  * `kubernetesVersion` (`pulumi.Input[str]`) - The Kubernetes master version (string)
  * `location` (`pulumi.Input[str]`) - Azure Kubernetes cluster location. Default `eastus` (string)
  * `logAnalyticsWorkspace` (`pulumi.Input[str]`) - The name of an existing Azure Log Analytics Workspace to use for storing monitoring data. If not specified, uses '{resource group}-{subscription id}-{location code}' (string)
  * `logAnalyticsWorkspaceResourceGroup` (`pulumi.Input[str]`) - The resource group of an existing Azure Log Analytics Workspace to use for storing monitoring data. If not specified, uses the 'Cluster' resource group (string)
  * `masterDnsPrefix` (`pulumi.Input[str]`) - DNS prefix to use the Kubernetes cluster control pane (string)
  * `maxPods` (`pulumi.Input[float]`) - Maximum number of pods that can run on a node. Default `110` (int)
  * `networkPlugin` (`pulumi.Input[str]`) - Network plugin used for building Kubernetes network. Chooses from `azure` or `kubenet`. Default `azure` (string)
  * `networkPolicy` (`pulumi.Input[str]`) - Network policy used for building Kubernetes network. Chooses from `calico` (string)
  * `podCidr` (`pulumi.Input[str]`) - A CIDR notation IP range from which to assign Kubernetes Pod IPs when "network plugin" is specified in "kubenet". Default `172.244.0.0/16` (string)
  * `resourceGroup` (`pulumi.Input[str]`) - The name of the Cluster resource group (string)
  * `serviceCidr` (`pulumi.Input[str]`) - A CIDR notation IP range from which to assign Kubernetes Service cluster IPs. It must not overlap with any Subnet IP ranges. Default `10.0.0.0/16` (string)
  * `sshPublicKeyContents` (`pulumi.Input[str]`) - Contents of the SSH public key used to authenticate with Linux hosts (string)
  * `subnet` (`pulumi.Input[str]`) - The name of an existing Azure Virtual Subnet. Composite of agent virtual network subnet ID (string)
  * `subscriptionId` (`pulumi.Input[str]`) - Subscription credentials which uniquely identify Microsoft Azure subscription (string)
  * `tag` (`pulumi.Input[dict]`) - Tags for Kubernetes cluster. For example, foo=bar (map)
  * `tenant_id` (`pulumi.Input[str]`) - Azure tenant ID to use (string)
  * `virtualNetwork` (`pulumi.Input[str]`) - The name of the virtual network to use. If it's not specified Rancher will create a new VPC (string)
  * `virtualNetworkResourceGroup` (`pulumi.Input[str]`) - The resource group of an existing Azure Virtual Network. Composite of agent virtual network subnet ID (string)

The **cluster_auth_endpoint** object supports the following:

  * `ca_certs` (`pulumi.Input[str]`) - CA certs for the authorized cluster endpoint (string)
  * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
  * `fqdn` (`pulumi.Input[str]`) - FQDN for the authorized cluster endpoint (string)

The **cluster_monitoring_input** object supports the following:

  * `answers` (`pulumi.Input[dict]`) - Key/value answers for monitor input (map)

The **cluster_registration_token** object supports the following:

  * `annotations` (`pulumi.Input[dict]`) - Annotations for cluster registration token object (map)
  * `cluster_id` (`pulumi.Input[str]`) - Cluster ID (string)
  * `command` (`pulumi.Input[str]`) - Command to execute in a imported k8s cluster (string)
  * `id` (`pulumi.Input[str]`) - (Computed) The ID of the resource (string)
  * `insecureCommand` (`pulumi.Input[str]`) - Insecure command to execute in a imported k8s cluster (string)
  * `labels` (`pulumi.Input[dict]`) - Labels for cluster registration token object (map)
  * `manifestUrl` (`pulumi.Input[str]`) - K8s manifest url to execute with `kubectl` to import an existing k8s cluster (string)
  * `name` (`pulumi.Input[str]`) - Name of cluster registration token (string)
  * `nodeCommand` (`pulumi.Input[str]`) - Node command to execute in linux nodes for custom k8s cluster (string)
  * `token` (`pulumi.Input[str]`) - Token for cluster registration token object (string)
  * `windowsNodeCommand` (`pulumi.Input[str]`) - Node command to execute in windows nodes for custom k8s cluster (string)

The **cluster_template_answers** object supports the following:

  * `cluster_id` (`pulumi.Input[str]`) - Cluster ID (string)
  * `project_id` (`pulumi.Input[str]`) - Project ID to apply answer (string)
  * `values` (`pulumi.Input[dict]`) - Key/values for answer (map)

The **cluster_template_questions** object supports the following:

  * `default` (`pulumi.Input[str]`) - Default variable value (string)
  * `required` (`pulumi.Input[bool]`) - Required variable. Default `false` (bool)
  * `type` (`pulumi.Input[str]`) - Variable type. `boolean`, `int` and `string` are allowed. Default `string` (string)
  * `variable` (`pulumi.Input[str]`) - Variable name (string)

The **eks_config** object supports the following:

  * `access_key` (`pulumi.Input[str]`) - The AWS Client ID to use (string)
  * `ami` (`pulumi.Input[str]`) - AMI ID to use for the worker nodes instead of the default (string)
  * `associateWorkerNodePublicIp` (`pulumi.Input[bool]`) - Associate public ip EKS worker nodes. Default `true` (bool)
  * `desiredNodes` (`pulumi.Input[float]`) - The desired number of worker nodes. Just for Rancher v2.3.x and above. Default `3` (int)
  * `instanceType` (`pulumi.Input[str]`) - The type of machine to use for worker nodes. Default `t2.medium` (string)
  * `keyPairName` (`pulumi.Input[str]`) - Allow user to specify key name to use. Just for Rancher v2.2.7 and above (string)
  * `kubernetesVersion` (`pulumi.Input[str]`) - The Kubernetes master version (string)
  * `maximumNodes` (`pulumi.Input[float]`) - The maximum number of worker nodes. Default `3` (int)
  * `minimumNodes` (`pulumi.Input[float]`) - The minimum number of worker nodes. Default `1` (int)
  * `nodeVolumeSize` (`pulumi.Input[float]`) - The volume size for each node. Default `20` (int)
  * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
  * `secret_key` (`pulumi.Input[str]`) - The AWS Client Secret associated with the Client ID (string)
  * `securityGroups` (`pulumi.Input[list]`) - List of security groups to use for the cluster. If it's not specified Rancher will create a new security group (list)
  * `serviceRole` (`pulumi.Input[str]`) - The service role to use to perform the cluster operations in AWS. If it's not specified Rancher will create a new service role (string)
  * `sessionToken` (`pulumi.Input[str]`) - A session token to use with the client key and secret if applicable (string)
  * `subnets` (`pulumi.Input[list]`) - List of subnets in the virtual network to use. If it's not specified Rancher will create 3 news subnets (list)
  * `userData` (`pulumi.Input[str]`) - Pass user-data to the nodes to perform automated configuration tasks (string)
  * `virtualNetwork` (`pulumi.Input[str]`) - The name of the virtual network to use. If it's not specified Rancher will create a new VPC (string)

The **gke_config** object supports the following:

  * `clusterIpv4Cidr` (`pulumi.Input[str]`) - The IP address range of the container pods (string)
  * `credential` (`pulumi.Input[str]`) - The contents of the GC credential file (string)
  * `description` (`pulumi.Input[str]`) - An optional description of this cluster (string)
  * `diskSizeGb` (`pulumi.Input[float]`) - Size of the disk attached to each node. Default `100` (int)
  * `diskType` (`pulumi.Input[str]`) - Type of the disk attached to each node (string)
  * `enableAlphaFeature` (`pulumi.Input[bool]`) - To enable Kubernetes alpha feature. Default `true` (bool)
  * `enableAutoRepair` (`pulumi.Input[bool]`) - Specifies whether the node auto-repair is enabled for the node pool. Default `false` (bool)
  * `enableAutoUpgrade` (`pulumi.Input[bool]`) - Specifies whether node auto-upgrade is enabled for the node pool. Default `false` (bool)
  * `enableHorizontalPodAutoscaling` (`pulumi.Input[bool]`) - Enable horizontal pod autoscaling for the cluster. Default `true` (bool)
  * `enableHttpLoadBalancing` (`pulumi.Input[bool]`) - Enable HTTP load balancing on GKE cluster. Default `true` (bool)
  * `enableKubernetesDashboard` (`pulumi.Input[bool]`) - Whether to enable the Kubernetes dashboard. Default `false` (bool)
  * `enableLegacyAbac` (`pulumi.Input[bool]`) - Whether to enable legacy abac on the cluster. Default `false` (bool)
  * `enableMasterAuthorizedNetwork` (`pulumi.Input[bool]`)
  * `enableNetworkPolicyConfig` (`pulumi.Input[bool]`) - Enable stackdriver logging. Default `true` (bool)
  * `enableNodepoolAutoscaling` (`pulumi.Input[bool]`) - Enable nodepool autoscaling. Default `false` (bool)
  * `enablePrivateEndpoint` (`pulumi.Input[bool]`) - Whether the master's internal IP address is used as the cluster endpoint. Default `false` (bool)
  * `enablePrivateNodes` (`pulumi.Input[bool]`) - Whether nodes have internal IP address only. Default `false` (bool)
  * `enableStackdriverLogging` (`pulumi.Input[bool]`) - Enable stackdriver monitoring. Default `true` (bool)
  * `enableStackdriverMonitoring` (`pulumi.Input[bool]`) - Enable stackdriver monitoring on GKE cluster (bool)
  * `imageType` (`pulumi.Input[str]`) - The image to use for the worker nodes (string)
  * `ipPolicyClusterIpv4CidrBlock` (`pulumi.Input[str]`) - The IP address range for the cluster pod IPs (string)
  * `ipPolicyClusterSecondaryRangeName` (`pulumi.Input[str]`) - The name of the secondary range to be used for the cluster CIDR block (string)
  * `ipPolicyCreateSubnetwork` (`pulumi.Input[bool]`) - Whether a new subnetwork will be created automatically for the cluster. Default `false` (bool)
  * `ipPolicyNodeIpv4CidrBlock` (`pulumi.Input[str]`) - The IP address range of the instance IPs in this cluster (string)
  * `ipPolicyServicesIpv4CidrBlock` (`pulumi.Input[str]`) - The IP address range of the services IPs in this cluster (string)
  * `ipPolicyServicesSecondaryRangeName` (`pulumi.Input[str]`) - The name of the secondary range to be used for the services CIDR block (string)
  * `ipPolicySubnetworkName` (`pulumi.Input[str]`) - A custom subnetwork name to be used if createSubnetwork is true (string)
  * `issueClientCertificate` (`pulumi.Input[bool]`) - Issue a client certificate. Default `false` (bool)
  * `kubernetesDashboard` (`pulumi.Input[bool]`) - Enable the Kubernetes dashboard. Default `false` (bool)
  * `labels` (`pulumi.Input[dict]`) - Labels for cluster registration token object (map)
  * `localSsdCount` (`pulumi.Input[float]`) - The number of local SSD disks to be attached to the node. Default `0` (int)
  * `locations` (`pulumi.Input[list]`) - Locations for GKE cluster (list)
  * `machineType` (`pulumi.Input[str]`) - Machine type for GKE cluster (string)
  * `maintenanceWindow` (`pulumi.Input[str]`) - Maintenance window for GKE cluster (string)
  * `masterAuthorizedNetworkCidrBlocks` (`pulumi.Input[list]`) - Define up to 10 external networks that could access Kubernetes master through HTTPS (list)
  * `masterIpv4CidrBlock` (`pulumi.Input[str]`) - The IP range in CIDR notation to use for the hosted master network (string)
  * `masterVersion` (`pulumi.Input[str]`) - Master version for GKE cluster (string)
  * `maxNodeCount` (`pulumi.Input[float]`) - Maximum number of nodes in the NodePool. Must be >= minNodeCount. There has to enough quota to scale up the cluster. Default `0` (int)
  * `minNodeCount` (`pulumi.Input[float]`) - Minimmum number of nodes in the NodePool. Must be >= 1 and <= maxNodeCount. Default `0` (int)
  * `network` (`pulumi.Input[str]`) - Network for GKE cluster (string)
  * `nodeCount` (`pulumi.Input[float]`) - Node count for GKE cluster. Default `3` (int)
  * `nodePool` (`pulumi.Input[str]`) - The ID of the cluster node pool (string)
  * `nodeVersion` (`pulumi.Input[str]`) - Node version for GKE cluster (string)
  * `oauthScopes` (`pulumi.Input[list]`) - The set of Google API scopes to be made available on all of the node VMs under the default service account (list)
  * `preemptible` (`pulumi.Input[bool]`) - Whether the nodes are created as preemptible VM instances. Default `false` (bool)
  * `project_id` (`pulumi.Input[str]`) - Project ID to apply answer (string)
  * `resourceLabels` (`pulumi.Input[dict]`) - The map of Kubernetes labels to be applied to each cluster (map)
  * `serviceAccount` (`pulumi.Input[str]`) - The Google Cloud Platform Service Account to be used by the node VMs (string)
  * `subNetwork` (`pulumi.Input[str]`) - Subnetwork for GKE cluster (string)
  * `taints` (`pulumi.Input[list]`) - List of Kubernetes taints to be applied to each node (list)
  * `useIpAliases` (`pulumi.Input[bool]`) - Whether alias IPs will be used for pod IPs in the cluster. Default `false` (bool)
  * `zone` (`pulumi.Input[str]`) - Zone GKE cluster (string)

The **k3s_config** object supports the following:

  * `upgrade_strategy` (`pulumi.Input[dict]`) - K3S upgrade strategy (List maxitems: 1)
    * `drainServerNodes` (`pulumi.Input[bool]`) - Drain server nodes. Default: `false` (bool)
    * `drainWorkerNodes` (`pulumi.Input[bool]`) - Drain worker nodes. Default: `false` (bool)
    * `serverConcurrency` (`pulumi.Input[float]`) - Server concurrency. Default: `1` (int)
    * `workerConcurrency` (`pulumi.Input[float]`) - Worker concurrency. Default: `1` (int)

  * `version` (`pulumi.Input[str]`) - K3S kubernetes version (string)

The **rke_config** object supports the following:

  * `addonJobTimeout` (`pulumi.Input[float]`) - Duration in seconds of addon job (int)
  * `addons` (`pulumi.Input[str]`) - Addons descripton to deploy on RKE cluster.
  * `addonsIncludes` (`pulumi.Input[list]`) - Addons yaml manifests to deploy on RKE cluster (list)
  * `authentication` (`pulumi.Input[dict]`) - Kubernetes cluster authentication (list maxitems:1)
    * `sans` (`pulumi.Input[list]`) - RKE sans for authentication ([]string)
    * `strategy` (`pulumi.Input[str]`) - RKE strategy for authentication (string)

  * `authorization` (`pulumi.Input[dict]`) - Kubernetes cluster authorization (list maxitems:1)
    * `mode` (`pulumi.Input[str]`) - RKE mode for authorization. `rbac` and `none` modes are available. Default `rbac` (string)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)

  * `bastionHost` (`pulumi.Input[dict]`) - RKE bastion host (list maxitems:1)
    * `address` (`pulumi.Input[str]`) - Address ip for node (string)
    * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
    * `sshAgentAuth` (`pulumi.Input[bool]`) - Use ssh agent auth. Default `false` (bool)
    * `sshKey` (`pulumi.Input[str]`) - Node SSH private key (string)
    * `sshKeyPath` (`pulumi.Input[str]`) - Node SSH private key path (string)
    * `user` (`pulumi.Input[str]`) - Registry user (string)

  * `cloudProvider` (`pulumi.Input[dict]`) - RKE options for Calico network provider (string)
    * `awsCloudProvider` (`pulumi.Input[dict]`) - RKE AWS Cloud Provider config for Cloud Provider [rke-aws-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/aws/) (list maxitems:1)
      * `global` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `disableSecurityGroupIngress` (`pulumi.Input[bool]`) - Default `false` (bool)
        * `disableStrictZoneCheck` (`pulumi.Input[bool]`) - Default `false` (bool)
        * `elbSecurityGroup` (`pulumi.Input[str]`) - (string)
        * `kubernetesClusterId` (`pulumi.Input[str]`) - (string)
        * `kubernetesClusterTag` (`pulumi.Input[str]`) - (string)
        * `roleArn` (`pulumi.Input[str]`) - (string)
        * `routeTableId` (`pulumi.Input[str]`) - (string)
        * `subnetId` (`pulumi.Input[str]`) - (string)
        * `vpc` (`pulumi.Input[str]`) - (string)
        * `zone` (`pulumi.Input[str]`) - Zone GKE cluster (string)

      * `serviceOverrides` (`pulumi.Input[list]`) - (list)
        * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
        * `service` (`pulumi.Input[str]`) - (string)
        * `signingMethod` (`pulumi.Input[str]`) - (string)
        * `signingName` (`pulumi.Input[str]`) - (string)
        * `signingRegion` (`pulumi.Input[str]`) - (string)
        * `url` (`pulumi.Input[str]`) - Registry URL (string)

    * `azureCloudProvider` (`pulumi.Input[dict]`) - RKE Azure Cloud Provider config for Cloud Provider [rke-azure-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/azure/) (list maxitems:1)
      * `aadClientCertPassword` (`pulumi.Input[str]`) - (string)
      * `aadClientCertPath` (`pulumi.Input[str]`) - (string)
      * `aadClientId` (`pulumi.Input[str]`) - (string)
      * `aadClientSecret` (`pulumi.Input[str]`) - (string)
      * `cloud` (`pulumi.Input[str]`) - (string)
      * `cloudProviderBackoff` (`pulumi.Input[bool]`) - (bool)
      * `cloudProviderBackoffDuration` (`pulumi.Input[float]`) - (int)
      * `cloudProviderBackoffExponent` (`pulumi.Input[float]`) - (int)
      * `cloudProviderBackoffJitter` (`pulumi.Input[float]`) - (int)
      * `cloudProviderBackoffRetries` (`pulumi.Input[float]`) - (int)
      * `cloudProviderRateLimit` (`pulumi.Input[bool]`) - (bool)
      * `cloudProviderRateLimitBucket` (`pulumi.Input[float]`) - (int)
      * `cloudProviderRateLimitQps` (`pulumi.Input[float]`) - (int)
      * `location` (`pulumi.Input[str]`) - Azure Kubernetes cluster location. Default `eastus` (string)
      * `maximumLoadBalancerRuleCount` (`pulumi.Input[float]`) - (int)
      * `primaryAvailabilitySetName` (`pulumi.Input[str]`) - (string)
      * `primaryScaleSetName` (`pulumi.Input[str]`) - (string)
      * `resourceGroup` (`pulumi.Input[str]`) - The name of the Cluster resource group (string)
      * `routeTableName` (`pulumi.Input[str]`) - (string)
      * `securityGroupName` (`pulumi.Input[str]`) - (string)
      * `subnetName` (`pulumi.Input[str]`) - (string)
      * `subscriptionId` (`pulumi.Input[str]`) - Subscription credentials which uniquely identify Microsoft Azure subscription (string)
      * `tenant_id` (`pulumi.Input[str]`) - Azure tenant ID to use (string)
      * `useInstanceMetadata` (`pulumi.Input[bool]`) - (bool)
      * `useManagedIdentityExtension` (`pulumi.Input[bool]`) - (bool)
      * `vmType` (`pulumi.Input[str]`) - (string)
      * `vnetName` (`pulumi.Input[str]`) - (string)
      * `vnetResourceGroup` (`pulumi.Input[str]`) - (string)

    * `customCloudProvider` (`pulumi.Input[str]`) - RKE Custom Cloud Provider config for Cloud Provider (string) (string)
    * `name` (`pulumi.Input[str]`) - Name of cluster registration token (string)
    * `openstackCloudProvider` (`pulumi.Input[dict]`) - RKE Openstack Cloud Provider config for Cloud Provider [rke-openstack-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/openstack/) (list maxitems:1)
      * `blockStorage` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `bsVersion` (`pulumi.Input[str]`) - (string)
        * `ignoreVolumeAz` (`pulumi.Input[bool]`) - (string)
        * `trustDevicePath` (`pulumi.Input[bool]`) - (string)

      * `global` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `authUrl` (`pulumi.Input[str]`) - (string)
        * `caFile` (`pulumi.Input[str]`) - (string)
        * `domainId` (`pulumi.Input[str]`) - Required if `domain_name` not provided. (string)
        * `domainName` (`pulumi.Input[str]`) - Required if `domain_id` not provided. (string)
        * `password` (`pulumi.Input[str]`) - Registry password (string)
        * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
        * `tenant_id` (`pulumi.Input[str]`) - Azure tenant ID to use (string)
        * `tenantName` (`pulumi.Input[str]`) - Required if `tenant_id` not provided. (string)
        * `trustId` (`pulumi.Input[str]`) - (string)
        * `username` (`pulumi.Input[str]`) - (string)

      * `loadBalancer` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `createMonitor` (`pulumi.Input[bool]`) - (bool)
        * `floatingNetworkId` (`pulumi.Input[str]`) - (string)
        * `lbMethod` (`pulumi.Input[str]`) - (string)
        * `lbProvider` (`pulumi.Input[str]`) - (string)
        * `lbVersion` (`pulumi.Input[str]`) - (string)
        * `manageSecurityGroups` (`pulumi.Input[bool]`) - (bool)
        * `monitorDelay` (`pulumi.Input[str]`) - Default `60s` (string)
        * `monitorMaxRetries` (`pulumi.Input[float]`) - Default 5 (int)
        * `monitorTimeout` (`pulumi.Input[str]`) - Default `30s` (string)
        * `subnetId` (`pulumi.Input[str]`) - (string)
        * `useOctavia` (`pulumi.Input[bool]`) - (bool)

      * `metadata` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `requestTimeout` (`pulumi.Input[float]`) - (int)
        * `searchOrder` (`pulumi.Input[str]`) - (string)

      * `route` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `routerId` (`pulumi.Input[str]`) - (string)

    * `vsphereCloudProvider` (`pulumi.Input[dict]`) - RKE Vsphere Cloud Provider config for Cloud Provider [rke-vsphere-cloud-provider](https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/vsphere/) Extra argument `name` is required on `virtual_center` configuration. (list maxitems:1)
      * `disk` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `scsiControllerType` (`pulumi.Input[str]`) - (string)

      * `global` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `datacenters` (`pulumi.Input[str]`) - (string)
        * `insecureFlag` (`pulumi.Input[bool]`) - (bool)
        * `password` (`pulumi.Input[str]`) - Registry password (string)
        * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
        * `soapRoundtripCount` (`pulumi.Input[float]`) - (int)
        * `user` (`pulumi.Input[str]`) - Registry user (string)

      * `network` (`pulumi.Input[dict]`) - Network for GKE cluster (string)
        * `publicNetwork` (`pulumi.Input[str]`) - (string)

      * `virtualCenters` (`pulumi.Input[list]`) - (List)
        * `datacenters` (`pulumi.Input[str]`) - (string)
        * `name` (`pulumi.Input[str]`) - Name of cluster registration token (string)
        * `password` (`pulumi.Input[str]`) - Registry password (string)
        * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
        * `soapRoundtripCount` (`pulumi.Input[float]`) - (int)
        * `user` (`pulumi.Input[str]`) - Registry user (string)

      * `workspace` (`pulumi.Input[dict]`) - (list maxitems:1)
        * `datacenter` (`pulumi.Input[str]`) - (string)
        * `defaultDatastore` (`pulumi.Input[str]`) - (string)
        * `folder` (`pulumi.Input[str]`) - Folder for S3 service. Available from Rancher v2.2.7 (string)
        * `resourcepoolPath` (`pulumi.Input[str]`) - (string)
        * `server` (`pulumi.Input[str]`) - (string)

  * `dns` (`pulumi.Input[dict]`) - RKE dns add-on. Just for Rancher v2.2.x (list maxitems:1)
    * `nodeSelector` (`pulumi.Input[dict]`) - Node selector for RKE Ingress (map)
    * `provider` (`pulumi.Input[str]`) - Provider for RKE monitoring (string)
    * `reverseCidrs` (`pulumi.Input[list]`) - DNS add-on reverse cidr  (list)
    * `upstreamNameservers` (`pulumi.Input[list]`) - DNS add-on upstream nameservers  (list)

  * `ignoreDockerVersion` (`pulumi.Input[bool]`) - Ignore docker version. Default `true` (bool)
  * `ingress` (`pulumi.Input[dict]`) - Kubernetes ingress configuration (list maxitems:1)
    * `dnsPolicy` (`pulumi.Input[str]`) - Ingress controller DNS policy. `ClusterFirstWithHostNet`, `ClusterFirst`, `Default`, and `None` are supported. [K8S dns Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) (string)
    * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
    * `nodeSelector` (`pulumi.Input[dict]`) - Node selector for RKE Ingress (map)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)
    * `provider` (`pulumi.Input[str]`) - Provider for RKE monitoring (string)

  * `kubernetesVersion` (`pulumi.Input[str]`) - The Kubernetes master version (string)
  * `monitoring` (`pulumi.Input[dict]`) - Kubernetes cluster monitoring (list maxitems:1)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)
    * `provider` (`pulumi.Input[str]`) - Provider for RKE monitoring (string)

  * `network` (`pulumi.Input[dict]`) - Network for GKE cluster (string)
    * `calicoNetworkProvider` (`pulumi.Input[dict]`) - Calico provider config for RKE network (list maxitems:1)
      * `cloudProvider` (`pulumi.Input[str]`) - RKE options for Calico network provider (string)

    * `canalNetworkProvider` (`pulumi.Input[dict]`) - Canal provider config for RKE network (list maxitems:1)
      * `iface` (`pulumi.Input[str]`) - Iface config Flannel network provider (string)

    * `flannelNetworkProvider` (`pulumi.Input[dict]`) - Flannel provider config for RKE network (list maxitems:1)
      * `iface` (`pulumi.Input[str]`) - Iface config Flannel network provider (string)

    * `mtu` (`pulumi.Input[float]`) - Network provider MTU. Default `0` (int)
    * `options` (`pulumi.Input[dict]`) - RKE options for network (map)
    * `plugin` (`pulumi.Input[str]`) - Plugin for RKE network. `canal` (default), `flannel`, `calico`, `none` and `weave` are supported. (string)
    * `weaveNetworkProvider` (`pulumi.Input[dict]`) - Weave provider config for RKE network (list maxitems:1)
      * `password` (`pulumi.Input[str]`) - Registry password (string)

  * `nodes` (`pulumi.Input[list]`) - RKE cluster nodes (list)
    * `address` (`pulumi.Input[str]`) - Address ip for node (string)
    * `dockerSocket` (`pulumi.Input[str]`) - Docker socket for node (string)
    * `hostnameOverride` (`pulumi.Input[str]`) - Hostname override for node (string)
    * `internalAddress` (`pulumi.Input[str]`) - Internal ip for node (string)
    * `labels` (`pulumi.Input[dict]`) - Labels for cluster registration token object (map)
    * `nodeId` (`pulumi.Input[str]`) - Id for the node (string)
    * `port` (`pulumi.Input[str]`) - Port for node. Default `22` (string)
    * `roles` (`pulumi.Input[list]`) - Roles for the node. `controlplane`, `etcd` and `worker` are supported. (list)
    * `sshAgentAuth` (`pulumi.Input[bool]`) - Use ssh agent auth. Default `false` (bool)
    * `sshKey` (`pulumi.Input[str]`) - Node SSH private key (string)
    * `sshKeyPath` (`pulumi.Input[str]`) - Node SSH private key path (string)
    * `user` (`pulumi.Input[str]`) - Registry user (string)

  * `prefixPath` (`pulumi.Input[str]`) - Prefix to customize Kubernetes path (string)
  * `privateRegistries` (`pulumi.Input[list]`) - private registries for docker images (list)
    * `isDefault` (`pulumi.Input[bool]`) - Set as default registry. Default `false` (bool)
    * `password` (`pulumi.Input[str]`) - Registry password (string)
    * `url` (`pulumi.Input[str]`) - Registry URL (string)
    * `user` (`pulumi.Input[str]`) - Registry user (string)

  * `services` (`pulumi.Input[dict]`) - Kubernetes cluster services (list maxitems:1)
    * `etcd` (`pulumi.Input[dict]`) - Etcd options for RKE services (list maxitems:1)
      * `backup_config` (`pulumi.Input[dict]`) - Backup options for etcd service. Just for Rancher v2.2.x (list maxitems:1)
        * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        * `intervalHours` (`pulumi.Input[float]`) - Interval hours for etcd backup. Default `12` (int)
        * `retention` (`pulumi.Input[float]`) - Retention for etcd backup. Default `6` (int)
        * `s3BackupConfig` (`pulumi.Input[dict]`) - S3 config options for etcd backup (list maxitems:1)
          * `access_key` (`pulumi.Input[str]`) - The AWS Client ID to use (string)
          * `bucketName` (`pulumi.Input[str]`) - Bucket name for S3 service (string)
          * `customCa` (`pulumi.Input[str]`) - Base64 encoded custom CA for S3 service. Use filebase64(<FILE>) for encoding file. Available from Rancher v2.2.5 (string)
          * `endpoint` (`pulumi.Input[str]`) - Endpoint for S3 service (string)
          * `folder` (`pulumi.Input[str]`) - Folder for S3 service. Available from Rancher v2.2.7 (string)
          * `region` (`pulumi.Input[str]`) - The AWS Region to create the EKS cluster in. Default `us-west-2` (string)
          * `secret_key` (`pulumi.Input[str]`) - The AWS Client Secret associated with the Client ID (string)

        * `safeTimestamp` (`pulumi.Input[bool]`) - Safe timestamp for etcd backup. Default: `false` (bool)

      * `caCert` (`pulumi.Input[str]`) - TLS CA certificate for etcd service (string)
      * `cert` (`pulumi.Input[str]`) - TLS certificate for etcd service (string)
      * `creation` (`pulumi.Input[str]`) - Creation option for etcd service (string)
      * `externalUrls` (`pulumi.Input[list]`) - External urls for etcd service (list)
      * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
      * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
      * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
      * `gid` (`pulumi.Input[float]`) - Etcd service GID. Default: `0`. For Rancher v2.3.x or above (int)
      * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
      * `key` (`pulumi.Input[str]`) - TLS key for etcd service (string)
      * `path` (`pulumi.Input[str]`) - (Optional) Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
      * `retention` (`pulumi.Input[str]`) - Retention for etcd backup. Default `6` (int)
      * `snapshot` (`pulumi.Input[bool]`) - Snapshot option for etcd service (bool)
      * `uid` (`pulumi.Input[float]`) - Etcd service UID. Default: `0`. For Rancher v2.3.x or above (int)

    * `kubeApi` (`pulumi.Input[dict]`) - Kube API options for RKE services (list maxitems:1)
      * `admissionConfiguration` (`pulumi.Input[dict]`) - Admission configuration (map)
      * `alwaysPullImages` (`pulumi.Input[bool]`) - Enable [AlwaysPullImages](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#alwayspullimages) Admission controller plugin. [Rancher docs](https://rancher.com/docs/rke/latest/en/config-options/services/#kubernetes-api-server-options) Default: `false` (bool)
      * `auditLog` (`pulumi.Input[dict]`) - K8s audit log configuration. (list maxitems: 1)
        * `configuration` (`pulumi.Input[dict]`) - Event rate limit configuration. (map)
          * `format` (`pulumi.Input[str]`) - Audit log format. Default: 'json' (string)
          * `maxAge` (`pulumi.Input[float]`) - Audit log max age. Default: `30` (int)
          * `maxBackup` (`pulumi.Input[float]`) - Audit log max backup. Default: `10` (int)
          * `maxSize` (`pulumi.Input[float]`) - Audit log max size. Default: `100` (int)
          * `path` (`pulumi.Input[str]`) - (Optional) Audit log path. Default: `/var/log/kube-audit/audit-log.json` (string)
          * `policy` (`pulumi.Input[str]`) - Audit policy yaml encoded definition. `apiVersion` and `kind: Policy

rules:”fields are required in the yaml. Ex.”apiVersion: audit.k8s.io/v1 kind: Policy rules:

  • level: RequestResponse resources:

    • resources:

      • pods “` More info (string)

               * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        
             * `eventRateLimit` (`pulumi.Input[dict]`) - K8s event rate limit configuration. (list maxitems: 1)
               * `configuration` (`pulumi.Input[dict]`) - Event rate limit configuration. (map)
               * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
             * `podSecurityPolicy` (`pulumi.Input[bool]`) - Pod Security Policy option for kube API service. Default `false` (bool)
             * `secretsEncryptionConfig` (`pulumi.Input[dict]`) - [Encrypt k8s secret data configration](https://rancher.com/docs/rke/latest/en/config-options/secrets-encryption/). (list maxitem: 1)
               * `customConfig` (`pulumi.Input[dict]`) - Secrets encryption configuration. (map)
               * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        
             * `serviceClusterIpRange` (`pulumi.Input[str]`) - Service Cluster ip Range option for kube controller service (string)
             * `serviceNodePortRange` (`pulumi.Input[str]`) - Service Node Port Range option for kube API service (string)
        
           * `kubeController` (`pulumi.Input[dict]`) - Kube Controller options for RKE services (list maxitems:1)
             * `clusterCidr` (`pulumi.Input[str]`) - Cluster CIDR option for kube controller service (string)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
             * `serviceClusterIpRange` (`pulumi.Input[str]`) - Service Cluster ip Range option for kube controller service (string)
        
           * `kubelet` (`pulumi.Input[dict]`) - Kubelet options for RKE services (list maxitems:1)
             * `clusterDnsServer` (`pulumi.Input[str]`) - Cluster DNS Server option for kubelet service (string)
             * `clusterDomain` (`pulumi.Input[str]`) - Cluster Domain option for kubelet service (string)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `failSwapOn` (`pulumi.Input[bool]`) - Enable or disable failing when swap on is not supported (bool)
               * `generate_serving_certificate` [Generate a certificate signed by the kube-ca](https://rancher.com/docs/rke/latest/en/config-options/services/#kubelet-serving-certificate-requirements). Default `false` (bool)
             * `generateServingCertificate` (`pulumi.Input[bool]`)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
             * `infraContainerImage` (`pulumi.Input[str]`) - Infra container image for kubelet service (string)
        
           * `kubeproxy` (`pulumi.Input[dict]`) - Kubeproxy options for RKE services (list maxitems:1)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
        
           * `scheduler` (`pulumi.Input[dict]`) - Scheduler options for RKE services (list maxitems:1)
             * `extraArgs` (`pulumi.Input[dict]`) - Extra arguments for scheduler service (map)
             * `extraBinds` (`pulumi.Input[list]`) - Extra binds for scheduler service (list)
             * `extraEnvs` (`pulumi.Input[list]`) - Extra environment for scheduler service (list)
             * `image` (`pulumi.Input[str]`) - Docker image for scheduler service (string)
        
         * `sshAgentAuth` (`pulumi.Input[bool]`) - Use ssh agent auth. Default `false` (bool)
         * `sshCertPath` (`pulumi.Input[str]`) - Cluster level SSH certificate path (string)
         * `sshKeyPath` (`pulumi.Input[str]`) - Node SSH private key path (string)
         * `upgrade_strategy` (`pulumi.Input[dict]`) - K3S upgrade strategy (List maxitems: 1)
           * `drain` (`pulumi.Input[bool]`) - RKE drain nodes. Default: `false` (bool)
           * `drainInput` (`pulumi.Input[dict]`) - RKE drain node input (list Maxitems: 1)
             * `deleteLocalData` (`pulumi.Input[bool]`) - Delete RKE node local data. Default: `false` (bool)
             * `force` (`pulumi.Input[bool]`) - Force RKE node drain. Default: `false` (bool)
             * `gracePeriod` (`pulumi.Input[float]`) - RKE node drain grace period. Default: `-1` (int)
             * `ignoreDaemonSets` (`pulumi.Input[bool]`) - Ignore RKE daemon sets. Default: `true` (bool)
             * `timeout` (`pulumi.Input[float]`) - RKE node drain timeout. Default: `60` (int)
        
           * `maxUnavailableControlplane` (`pulumi.Input[str]`) - RKE max unavailable controlplane nodes. Default: `1` (string)
           * `maxUnavailableWorker` (`pulumi.Input[str]`) - RKE max unavailable worker nodes. Default: `10%` (string)
        
        
        The **scheduled_cluster_scan** object supports the following:
        
        * `enabled` (`pulumi.Input[bool]`) - Enable scheduled cluster scan. Default: `false` (bool)
        * `scanConfig` (`pulumi.Input[dict]`) - Cluster scan config (List maxitems:1)
          * `cisScanConfig` (`pulumi.Input[dict]`) - Cluster Cis Scan config (List maxitems:1)
            * `debugMaster` (`pulumi.Input[bool]`) - Debug master. Default: `false` (bool)
            * `debugWorker` (`pulumi.Input[bool]`) - Debug worker. Default: `false` (bool)
            * `overrideBenchmarkVersion` (`pulumi.Input[str]`) - Override benchmark version (string)
            * `overrideSkips` (`pulumi.Input[list]`) - Override skip (string)
            * `profile` (`pulumi.Input[str]`) - Cis scan profile. Allowed values: `"permissive" (default) || "hardened"` (string)
        
        * `scheduleConfig` (`pulumi.Input[dict]`) - Cluster scan schedule config (list maxitems:1)
          * `cronSchedule` (`pulumi.Input[str]`) - Crontab schedule. It should contains 5 fields `"<min> <hour> <month_day> <month> <week_day>"` (string)
          * `retention` (`pulumi.Input[float]`) - Retention for etcd backup. Default `6` (int)
        
translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterAlterGroup(resource_name, opts=None, annotations=None, cluster_id=None, description=None, group_interval_seconds=None, group_wait_seconds=None, labels=None, name=None, recipients=None, repeat_interval_seconds=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cluster Alert Group resource. This can be used to create Cluster Alert Group for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – The cluster alert group annotations (map)

  • cluster_id (pulumi.Input[str]) – The cluster id where create cluster alert group (string)

  • description (pulumi.Input[str]) – The cluster alert group description (string)

  • group_interval_seconds (pulumi.Input[float]) – The cluster alert group interval seconds. Default: 180 (int)

  • group_wait_seconds (pulumi.Input[float]) – The cluster alert group wait seconds. Default: 180 (int)

  • labels (pulumi.Input[dict]) – The cluster alert group labels (map)

  • name (pulumi.Input[str]) – The cluster alert group name (string)

  • recipients (pulumi.Input[list]) – The cluster alert group recipients (list)

  • repeat_interval_seconds (pulumi.Input[float]) – The cluster alert group wait seconds. Default: 3600 (int)

The recipients object supports the following:

  • defaultRecipient (pulumi.Input[bool]) - Use notifier default recipient, overriding recipient argument if set. Default: false (bool)

  • notifierId (pulumi.Input[str]) - Recipient notifier ID (string)

  • notifierType (pulumi.Input[str]) - Recipient notifier ID. Supported values : "pagerduty" | "slack" | "email" | "webhook" | "wechat" (string)

  • recipient (pulumi.Input[str]) - Recipient (string)

annotations = None

The cluster alert group annotations (map)

cluster_id = None

The cluster id where create cluster alert group (string)

description = None

The cluster alert group description (string)

group_interval_seconds = None

The cluster alert group interval seconds. Default: 180 (int)

group_wait_seconds = None

The cluster alert group wait seconds. Default: 180 (int)

labels = None

The cluster alert group labels (map)

name = None

The cluster alert group name (string)

recipients = None

The cluster alert group recipients (list)

  • defaultRecipient (bool) - Use notifier default recipient, overriding recipient argument if set. Default: false (bool)

  • notifierId (str) - Recipient notifier ID (string)

  • notifierType (str) - Recipient notifier ID. Supported values : "pagerduty" | "slack" | "email" | "webhook" | "wechat" (string)

  • recipient (str) - Recipient (string)

repeat_interval_seconds = None

The cluster alert group wait seconds. Default: 3600 (int)

static get(resource_name, id, opts=None, annotations=None, cluster_id=None, description=None, group_interval_seconds=None, group_wait_seconds=None, labels=None, name=None, recipients=None, repeat_interval_seconds=None)

Get an existing ClusterAlterGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – The cluster alert group annotations (map)

  • cluster_id (pulumi.Input[str]) – The cluster id where create cluster alert group (string)

  • description (pulumi.Input[str]) – The cluster alert group description (string)

  • group_interval_seconds (pulumi.Input[float]) – The cluster alert group interval seconds. Default: 180 (int)

  • group_wait_seconds (pulumi.Input[float]) – The cluster alert group wait seconds. Default: 180 (int)

  • labels (pulumi.Input[dict]) – The cluster alert group labels (map)

  • name (pulumi.Input[str]) – The cluster alert group name (string)

  • recipients (pulumi.Input[list]) – The cluster alert group recipients (list)

  • repeat_interval_seconds (pulumi.Input[float]) – The cluster alert group wait seconds. Default: 3600 (int)

The recipients object supports the following:

  • defaultRecipient (pulumi.Input[bool]) - Use notifier default recipient, overriding recipient argument if set. Default: false (bool)

  • notifierId (pulumi.Input[str]) - Recipient notifier ID (string)

  • notifierType (pulumi.Input[str]) - Recipient notifier ID. Supported values : "pagerduty" | "slack" | "email" | "webhook" | "wechat" (string)

  • recipient (pulumi.Input[str]) - Recipient (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterAlterRule(resource_name, opts=None, annotations=None, cluster_id=None, event_rule=None, group_id=None, group_interval_seconds=None, group_wait_seconds=None, inherited=None, labels=None, metric_rule=None, name=None, node_rule=None, repeat_interval_seconds=None, severity=None, system_service_rule=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cluster Alert Rule resource. This can be used to create Cluster Alert Rule for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – The cluster alert rule annotations (map)

  • cluster_id (pulumi.Input[str]) – The cluster id where create cluster alert rule (string)

  • event_rule (pulumi.Input[dict]) – The cluster alert rule event rule. ConflictsWith: :raw-html-m2r:`<code class=”docutils literal”><span class=”pre”>”metric_rule”, “node_rule”, “system_service_rule”`` (list Maxitems:1)

  • group_id (pulumi.Input[str]) – The cluster alert rule alert group ID (string)

  • group_interval_seconds (pulumi.Input[float]) – The cluster alert rule group interval seconds. Default:</span></code>`180``(int)

  • group_wait_seconds (pulumi.Input[float]) – The cluster alert rule group wait seconds. Default:``180``(int)

  • inherited (pulumi.Input[bool]) – The cluster alert rule inherited. Default:``true``(bool)

  • labels (pulumi.Input[dict]) – The cluster alert rule labels (map)

  • metric_rule (pulumi.Input[dict]) – The cluster alert rule metric rule. ConflictsWith:``”event_rule”, “node_rule”, “system_service_rule”``(list Maxitems:1)

  • name (pulumi.Input[str]) – The cluster alert rule name (string)

  • node_rule (pulumi.Input[dict]) – The cluster alert rule node rule. ConflictsWith: “event_rule”, “metric_rule”, “system_service_rule”` (list Maxitems:1)

  • repeat_interval_seconds (pulumi.Input[float]) – The cluster alert rule wait seconds. Default: 3600 (int)

  • severity (pulumi.Input[str]) – The cluster alert rule severity. Supported values : "critical" | "info" | "warning". Default: critical (string)

  • system_service_rule (pulumi.Input[dict]) – The cluster alert rule system service rule. ConflictsWith: “event_rule”, “metric_rule”, “node_rule”` (list Maxitems:1)

The event_rule object supports the following:

  • eventType (pulumi.Input[str]) - Event type. Supported values : "Warning" | "Normal". Default: Warning (string)

  • resourceKind (pulumi.Input[str]) - Resource kind. Supported values : "DaemonSet" | "Deployment" | "Node" | "Pod" | "StatefulSet" (string)

The metric_rule object supports the following:

  • comparison (pulumi.Input[str]) - Metric rule comparison. Supported values : "equal" | "greater-or-equal" | "greater-than" | "less-or-equal" | "less-than" | "not-equal" | "has-value". Default: equal (string)

  • description (pulumi.Input[str]) - Metric rule description (string)

  • duration (pulumi.Input[str]) - Metric rule duration (string)

  • expression (pulumi.Input[str]) - Metric rule expression (string)

  • thresholdValue (pulumi.Input[float]) - Metric rule threshold value (float64)

The node_rule object supports the following:

  • condition (pulumi.Input[str]) - System service rule condition. Supported values : "controller-manager" | "etcd" | "scheduler". Default: scheduler (string)

  • cpuThreshold (pulumi.Input[float]) - Node rule cpu threshold. Default: 70 (int)

  • memThreshold (pulumi.Input[float]) - Node rule mem threshold. Default: 70 (int)

  • nodeId (pulumi.Input[str]) - Node ID (string)

  • selector (pulumi.Input[dict]) - Node rule selector (map)

The system_service_rule object supports the following:

  • condition (pulumi.Input[str]) - System service rule condition. Supported values : "controller-manager" | "etcd" | "scheduler". Default: scheduler (string)

annotations = None

The cluster alert rule annotations (map)

cluster_id = None

The cluster id where create cluster alert rule (string)

event_rule = None

The cluster alert rule event rule. ConflictsWith: “metric_rule”, “node_rule”, “system_service_rule”` (list Maxitems:1)

  • eventType (str) - Event type. Supported values : "Warning" | "Normal". Default: Warning (string)

  • resourceKind (str) - Resource kind. Supported values : "DaemonSet" | "Deployment" | "Node" | "Pod" | "StatefulSet" (string)

group_id = None

The cluster alert rule alert group ID (string)

group_interval_seconds = None

The cluster alert rule group interval seconds. Default: 180 (int)

group_wait_seconds = None

The cluster alert rule group wait seconds. Default: 180 (int)

inherited = None

The cluster alert rule inherited. Default: true (bool)

labels = None

The cluster alert rule labels (map)

metric_rule = None

The cluster alert rule metric rule. ConflictsWith: “event_rule”, “node_rule”, “system_service_rule”` (list Maxitems:1)

  • comparison (str) - Metric rule comparison. Supported values : "equal" | "greater-or-equal" | "greater-than" | "less-or-equal" | "less-than" | "not-equal" | "has-value". Default: equal (string)

  • description (str) - Metric rule description (string)

  • duration (str) - Metric rule duration (string)

  • expression (str) - Metric rule expression (string)

  • thresholdValue (float) - Metric rule threshold value (float64)

name = None

The cluster alert rule name (string)

node_rule = None

The cluster alert rule node rule. ConflictsWith: “event_rule”, “metric_rule”, “system_service_rule”` (list Maxitems:1)

  • condition (str) - System service rule condition. Supported values : "controller-manager" | "etcd" | "scheduler". Default: scheduler (string)

  • cpuThreshold (float) - Node rule cpu threshold. Default: 70 (int)

  • memThreshold (float) - Node rule mem threshold. Default: 70 (int)

  • nodeId (str) - Node ID (string)

  • selector (dict) - Node rule selector (map)

repeat_interval_seconds = None

The cluster alert rule wait seconds. Default: 3600 (int)

severity = None

The cluster alert rule severity. Supported values : "critical" | "info" | "warning". Default: critical (string)

system_service_rule = None

The cluster alert rule system service rule. ConflictsWith: “event_rule”, “metric_rule”, “node_rule”` (list Maxitems:1)

  • condition (str) - System service rule condition. Supported values : "controller-manager" | "etcd" | "scheduler". Default: scheduler (string)

static get(resource_name, id, opts=None, annotations=None, cluster_id=None, event_rule=None, group_id=None, group_interval_seconds=None, group_wait_seconds=None, inherited=None, labels=None, metric_rule=None, name=None, node_rule=None, repeat_interval_seconds=None, severity=None, system_service_rule=None)

Get an existing ClusterAlterRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – The cluster alert rule annotations (map)

  • cluster_id (pulumi.Input[str]) – The cluster id where create cluster alert rule (string)

  • event_rule (pulumi.Input[dict]) – The cluster alert rule event rule. ConflictsWith: :raw-html-m2r:`<code class=”docutils literal”><span class=”pre”>”metric_rule”, “node_rule”, “system_service_rule”`` (list Maxitems:1)

  • group_id (pulumi.Input[str]) – The cluster alert rule alert group ID (string)

  • group_interval_seconds (pulumi.Input[float]) – The cluster alert rule group interval seconds. Default:</span></code>`180``(int)

  • group_wait_seconds (pulumi.Input[float]) – The cluster alert rule group wait seconds. Default:``180``(int)

  • inherited (pulumi.Input[bool]) – The cluster alert rule inherited. Default:``true``(bool)

  • labels (pulumi.Input[dict]) – The cluster alert rule labels (map)

  • metric_rule (pulumi.Input[dict]) – The cluster alert rule metric rule. ConflictsWith:``”event_rule”, “node_rule”, “system_service_rule”``(list Maxitems:1)

  • name (pulumi.Input[str]) – The cluster alert rule name (string)

  • node_rule (pulumi.Input[dict]) – The cluster alert rule node rule. ConflictsWith: “event_rule”, “metric_rule”, “system_service_rule”` (list Maxitems:1)

  • repeat_interval_seconds (pulumi.Input[float]) – The cluster alert rule wait seconds. Default: 3600 (int)

  • severity (pulumi.Input[str]) – The cluster alert rule severity. Supported values : "critical" | "info" | "warning". Default: critical (string)

  • system_service_rule (pulumi.Input[dict]) – The cluster alert rule system service rule. ConflictsWith: “event_rule”, “metric_rule”, “node_rule”` (list Maxitems:1)

The event_rule object supports the following:

  • eventType (pulumi.Input[str]) - Event type. Supported values : "Warning" | "Normal". Default: Warning (string)

  • resourceKind (pulumi.Input[str]) - Resource kind. Supported values : "DaemonSet" | "Deployment" | "Node" | "Pod" | "StatefulSet" (string)

The metric_rule object supports the following:

  • comparison (pulumi.Input[str]) - Metric rule comparison. Supported values : "equal" | "greater-or-equal" | "greater-than" | "less-or-equal" | "less-than" | "not-equal" | "has-value". Default: equal (string)

  • description (pulumi.Input[str]) - Metric rule description (string)

  • duration (pulumi.Input[str]) - Metric rule duration (string)

  • expression (pulumi.Input[str]) - Metric rule expression (string)

  • thresholdValue (pulumi.Input[float]) - Metric rule threshold value (float64)

The node_rule object supports the following:

  • condition (pulumi.Input[str]) - System service rule condition. Supported values : "controller-manager" | "etcd" | "scheduler". Default: scheduler (string)

  • cpuThreshold (pulumi.Input[float]) - Node rule cpu threshold. Default: 70 (int)

  • memThreshold (pulumi.Input[float]) - Node rule mem threshold. Default: 70 (int)

  • nodeId (pulumi.Input[str]) - Node ID (string)

  • selector (pulumi.Input[dict]) - Node rule selector (map)

The system_service_rule object supports the following:

  • condition (pulumi.Input[str]) - System service rule condition. Supported values : "controller-manager" | "etcd" | "scheduler". Default: scheduler (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterDriver(resource_name, opts=None, active=None, actual_url=None, annotations=None, builtin=None, checksum=None, labels=None, name=None, ui_url=None, url=None, whitelist_domains=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cluster Driver resource. This can be used to create Cluster Driver for Rancher v2.2.x Kontainer Engine clusters and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • active (pulumi.Input[bool]) – Specify the cluster driver state (bool)

  • actual_url (pulumi.Input[str]) – Actual url of the cluster driver (string)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • builtin (pulumi.Input[bool]) – Specify whether the cluster driver is an internal cluster driver or not (bool)

  • checksum (pulumi.Input[str]) – Verify that the downloaded driver matches the expected checksum (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – Name of the cluster driver (string)

  • ui_url (pulumi.Input[str]) – The URL to load for customized Add Clusters screen for this driver (string)

  • url (pulumi.Input[str]) – The URL to download the machine driver binary for 64-bit Linux (string)

  • whitelist_domains (pulumi.Input[list]) – Domains to whitelist for the ui (list)

active = None

Specify the cluster driver state (bool)

actual_url = None

Actual url of the cluster driver (string)

annotations = None

Annotations of the resource (map)

builtin = None

Specify whether the cluster driver is an internal cluster driver or not (bool)

checksum = None

Verify that the downloaded driver matches the expected checksum (string)

labels = None

Labels of the resource (map)

name = None

Name of the cluster driver (string)

ui_url = None

The URL to load for customized Add Clusters screen for this driver (string)

url = None

The URL to download the machine driver binary for 64-bit Linux (string)

whitelist_domains = None

Domains to whitelist for the ui (list)

static get(resource_name, id, opts=None, active=None, actual_url=None, annotations=None, builtin=None, checksum=None, labels=None, name=None, ui_url=None, url=None, whitelist_domains=None)

Get an existing ClusterDriver resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • active (pulumi.Input[bool]) – Specify the cluster driver state (bool)

  • actual_url (pulumi.Input[str]) – Actual url of the cluster driver (string)

  • annotations (pulumi.Input[dict]) – Annotations of the resource (map)

  • builtin (pulumi.Input[bool]) – Specify whether the cluster driver is an internal cluster driver or not (bool)

  • checksum (pulumi.Input[str]) – Verify that the downloaded driver matches the expected checksum (string)

  • labels (pulumi.Input[dict]) – Labels of the resource (map)

  • name (pulumi.Input[str]) – Name of the cluster driver (string)

  • ui_url (pulumi.Input[str]) – The URL to load for customized Add Clusters screen for this driver (string)

  • url (pulumi.Input[str]) – The URL to download the machine driver binary for 64-bit Linux (string)

  • whitelist_domains (pulumi.Input[list]) – Domains to whitelist for the ui (list)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterLogging(resource_name, opts=None, annotations=None, cluster_id=None, custom_target_config=None, elasticsearch_config=None, enable_json_parsing=None, fluentd_config=None, kafka_config=None, kind=None, labels=None, name=None, namespace_id=None, output_flush_interval=None, output_tags=None, splunk_config=None, syslog_config=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cluster Logging resource. This can be used to configure Cluster Logging for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for Cluster Logging object (map)

  • cluster_id (pulumi.Input[str]) – The cluster id to configure logging (string)

  • custom_target_config (pulumi.Input[dict]) – The custom target config for Cluster Logging. For kind = custom. Conflicts with elasticsearch_config, fluentd_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • elasticsearch_config (pulumi.Input[dict]) – The elasticsearch config for Cluster Logging. For kind = elasticsearch. Conflicts with custom_target_config, fluentd_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • enable_json_parsing (pulumi.Input[bool]) – Enable json log parsing. Default: false (bool)

  • fluentd_config (pulumi.Input[dict]) – The fluentd config for Cluster Logging. For kind = fluentd. Conflicts with custom_target_config, elasticsearch_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • kafka_config (pulumi.Input[dict]) – The kafka config for Cluster Logging. For kind = kafka. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, splunk_config and syslog_config (list maxitems:1)

  • kind (pulumi.Input[str]) – The kind of the Cluster Logging. elasticsearch, fluentd, kafka, splunk and syslog are supported (string)

  • labels (pulumi.Input[dict]) – Labels for Cluster Logging object (map)

  • name (pulumi.Input[str]) – The name of the cluster logging config (string)

  • namespace_id (pulumi.Input[str]) – The namespace id from cluster logging (string)

  • output_flush_interval (pulumi.Input[float]) – How often buffered logs would be flushed. Default: 3 seconds (int)

  • output_tags (pulumi.Input[dict]) – The output tags for Cluster Logging (map)

  • splunk_config (pulumi.Input[dict]) – The splunk config for Cluster Logging. For kind = splunk. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, kafka_config, and syslog_config (list maxitems:1)

  • syslog_config (pulumi.Input[dict]) – The syslog config for Cluster Logging. For kind = syslog. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, kafka_config, and splunk_config (list maxitems:1)

The custom_target_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • content (pulumi.Input[str]) - Custom target config content (string)

The elasticsearch_config object supports the following:

  • authPassword (pulumi.Input[str]) - User password for the elascticsearch service (string)

  • authUsername (pulumi.Input[str]) - Username for the elascticsearch service (string)

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • clientKeyPass (pulumi.Input[str]) - SSL client key password for the splunk service (string)

  • dateFormat (pulumi.Input[str]) - Date format for the elascticsearch logs. Default: YYYY-MM-DD (string)

  • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

  • indexPrefix (pulumi.Input[str]) - Index prefix for the elascticsearch logs. Default: local (string)

  • sslVerify (pulumi.Input[bool]) - SSL verify for the syslog service (bool)

  • sslVersion (pulumi.Input[str]) - SSL version for the elascticsearch service (string)

The fluentd_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • compress (pulumi.Input[bool]) - Compress data for the fluentd service (bool)

  • enableTls (pulumi.Input[bool]) - Enable TLS for the fluentd service (bool)

  • fluentServers (pulumi.Input[list]) - Servers for the fluentd service (list)

    • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

    • hostname (pulumi.Input[str]) - Hostname of the fluentd service (string)

    • password (pulumi.Input[str]) - User password of the fluentd service (string)

    • sharedKey (pulumi.Input[str]) - Shared key of the fluentd service (string)

    • standby (pulumi.Input[bool]) - Standby server of the fluentd service (bool)

    • username (pulumi.Input[str]) - Username of the fluentd service (string)

    • weight (pulumi.Input[float]) - Weight of the fluentd server (int)

The kafka_config object supports the following:

  • brokerEndpoints (pulumi.Input[list]) - Kafka endpoints for kafka service. Conflicts with zookeeper_endpoint (list)

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • topic (pulumi.Input[str]) - Topic to publish on the kafka service (string)

  • zookeeperEndpoint (pulumi.Input[str]) - Zookeeper endpoint for kafka service. Conflicts with broker_endpoints (string)

The splunk_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • clientKeyPass (pulumi.Input[str]) - SSL client key password for the splunk service (string)

  • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

  • index (pulumi.Input[str]) - Index prefix for the splunk logs (string)

  • source (pulumi.Input[str]) - Date format for the splunk logs (string)

  • sslVerify (pulumi.Input[bool]) - SSL verify for the syslog service (bool)

  • token (pulumi.Input[str]) - Token for the syslog service (string)

The syslog_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

  • program (pulumi.Input[str]) - Program for the syslog service (string)

  • protocol (pulumi.Input[str]) - Protocol for the syslog service. tcp and udp are supported. Default: udp (string)

  • severity (pulumi.Input[str]) - Date format for the syslog logs. emergency, alert, critical, error, warning, notice, info and debug are supported. Default: notice (string)

  • sslVerify (pulumi.Input[bool]) - SSL verify for the syslog service (bool)

  • token (pulumi.Input[str]) - Token for the syslog service (string)

annotations = None

Annotations for Cluster Logging object (map)

cluster_id = None

The cluster id to configure logging (string)

custom_target_config = None

The custom target config for Cluster Logging. For kind = custom. Conflicts with elasticsearch_config, fluentd_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • certificate (str) - SSL certificate for the syslog service (string)

  • clientCert (str) - SSL client certificate for the syslog service (string)

  • clientKey (str) - SSL client key for the syslog service (string)

  • content (str) - Custom target config content (string)

elasticsearch_config = None

The elasticsearch config for Cluster Logging. For kind = elasticsearch. Conflicts with custom_target_config, fluentd_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • authPassword (str) - User password for the elascticsearch service (string)

  • authUsername (str) - Username for the elascticsearch service (string)

  • certificate (str) - SSL certificate for the syslog service (string)

  • clientCert (str) - SSL client certificate for the syslog service (string)

  • clientKey (str) - SSL client key for the syslog service (string)

  • clientKeyPass (str) - SSL client key password for the splunk service (string)

  • dateFormat (str) - Date format for the elascticsearch logs. Default: YYYY-MM-DD (string)

  • endpoint (str) - Endpoint of the syslog service (string)

  • indexPrefix (str) - Index prefix for the elascticsearch logs. Default: local (string)

  • sslVerify (bool) - SSL verify for the syslog service (bool)

  • sslVersion (str) - SSL version for the elascticsearch service (string)

enable_json_parsing = None

Enable json log parsing. Default: false (bool)

fluentd_config = None

The fluentd config for Cluster Logging. For kind = fluentd. Conflicts with custom_target_config, elasticsearch_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • certificate (str) - SSL certificate for the syslog service (string)

  • compress (bool) - Compress data for the fluentd service (bool)

  • enableTls (bool) - Enable TLS for the fluentd service (bool)

  • fluentServers (list) - Servers for the fluentd service (list)

    • endpoint (str) - Endpoint of the syslog service (string)

    • hostname (str) - Hostname of the fluentd service (string)

    • password (str) - User password of the fluentd service (string)

    • sharedKey (str) - Shared key of the fluentd service (string)

    • standby (bool) - Standby server of the fluentd service (bool)

    • username (str) - Username of the fluentd service (string)

    • weight (float) - Weight of the fluentd server (int)

kafka_config = None

The kafka config for Cluster Logging. For kind = kafka. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, splunk_config and syslog_config (list maxitems:1)

  • brokerEndpoints (list) - Kafka endpoints for kafka service. Conflicts with zookeeper_endpoint (list)

  • certificate (str) - SSL certificate for the syslog service (string)

  • clientCert (str) - SSL client certificate for the syslog service (string)

  • clientKey (str) - SSL client key for the syslog service (string)

  • topic (str) - Topic to publish on the kafka service (string)

  • zookeeperEndpoint (str) - Zookeeper endpoint for kafka service. Conflicts with broker_endpoints (string)

kind = None

The kind of the Cluster Logging. elasticsearch, fluentd, kafka, splunk and syslog are supported (string)

labels = None

Labels for Cluster Logging object (map)

name = None

The name of the cluster logging config (string)

namespace_id = None

The namespace id from cluster logging (string)

output_flush_interval = None

How often buffered logs would be flushed. Default: 3 seconds (int)

output_tags = None

The output tags for Cluster Logging (map)

splunk_config = None

The splunk config for Cluster Logging. For kind = splunk. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, kafka_config, and syslog_config (list maxitems:1)

  • certificate (str) - SSL certificate for the syslog service (string)

  • clientCert (str) - SSL client certificate for the syslog service (string)

  • clientKey (str) - SSL client key for the syslog service (string)

  • clientKeyPass (str) - SSL client key password for the splunk service (string)

  • endpoint (str) - Endpoint of the syslog service (string)

  • index (str) - Index prefix for the splunk logs (string)

  • source (str) - Date format for the splunk logs (string)

  • sslVerify (bool) - SSL verify for the syslog service (bool)

  • token (str) - Token for the syslog service (string)

syslog_config = None

The syslog config for Cluster Logging. For kind = syslog. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, kafka_config, and splunk_config (list maxitems:1)

  • certificate (str) - SSL certificate for the syslog service (string)

  • clientCert (str) - SSL client certificate for the syslog service (string)

  • clientKey (str) - SSL client key for the syslog service (string)

  • endpoint (str) - Endpoint of the syslog service (string)

  • program (str) - Program for the syslog service (string)

  • protocol (str) - Protocol for the syslog service. tcp and udp are supported. Default: udp (string)

  • severity (str) - Date format for the syslog logs. emergency, alert, critical, error, warning, notice, info and debug are supported. Default: notice (string)

  • sslVerify (bool) - SSL verify for the syslog service (bool)

  • token (str) - Token for the syslog service (string)

static get(resource_name, id, opts=None, annotations=None, cluster_id=None, custom_target_config=None, elasticsearch_config=None, enable_json_parsing=None, fluentd_config=None, kafka_config=None, kind=None, labels=None, name=None, namespace_id=None, output_flush_interval=None, output_tags=None, splunk_config=None, syslog_config=None)

Get an existing ClusterLogging resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for Cluster Logging object (map)

  • cluster_id (pulumi.Input[str]) – The cluster id to configure logging (string)

  • custom_target_config (pulumi.Input[dict]) – The custom target config for Cluster Logging. For kind = custom. Conflicts with elasticsearch_config, fluentd_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • elasticsearch_config (pulumi.Input[dict]) – The elasticsearch config for Cluster Logging. For kind = elasticsearch. Conflicts with custom_target_config, fluentd_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • enable_json_parsing (pulumi.Input[bool]) – Enable json log parsing. Default: false (bool)

  • fluentd_config (pulumi.Input[dict]) – The fluentd config for Cluster Logging. For kind = fluentd. Conflicts with custom_target_config, elasticsearch_config, kafka_config, splunk_config and syslog_config (list maxitems:1)

  • kafka_config (pulumi.Input[dict]) – The kafka config for Cluster Logging. For kind = kafka. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, splunk_config and syslog_config (list maxitems:1)

  • kind (pulumi.Input[str]) – The kind of the Cluster Logging. elasticsearch, fluentd, kafka, splunk and syslog are supported (string)

  • labels (pulumi.Input[dict]) – Labels for Cluster Logging object (map)

  • name (pulumi.Input[str]) – The name of the cluster logging config (string)

  • namespace_id (pulumi.Input[str]) – The namespace id from cluster logging (string)

  • output_flush_interval (pulumi.Input[float]) – How often buffered logs would be flushed. Default: 3 seconds (int)

  • output_tags (pulumi.Input[dict]) – The output tags for Cluster Logging (map)

  • splunk_config (pulumi.Input[dict]) – The splunk config for Cluster Logging. For kind = splunk. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, kafka_config, and syslog_config (list maxitems:1)

  • syslog_config (pulumi.Input[dict]) – The syslog config for Cluster Logging. For kind = syslog. Conflicts with custom_target_config, elasticsearch_config, fluentd_config, kafka_config, and splunk_config (list maxitems:1)

The custom_target_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • content (pulumi.Input[str]) - Custom target config content (string)

The elasticsearch_config object supports the following:

  • authPassword (pulumi.Input[str]) - User password for the elascticsearch service (string)

  • authUsername (pulumi.Input[str]) - Username for the elascticsearch service (string)

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • clientKeyPass (pulumi.Input[str]) - SSL client key password for the splunk service (string)

  • dateFormat (pulumi.Input[str]) - Date format for the elascticsearch logs. Default: YYYY-MM-DD (string)

  • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

  • indexPrefix (pulumi.Input[str]) - Index prefix for the elascticsearch logs. Default: local (string)

  • sslVerify (pulumi.Input[bool]) - SSL verify for the syslog service (bool)

  • sslVersion (pulumi.Input[str]) - SSL version for the elascticsearch service (string)

The fluentd_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • compress (pulumi.Input[bool]) - Compress data for the fluentd service (bool)

  • enableTls (pulumi.Input[bool]) - Enable TLS for the fluentd service (bool)

  • fluentServers (pulumi.Input[list]) - Servers for the fluentd service (list)

    • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

    • hostname (pulumi.Input[str]) - Hostname of the fluentd service (string)

    • password (pulumi.Input[str]) - User password of the fluentd service (string)

    • sharedKey (pulumi.Input[str]) - Shared key of the fluentd service (string)

    • standby (pulumi.Input[bool]) - Standby server of the fluentd service (bool)

    • username (pulumi.Input[str]) - Username of the fluentd service (string)

    • weight (pulumi.Input[float]) - Weight of the fluentd server (int)

The kafka_config object supports the following:

  • brokerEndpoints (pulumi.Input[list]) - Kafka endpoints for kafka service. Conflicts with zookeeper_endpoint (list)

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • topic (pulumi.Input[str]) - Topic to publish on the kafka service (string)

  • zookeeperEndpoint (pulumi.Input[str]) - Zookeeper endpoint for kafka service. Conflicts with broker_endpoints (string)

The splunk_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • clientKeyPass (pulumi.Input[str]) - SSL client key password for the splunk service (string)

  • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

  • index (pulumi.Input[str]) - Index prefix for the splunk logs (string)

  • source (pulumi.Input[str]) - Date format for the splunk logs (string)

  • sslVerify (pulumi.Input[bool]) - SSL verify for the syslog service (bool)

  • token (pulumi.Input[str]) - Token for the syslog service (string)

The syslog_config object supports the following:

  • certificate (pulumi.Input[str]) - SSL certificate for the syslog service (string)

  • clientCert (pulumi.Input[str]) - SSL client certificate for the syslog service (string)

  • clientKey (pulumi.Input[str]) - SSL client key for the syslog service (string)

  • endpoint (pulumi.Input[str]) - Endpoint of the syslog service (string)

  • program (pulumi.Input[str]) - Program for the syslog service (string)

  • protocol (pulumi.Input[str]) - Protocol for the syslog service. tcp and udp are supported. Default: udp (string)

  • severity (pulumi.Input[str]) - Date format for the syslog logs. emergency, alert, critical, error, warning, notice, info and debug are supported. Default: notice (string)

  • sslVerify (pulumi.Input[bool]) - SSL verify for the syslog service (bool)

  • token (pulumi.Input[str]) - Token for the syslog service (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterRoleTemplateBinding(resource_name, opts=None, annotations=None, cluster_id=None, group_id=None, group_principal_id=None, labels=None, name=None, role_template_id=None, user_id=None, user_principal_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cluster Role Template Binding resource. This can be used to create Cluster Role Template Bindings for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for cluster role template binding (map)

  • cluster_id (pulumi.Input[str]) – The cluster id where bind cluster role template binding (string)

  • group_id (pulumi.Input[str]) – The group ID to assign cluster role template binding (string)

  • group_principal_id (pulumi.Input[str]) – The group_principal ID to assign cluster role template binding (string)

  • labels (pulumi.Input[dict]) – Labels for cluster role template binding (map)

  • name (pulumi.Input[str]) – The name of the cluster role template binding (string)

  • role_template_id (pulumi.Input[str]) – The role template id from create cluster role template binding (string)

  • user_id (pulumi.Input[str]) – The user ID to assign cluster role template binding (string)

  • user_principal_id (pulumi.Input[str]) – The user_principal ID to assign cluster role template binding (string)

annotations = None

Annotations for cluster role template binding (map)

cluster_id = None

The cluster id where bind cluster role template binding (string)

group_id = None

The group ID to assign cluster role template binding (string)

group_principal_id = None

The group_principal ID to assign cluster role template binding (string)

labels = None

Labels for cluster role template binding (map)

name = None

The name of the cluster role template binding (string)

role_template_id = None

The role template id from create cluster role template binding (string)

user_id = None

The user ID to assign cluster role template binding (string)

user_principal_id = None

The user_principal ID to assign cluster role template binding (string)

static get(resource_name, id, opts=None, annotations=None, cluster_id=None, group_id=None, group_principal_id=None, labels=None, name=None, role_template_id=None, user_id=None, user_principal_id=None)

Get an existing ClusterRoleTemplateBinding resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for cluster role template binding (map)

  • cluster_id (pulumi.Input[str]) – The cluster id where bind cluster role template binding (string)

  • group_id (pulumi.Input[str]) – The group ID to assign cluster role template binding (string)

  • group_principal_id (pulumi.Input[str]) – The group_principal ID to assign cluster role template binding (string)

  • labels (pulumi.Input[dict]) – Labels for cluster role template binding (map)

  • name (pulumi.Input[str]) – The name of the cluster role template binding (string)

  • role_template_id (pulumi.Input[str]) – The role template id from create cluster role template binding (string)

  • user_id (pulumi.Input[str]) – The user ID to assign cluster role template binding (string)

  • user_principal_id (pulumi.Input[str]) – The user_principal ID to assign cluster role template binding (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterSync(resource_name, opts=None, cluster_id=None, node_pool_ids=None, synced=None, wait_monitoring=None, __props__=None, __name__=None, __opts__=None)

Create a ClusterSync resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] cluster_id: The cluster ID that is syncing (string) :param pulumi.Input[list] node_pool_ids: The node pool IDs used by the cluster id (list) :param pulumi.Input[bool] wait_monitoring: Wait until monitoring is up and running. Default: false (bool)

cluster_id = None

The cluster ID that is syncing (string)

default_project_id = None

(Computed) Default project ID for the cluster sync (string)

kube_config = None

(Computed/Sensitive) Kube Config generated for the cluster sync (string)

node_pool_ids = None

The node pool IDs used by the cluster id (list)

system_project_id = None

(Computed) System project ID for the cluster sync (string)

wait_monitoring = None

Wait until monitoring is up and running. Default: false (bool)

static get(resource_name, id, opts=None, cluster_id=None, default_project_id=None, kube_config=None, node_pool_ids=None, synced=None, system_project_id=None, wait_monitoring=None)

Get an existing ClusterSync resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • cluster_id (pulumi.Input[str]) – The cluster ID that is syncing (string)

  • default_project_id (pulumi.Input[str]) – (Computed) Default project ID for the cluster sync (string)

  • kube_config (pulumi.Input[str]) – (Computed/Sensitive) Kube Config generated for the cluster sync (string)

  • node_pool_ids (pulumi.Input[list]) – The node pool IDs used by the cluster id (list)

  • system_project_id (pulumi.Input[str]) – (Computed) System project ID for the cluster sync (string)

  • wait_monitoring (pulumi.Input[bool]) – Wait until monitoring is up and running. Default: false (bool)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.ClusterTemplate(resource_name, opts=None, annotations=None, description=None, labels=None, members=None, name=None, template_revisions=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Cluster Template resource. This can be used to create Cluster Templates for Rancher v2 RKE clusters and retrieve their information.

Cluster Templates are available from Rancher v2.3.x and above.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for the cluster template revision (map)

  • description (pulumi.Input[str]) – Cluster template description

  • labels (pulumi.Input[dict]) – Labels for the cluster template revision (map)

  • members (pulumi.Input[list]) – Cluster template members (list)

  • name (pulumi.Input[str]) – The cluster template revision name (string)

  • template_revisions (pulumi.Input[list]) – Cluster template revisions (list)

The members object supports the following:

  • accessType (pulumi.Input[str]) - Member access type. Valid values: ["read-only" | "owner"] (string)

  • group_principal_id (pulumi.Input[str]) - Member group principal id (string)

  • user_principal_id (pulumi.Input[str]) - Member user principal id (string)

The template_revisions object supports the following:

  • annotations (pulumi.Input[dict]) - Annotations for the cluster template revision (map)

  • clusterConfig (pulumi.Input[dict]) - Cluster configuration (list maxitem: 1)

    • cluster_auth_endpoint (pulumi.Input[dict]) - Local cluster auth endpoint (list maxitems: 1)

      • ca_certs (pulumi.Input[str])

      • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

      • fqdn (pulumi.Input[str])

    • defaultClusterRoleForProjectMembers (pulumi.Input[str]) - Default cluster role for project members (string)

    • default_pod_security_policy_template_id (pulumi.Input[str]) - Default pod security policy template ID (string)

    • desired_agent_image (pulumi.Input[str]) - Desired agent image (string)

    • desired_auth_image (pulumi.Input[str]) - Desired auth image (string)

    • docker_root_dir (pulumi.Input[str]) - Desired auth image (string)

    • enable_cluster_alerting (pulumi.Input[bool]) - Enable built-in cluster alerting. Default: false (bool)

    • enable_cluster_monitoring (pulumi.Input[bool]) - Enable built-in cluster monitoring. Default: false (bool)

    • enable_network_policy (pulumi.Input[bool]) - Enable project network isolation. Default: false (bool)

    • rke_config (pulumi.Input[dict]) - Rancher Kubernetes Engine Config (list maxitems: 1)

      • scheduled_cluster_scan- (Optional) Cluster scheduled cis scan. For Rancher v2.4.0 or above (List MaxItem:1)

      • addonJobTimeout (pulumi.Input[float])

      • addons (pulumi.Input[str])

      • addonsIncludes (pulumi.Input[list])

      • authentication (pulumi.Input[dict])

        • sans (pulumi.Input[list])

        • strategy (pulumi.Input[str])

      • authorization (pulumi.Input[dict])

        • mode (pulumi.Input[str])

        • options (pulumi.Input[dict])

      • bastionHost (pulumi.Input[dict])

        • address (pulumi.Input[str])

        • port (pulumi.Input[str])

        • sshAgentAuth (pulumi.Input[bool])

        • sshKey (pulumi.Input[str])

        • sshKeyPath (pulumi.Input[str])

        • user (pulumi.Input[str])

      • cloudProvider (pulumi.Input[dict])

        • awsCloudProvider (pulumi.Input[dict])

          • global (pulumi.Input[dict])

            • disableSecurityGroupIngress (pulumi.Input[bool])

            • disableStrictZoneCheck (pulumi.Input[bool])

            • elbSecurityGroup (pulumi.Input[str])

            • kubernetesClusterId (pulumi.Input[str])

            • kubernetesClusterTag (pulumi.Input[str])

            • roleArn (pulumi.Input[str])

            • routeTableId (pulumi.Input[str])

            • subnetId (pulumi.Input[str])

            • vpc (pulumi.Input[str])

            • zone (pulumi.Input[str])

          • serviceOverrides (pulumi.Input[list])

            • region (pulumi.Input[str])

            • service (pulumi.Input[str])

            • signingMethod (pulumi.Input[str])

            • signingName (pulumi.Input[str])

            • signingRegion (pulumi.Input[str])

            • url (pulumi.Input[str])

        • azureCloudProvider (pulumi.Input[dict])

          • aadClientCertPassword (pulumi.Input[str])

          • aadClientCertPath (pulumi.Input[str])

          • aadClientId (pulumi.Input[str])

          • aadClientSecret (pulumi.Input[str])

          • cloud (pulumi.Input[str])

          • cloudProviderBackoff (pulumi.Input[bool])

          • cloudProviderBackoffDuration (pulumi.Input[float])

          • cloudProviderBackoffExponent (pulumi.Input[float])

          • cloudProviderBackoffJitter (pulumi.Input[float])

          • cloudProviderBackoffRetries (pulumi.Input[float])

          • cloudProviderRateLimit (pulumi.Input[bool])

          • cloudProviderRateLimitBucket (pulumi.Input[float])

          • cloudProviderRateLimitQps (pulumi.Input[float])

          • location (pulumi.Input[str])

          • maximumLoadBalancerRuleCount (pulumi.Input[float])

          • primaryAvailabilitySetName (pulumi.Input[str])

          • primaryScaleSetName (pulumi.Input[str])

          • resourceGroup (pulumi.Input[str])

          • routeTableName (pulumi.Input[str])

          • securityGroupName (pulumi.Input[str])

          • subnetName (pulumi.Input[str])

          • subscriptionId (pulumi.Input[str])

          • tenant_id (pulumi.Input[str])

          • useInstanceMetadata (pulumi.Input[bool])

          • useManagedIdentityExtension (pulumi.Input[bool])

          • vmType (pulumi.Input[str])

          • vnetName (pulumi.Input[str])

          • vnetResourceGroup (pulumi.Input[str])

        • customCloudProvider (pulumi.Input[str])

        • name (pulumi.Input[str]) - The cluster template revision name (string)

        • openstackCloudProvider (pulumi.Input[dict])

          • blockStorage (pulumi.Input[dict])

            • bsVersion (pulumi.Input[str])

            • ignoreVolumeAz (pulumi.Input[bool])

            • trustDevicePath (pulumi.Input[bool])

          • global (pulumi.Input[dict])

            • authUrl (pulumi.Input[str])

            • caFile (pulumi.Input[str])

            • domainId (pulumi.Input[str])

            • domainName (pulumi.Input[str])

            • password (pulumi.Input[str])

            • region (pulumi.Input[str])

            • tenant_id (pulumi.Input[str])

            • tenantName (pulumi.Input[str])

            • trustId (pulumi.Input[str])

            • username (pulumi.Input[str])

          • loadBalancer (pulumi.Input[dict])

            • createMonitor (pulumi.Input[bool])

            • floatingNetworkId (pulumi.Input[str])

            • lbMethod (pulumi.Input[str])

            • lbProvider (pulumi.Input[str])

            • lbVersion (pulumi.Input[str])

            • manageSecurityGroups (pulumi.Input[bool])

            • monitorDelay (pulumi.Input[str])

            • monitorMaxRetries (pulumi.Input[float])

            • monitorTimeout (pulumi.Input[str])

            • subnetId (pulumi.Input[str])

            • useOctavia (pulumi.Input[bool])

          • metadata (pulumi.Input[dict])

            • requestTimeout (pulumi.Input[float])

            • searchOrder (pulumi.Input[str])

          • route (pulumi.Input[dict])

            • routerId (pulumi.Input[str])

        • vsphereCloudProvider (pulumi.Input[dict])

          • disk (pulumi.Input[dict])

            • scsiControllerType (pulumi.Input[str])

          • global (pulumi.Input[dict])

            • datacenters (pulumi.Input[str])

            • insecureFlag (pulumi.Input[bool])

            • password (pulumi.Input[str])

            • port (pulumi.Input[str])

            • soapRoundtripCount (pulumi.Input[float])

            • user (pulumi.Input[str])

          • network (pulumi.Input[dict])

            • publicNetwork (pulumi.Input[str])

          • virtualCenters (pulumi.Input[list])

            • datacenters (pulumi.Input[str])

            • name (pulumi.Input[str]) - The cluster template revision name (string)

            • password (pulumi.Input[str])

            • port (pulumi.Input[str])

            • soapRoundtripCount (pulumi.Input[float])

            • user (pulumi.Input[str])

          • workspace (pulumi.Input[dict])

            • datacenter (pulumi.Input[str])

            • defaultDatastore (pulumi.Input[str])

            • folder (pulumi.Input[str])

            • resourcepoolPath (pulumi.Input[str])

            • server (pulumi.Input[str])

      • dns (pulumi.Input[dict])

        • nodeSelector (pulumi.Input[dict])

        • provider (pulumi.Input[str])

        • reverseCidrs (pulumi.Input[list])

        • upstreamNameservers (pulumi.Input[list])

      • ignoreDockerVersion (pulumi.Input[bool])

      • ingress (pulumi.Input[dict])

        • dnsPolicy (pulumi.Input[str])

        • extraArgs (pulumi.Input[dict])

        • nodeSelector (pulumi.Input[dict])

        • options (pulumi.Input[dict])

        • provider (pulumi.Input[str])

      • kubernetesVersion (pulumi.Input[str])

      • monitoring (pulumi.Input[dict])

        • options (pulumi.Input[dict])

        • provider (pulumi.Input[str])

      • network (pulumi.Input[dict])

        • calicoNetworkProvider (pulumi.Input[dict])

          • cloudProvider (pulumi.Input[str])

        • canalNetworkProvider (pulumi.Input[dict])

          • iface (pulumi.Input[str])

        • flannelNetworkProvider (pulumi.Input[dict])

          • iface (pulumi.Input[str])

        • mtu (pulumi.Input[float])

        • options (pulumi.Input[dict])

        • plugin (pulumi.Input[str])

        • weaveNetworkProvider (pulumi.Input[dict])

          • password (pulumi.Input[str])

      • nodes (pulumi.Input[list])

        • address (pulumi.Input[str])

        • dockerSocket (pulumi.Input[str])

        • hostnameOverride (pulumi.Input[str])

        • internalAddress (pulumi.Input[str])

        • labels (pulumi.Input[dict]) - Labels for the cluster template revision (map)

        • nodeId (pulumi.Input[str])

        • port (pulumi.Input[str])

        • roles (pulumi.Input[list])

        • sshAgentAuth (pulumi.Input[bool])

        • sshKey (pulumi.Input[str])

        • sshKeyPath (pulumi.Input[str])

        • user (pulumi.Input[str])

      • prefixPath (pulumi.Input[str])

      • privateRegistries (pulumi.Input[list])

        • isDefault (pulumi.Input[bool])

        • password (pulumi.Input[str])

        • url (pulumi.Input[str])

        • user (pulumi.Input[str])

      • services (pulumi.Input[dict])

        • etcd (pulumi.Input[dict])

          • backup_config (pulumi.Input[dict])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

            • intervalHours (pulumi.Input[float])

            • retention (pulumi.Input[float])

            • s3BackupConfig (pulumi.Input[dict])

                • access_key (pulumi.Input[str])* bucketName (pulumi.Input[str])

                • customCa (pulumi.Input[str])* endpoint (pulumi.Input[str])

                • folder (pulumi.Input[str])* region (pulumi.Input[str])

                • secret_key (pulumi.Input[str])

            • safeTimestamp (pulumi.Input[bool])

          • caCert (pulumi.Input[str])

          • cert (pulumi.Input[str])

          • creation (pulumi.Input[str])

          • externalUrls (pulumi.Input[list])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • gid (pulumi.Input[float])

          • image (pulumi.Input[str])

          • key (pulumi.Input[str])

          • path (pulumi.Input[str])

          • retention (pulumi.Input[str])

          • snapshot (pulumi.Input[bool])

          • uid (pulumi.Input[float])

        • kubeApi (pulumi.Input[dict])

          • admissionConfiguration (pulumi.Input[dict])

          • alwaysPullImages (pulumi.Input[bool])

          • auditLog (pulumi.Input[dict])

            • configuration (pulumi.Input[dict])

                • format (pulumi.Input[str])* maxAge (pulumi.Input[float])

                • maxBackup (pulumi.Input[float])* maxSize (pulumi.Input[float])

                • path (pulumi.Input[str])* policy (pulumi.Input[str])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

          • eventRateLimit (pulumi.Input[dict])

            • configuration (pulumi.Input[dict])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

          • podSecurityPolicy (pulumi.Input[bool])

          • secretsEncryptionConfig (pulumi.Input[dict])

            • customConfig (pulumi.Input[dict])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

          • serviceClusterIpRange (pulumi.Input[str])

          • serviceNodePortRange (pulumi.Input[str])

        • kubeController (pulumi.Input[dict])

          • clusterCidr (pulumi.Input[str])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

          • serviceClusterIpRange (pulumi.Input[str])

        • kubelet (pulumi.Input[dict])

          • clusterDnsServer (pulumi.Input[str])

          • clusterDomain (pulumi.Input[str])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • failSwapOn (pulumi.Input[bool])

          • generateServingCertificate (pulumi.Input[bool])

          • image (pulumi.Input[str])

          • infraContainerImage (pulumi.Input[str])

        • kubeproxy (pulumi.Input[dict])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

        • scheduler (pulumi.Input[dict])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

      • sshAgentAuth (pulumi.Input[bool])

      • sshCertPath (pulumi.Input[str])

      • sshKeyPath (pulumi.Input[str])

      • upgrade_strategy (pulumi.Input[dict])

        • drain (pulumi.Input[bool])

        • drainInput (pulumi.Input[dict])

          • deleteLocalData (pulumi.Input[bool])

          • force (pulumi.Input[bool])

          • gracePeriod (pulumi.Input[float])

          • ignoreDaemonSets (pulumi.Input[bool])

          • timeout (pulumi.Input[float])

        • maxUnavailableControlplane (pulumi.Input[str])

        • maxUnavailableWorker (pulumi.Input[str])

    • scheduled_cluster_scan (pulumi.Input[dict])

      • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

      • scanConfig (pulumi.Input[dict])

        • cisScanConfig (pulumi.Input[dict])

          • debugMaster (pulumi.Input[bool])

          • debugWorker (pulumi.Input[bool])

          • overrideBenchmarkVersion (pulumi.Input[str])

          • overrideSkips (pulumi.Input[list])

          • profile (pulumi.Input[str])

      • scheduleConfig (pulumi.Input[dict])

        • cronSchedule (pulumi.Input[str])

        • retention (pulumi.Input[float])

    • windows_prefered_cluster (pulumi.Input[bool]) - Windows prefered cluster. Default: false (bool)

  • cluster_template_id (pulumi.Input[str]) - Cluster template ID (string)

  • default (pulumi.Input[bool]) - Default variable value (string)

  • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

  • id (pulumi.Input[str]) - The cluster template revision ID (string)

  • labels (pulumi.Input[dict]) - Labels for the cluster template revision (map)

  • name (pulumi.Input[str]) - The cluster template revision name (string)

  • questions (pulumi.Input[list]) - Cluster template questions (list)

    • default (pulumi.Input[str]) - Default variable value (string)

    • required (pulumi.Input[bool]) - Required variable. Default false (bool)

    • type (pulumi.Input[str]) - Variable type. boolean, int and string are allowed. Default string (string)

    • variable (pulumi.Input[str]) - Variable name (string)

annotations = None

Annotations for the cluster template revision (map)

default_revision_id = None

(Computed) Default cluster template revision ID (string)

description = None

Cluster template description

labels = None

Labels for the cluster template revision (map)

members = None

Cluster template members (list)

  • accessType (str) - Member access type. Valid values: ["read-only" | "owner"] (string)

  • group_principal_id (str) - Member group principal id (string)

  • user_principal_id (str) - Member user principal id (string)

name = None

The cluster template revision name (string)

template_revisions = None

Cluster template revisions (list)

  • annotations (dict) - Annotations for the cluster template revision (map)

  • clusterConfig (dict) - Cluster configuration (list maxitem: 1)

    • cluster_auth_endpoint (dict) - Local cluster auth endpoint (list maxitems: 1)

      • ca_certs (str)

      • enabled (bool) - Enable cluster template revision. Default true (bool)

      • fqdn (str)

    • defaultClusterRoleForProjectMembers (str) - Default cluster role for project members (string)

    • default_pod_security_policy_template_id (str) - Default pod security policy template ID (string)

    • desired_agent_image (str) - Desired agent image (string)

    • desired_auth_image (str) - Desired auth image (string)

    • docker_root_dir (str) - Desired auth image (string)

    • enable_cluster_alerting (bool) - Enable built-in cluster alerting. Default: false (bool)

    • enable_cluster_monitoring (bool) - Enable built-in cluster monitoring. Default: false (bool)

    • enable_network_policy (bool) - Enable project network isolation. Default: false (bool)

    • rke_config (dict) - Rancher Kubernetes Engine Config (list maxitems: 1)

      • scheduled_cluster_scan- (Optional) Cluster scheduled cis scan. For Rancher v2.4.0 or above (List MaxItem:1)

      • addonJobTimeout (float)

      • addons (str)

      • addonsIncludes (list)

      • authentication (dict)

        • sans (list)

        • strategy (str)

      • authorization (dict)

        • mode (str)

        • options (dict)

      • bastionHost (dict)

        • address (str)

        • port (str)

        • sshAgentAuth (bool)

        • sshKey (str)

        • sshKeyPath (str)

        • user (str)

      • cloudProvider (dict)

        • awsCloudProvider (dict)

          • global (dict)

            • disableSecurityGroupIngress (bool)

            • disableStrictZoneCheck (bool)

            • elbSecurityGroup (str)

            • kubernetesClusterId (str)

            • kubernetesClusterTag (str)

            • roleArn (str)

            • routeTableId (str)

            • subnetId (str)

            • vpc (str)

            • zone (str)

          • serviceOverrides (list)

            • region (str)

            • service (str)

            • signingMethod (str)

            • signingName (str)

            • signingRegion (str)

            • url (str)

        • azureCloudProvider (dict)

          • aadClientCertPassword (str)

          • aadClientCertPath (str)

          • aadClientId (str)

          • aadClientSecret (str)

          • cloud (str)

          • cloudProviderBackoff (bool)

          • cloudProviderBackoffDuration (float)

          • cloudProviderBackoffExponent (float)

          • cloudProviderBackoffJitter (float)

          • cloudProviderBackoffRetries (float)

          • cloudProviderRateLimit (bool)

          • cloudProviderRateLimitBucket (float)

          • cloudProviderRateLimitQps (float)

          • location (str)

          • maximumLoadBalancerRuleCount (float)

          • primaryAvailabilitySetName (str)

          • primaryScaleSetName (str)

          • resourceGroup (str)

          • routeTableName (str)

          • securityGroupName (str)

          • subnetName (str)

          • subscriptionId (str)

          • tenant_id (str)

          • useInstanceMetadata (bool)

          • useManagedIdentityExtension (bool)

          • vmType (str)

          • vnetName (str)

          • vnetResourceGroup (str)

        • customCloudProvider (str)

        • name (str) - The cluster template revision name (string)

        • openstackCloudProvider (dict)

          • blockStorage (dict)

            • bsVersion (str)

            • ignoreVolumeAz (bool)

            • trustDevicePath (bool)

          • global (dict)

            • authUrl (str)

            • caFile (str)

            • domainId (str)

            • domainName (str)

            • password (str)

            • region (str)

            • tenant_id (str)

            • tenantName (str)

            • trustId (str)

            • username (str)

          • loadBalancer (dict)

            • createMonitor (bool)

            • floatingNetworkId (str)

            • lbMethod (str)

            • lbProvider (str)

            • lbVersion (str)

            • manageSecurityGroups (bool)

            • monitorDelay (str)

            • monitorMaxRetries (float)

            • monitorTimeout (str)

            • subnetId (str)

            • useOctavia (bool)

          • metadata (dict)

            • requestTimeout (float)

            • searchOrder (str)

          • route (dict)

            • routerId (str)

        • vsphereCloudProvider (dict)

          • disk (dict)

            • scsiControllerType (str)

          • global (dict)

            • datacenters (str)

            • insecureFlag (bool)

            • password (str)

            • port (str)

            • soapRoundtripCount (float)

            • user (str)

          • network (dict)

            • publicNetwork (str)

          • virtualCenters (list)

            • datacenters (str)

            • name (str) - The cluster template revision name (string)

            • password (str)

            • port (str)

            • soapRoundtripCount (float)

            • user (str)

          • workspace (dict)

            • datacenter (str)

            • defaultDatastore (str)

            • folder (str)

            • resourcepoolPath (str)

            • server (str)

      • dns (dict)

        • nodeSelector (dict)

        • provider (str)

        • reverseCidrs (list)

        • upstreamNameservers (list)

      • ignoreDockerVersion (bool)

      • ingress (dict)

        • dnsPolicy (str)

        • extraArgs (dict)

        • nodeSelector (dict)

        • options (dict)

        • provider (str)

      • kubernetesVersion (str)

      • monitoring (dict)

        • options (dict)

        • provider (str)

      • network (dict)

        • calicoNetworkProvider (dict)

          • cloudProvider (str)

        • canalNetworkProvider (dict)

          • iface (str)

        • flannelNetworkProvider (dict)

          • iface (str)

        • mtu (float)

        • options (dict)

        • plugin (str)

        • weaveNetworkProvider (dict)

          • password (str)

      • nodes (list)

        • address (str)

        • dockerSocket (str)

        • hostnameOverride (str)

        • internalAddress (str)

        • labels (dict) - Labels for the cluster template revision (map)

        • nodeId (str)

        • port (str)

        • roles (list)

        • sshAgentAuth (bool)

        • sshKey (str)

        • sshKeyPath (str)

        • user (str)

      • prefixPath (str)

      • privateRegistries (list)

        • isDefault (bool)

        • password (str)

        • url (str)

        • user (str)

      • services (dict)

        • etcd (dict)

          • backup_config (dict)

            • enabled (bool) - Enable cluster template revision. Default true (bool)

            • intervalHours (float)

            • retention (float)

            • s3BackupConfig (dict)

                • access_key (str)* bucketName (str)

                • customCa (str)* endpoint (str)

                • folder (str)* region (str)

                • secret_key (str)

            • safeTimestamp (bool)

          • caCert (str)

          • cert (str)

          • creation (str)

          • externalUrls (list)

          • extraArgs (dict)

          • extraBinds (list)

          • extraEnvs (list)

          • gid (float)

          • image (str)

          • key (str)

          • path (str)

          • retention (str)

          • snapshot (bool)

          • uid (float)

        • kubeApi (dict)

          • admissionConfiguration (dict)

          • alwaysPullImages (bool)

          • auditLog (dict)

            • configuration (dict)

                • format (str)* maxAge (float)

                • maxBackup (float)* maxSize (float)

                • path (str)* policy (str)

            • enabled (bool) - Enable cluster template revision. Default true (bool)

          • eventRateLimit (dict)

            • configuration (dict)

            • enabled (bool) - Enable cluster template revision. Default true (bool)

          • extraArgs (dict)

          • extraBinds (list)

          • extraEnvs (list)

          • image (str)

          • podSecurityPolicy (bool)

          • secretsEncryptionConfig (dict)

            • customConfig (dict)

            • enabled (bool) - Enable cluster template revision. Default true (bool)

          • serviceClusterIpRange (str)

          • serviceNodePortRange (str)

        • kubeController (dict)

          • clusterCidr (str)

          • extraArgs (dict)

          • extraBinds (list)

          • extraEnvs (list)

          • image (str)

          • serviceClusterIpRange (str)

        • kubelet (dict)

          • clusterDnsServer (str)

          • clusterDomain (str)

          • extraArgs (dict)

          • extraBinds (list)

          • extraEnvs (list)

          • failSwapOn (bool)

          • generateServingCertificate (bool)

          • image (str)

          • infraContainerImage (str)

        • kubeproxy (dict)

          • extraArgs (dict)

          • extraBinds (list)

          • extraEnvs (list)

          • image (str)

        • scheduler (dict)

          • extraArgs (dict)

          • extraBinds (list)

          • extraEnvs (list)

          • image (str)

      • sshAgentAuth (bool)

      • sshCertPath (str)

      • sshKeyPath (str)

      • upgrade_strategy (dict)

        • drain (bool)

        • drainInput (dict)

          • deleteLocalData (bool)

          • force (bool)

          • gracePeriod (float)

          • ignoreDaemonSets (bool)

          • timeout (float)

        • maxUnavailableControlplane (str)

        • maxUnavailableWorker (str)

    • scheduled_cluster_scan (dict)

      • enabled (bool) - Enable cluster template revision. Default true (bool)

      • scanConfig (dict)

        • cisScanConfig (dict)

          • debugMaster (bool)

          • debugWorker (bool)

          • overrideBenchmarkVersion (str)

          • overrideSkips (list)

          • profile (str)

      • scheduleConfig (dict)

        • cronSchedule (str)

        • retention (float)

    • windows_prefered_cluster (bool) - Windows prefered cluster. Default: false (bool)

  • cluster_template_id (str) - Cluster template ID (string)

  • default (bool) - Default variable value (string)

  • enabled (bool) - Enable cluster template revision. Default true (bool)

  • id (str) - The cluster template revision ID (string)

  • labels (dict) - Labels for the cluster template revision (map)

  • name (str) - The cluster template revision name (string)

  • questions (list) - Cluster template questions (list)

    • default (str) - Default variable value (string)

    • required (bool) - Required variable. Default false (bool)

    • type (str) - Variable type. boolean, int and string are allowed. Default string (string)

    • variable (str) - Variable name (string)

static get(resource_name, id, opts=None, annotations=None, default_revision_id=None, description=None, labels=None, members=None, name=None, template_revisions=None)

Get an existing ClusterTemplate resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for the cluster template revision (map)

  • default_revision_id (pulumi.Input[str]) – (Computed) Default cluster template revision ID (string)

  • description (pulumi.Input[str]) – Cluster template description

  • labels (pulumi.Input[dict]) – Labels for the cluster template revision (map)

  • members (pulumi.Input[list]) – Cluster template members (list)

  • name (pulumi.Input[str]) – The cluster template revision name (string)

  • template_revisions (pulumi.Input[list]) – Cluster template revisions (list)

The members object supports the following:

  • accessType (pulumi.Input[str]) - Member access type. Valid values: ["read-only" | "owner"] (string)

  • group_principal_id (pulumi.Input[str]) - Member group principal id (string)

  • user_principal_id (pulumi.Input[str]) - Member user principal id (string)

The template_revisions object supports the following:

  • annotations (pulumi.Input[dict]) - Annotations for the cluster template revision (map)

  • clusterConfig (pulumi.Input[dict]) - Cluster configuration (list maxitem: 1)

    • cluster_auth_endpoint (pulumi.Input[dict]) - Local cluster auth endpoint (list maxitems: 1)

      • ca_certs (pulumi.Input[str])

      • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

      • fqdn (pulumi.Input[str])

    • defaultClusterRoleForProjectMembers (pulumi.Input[str]) - Default cluster role for project members (string)

    • default_pod_security_policy_template_id (pulumi.Input[str]) - Default pod security policy template ID (string)

    • desired_agent_image (pulumi.Input[str]) - Desired agent image (string)

    • desired_auth_image (pulumi.Input[str]) - Desired auth image (string)

    • docker_root_dir (pulumi.Input[str]) - Desired auth image (string)

    • enable_cluster_alerting (pulumi.Input[bool]) - Enable built-in cluster alerting. Default: false (bool)

    • enable_cluster_monitoring (pulumi.Input[bool]) - Enable built-in cluster monitoring. Default: false (bool)

    • enable_network_policy (pulumi.Input[bool]) - Enable project network isolation. Default: false (bool)

    • rke_config (pulumi.Input[dict]) - Rancher Kubernetes Engine Config (list maxitems: 1)

      • scheduled_cluster_scan- (Optional) Cluster scheduled cis scan. For Rancher v2.4.0 or above (List MaxItem:1)

      • addonJobTimeout (pulumi.Input[float])

      • addons (pulumi.Input[str])

      • addonsIncludes (pulumi.Input[list])

      • authentication (pulumi.Input[dict])

        • sans (pulumi.Input[list])

        • strategy (pulumi.Input[str])

      • authorization (pulumi.Input[dict])

        • mode (pulumi.Input[str])

        • options (pulumi.Input[dict])

      • bastionHost (pulumi.Input[dict])

        • address (pulumi.Input[str])

        • port (pulumi.Input[str])

        • sshAgentAuth (pulumi.Input[bool])

        • sshKey (pulumi.Input[str])

        • sshKeyPath (pulumi.Input[str])

        • user (pulumi.Input[str])

      • cloudProvider (pulumi.Input[dict])

        • awsCloudProvider (pulumi.Input[dict])

          • global (pulumi.Input[dict])

            • disableSecurityGroupIngress (pulumi.Input[bool])

            • disableStrictZoneCheck (pulumi.Input[bool])

            • elbSecurityGroup (pulumi.Input[str])

            • kubernetesClusterId (pulumi.Input[str])

            • kubernetesClusterTag (pulumi.Input[str])

            • roleArn (pulumi.Input[str])

            • routeTableId (pulumi.Input[str])

            • subnetId (pulumi.Input[str])

            • vpc (pulumi.Input[str])

            • zone (pulumi.Input[str])

          • serviceOverrides (pulumi.Input[list])

            • region (pulumi.Input[str])

            • service (pulumi.Input[str])

            • signingMethod (pulumi.Input[str])

            • signingName (pulumi.Input[str])

            • signingRegion (pulumi.Input[str])

            • url (pulumi.Input[str])

        • azureCloudProvider (pulumi.Input[dict])

          • aadClientCertPassword (pulumi.Input[str])

          • aadClientCertPath (pulumi.Input[str])

          • aadClientId (pulumi.Input[str])

          • aadClientSecret (pulumi.Input[str])

          • cloud (pulumi.Input[str])

          • cloudProviderBackoff (pulumi.Input[bool])

          • cloudProviderBackoffDuration (pulumi.Input[float])

          • cloudProviderBackoffExponent (pulumi.Input[float])

          • cloudProviderBackoffJitter (pulumi.Input[float])

          • cloudProviderBackoffRetries (pulumi.Input[float])

          • cloudProviderRateLimit (pulumi.Input[bool])

          • cloudProviderRateLimitBucket (pulumi.Input[float])

          • cloudProviderRateLimitQps (pulumi.Input[float])

          • location (pulumi.Input[str])

          • maximumLoadBalancerRuleCount (pulumi.Input[float])

          • primaryAvailabilitySetName (pulumi.Input[str])

          • primaryScaleSetName (pulumi.Input[str])

          • resourceGroup (pulumi.Input[str])

          • routeTableName (pulumi.Input[str])

          • securityGroupName (pulumi.Input[str])

          • subnetName (pulumi.Input[str])

          • subscriptionId (pulumi.Input[str])

          • tenant_id (pulumi.Input[str])

          • useInstanceMetadata (pulumi.Input[bool])

          • useManagedIdentityExtension (pulumi.Input[bool])

          • vmType (pulumi.Input[str])

          • vnetName (pulumi.Input[str])

          • vnetResourceGroup (pulumi.Input[str])

        • customCloudProvider (pulumi.Input[str])

        • name (pulumi.Input[str]) - The cluster template revision name (string)

        • openstackCloudProvider (pulumi.Input[dict])

          • blockStorage (pulumi.Input[dict])

            • bsVersion (pulumi.Input[str])

            • ignoreVolumeAz (pulumi.Input[bool])

            • trustDevicePath (pulumi.Input[bool])

          • global (pulumi.Input[dict])

            • authUrl (pulumi.Input[str])

            • caFile (pulumi.Input[str])

            • domainId (pulumi.Input[str])

            • domainName (pulumi.Input[str])

            • password (pulumi.Input[str])

            • region (pulumi.Input[str])

            • tenant_id (pulumi.Input[str])

            • tenantName (pulumi.Input[str])

            • trustId (pulumi.Input[str])

            • username (pulumi.Input[str])

          • loadBalancer (pulumi.Input[dict])

            • createMonitor (pulumi.Input[bool])

            • floatingNetworkId (pulumi.Input[str])

            • lbMethod (pulumi.Input[str])

            • lbProvider (pulumi.Input[str])

            • lbVersion (pulumi.Input[str])

            • manageSecurityGroups (pulumi.Input[bool])

            • monitorDelay (pulumi.Input[str])

            • monitorMaxRetries (pulumi.Input[float])

            • monitorTimeout (pulumi.Input[str])

            • subnetId (pulumi.Input[str])

            • useOctavia (pulumi.Input[bool])

          • metadata (pulumi.Input[dict])

            • requestTimeout (pulumi.Input[float])

            • searchOrder (pulumi.Input[str])

          • route (pulumi.Input[dict])

            • routerId (pulumi.Input[str])

        • vsphereCloudProvider (pulumi.Input[dict])

          • disk (pulumi.Input[dict])

            • scsiControllerType (pulumi.Input[str])

          • global (pulumi.Input[dict])

            • datacenters (pulumi.Input[str])

            • insecureFlag (pulumi.Input[bool])

            • password (pulumi.Input[str])

            • port (pulumi.Input[str])

            • soapRoundtripCount (pulumi.Input[float])

            • user (pulumi.Input[str])

          • network (pulumi.Input[dict])

            • publicNetwork (pulumi.Input[str])

          • virtualCenters (pulumi.Input[list])

            • datacenters (pulumi.Input[str])

            • name (pulumi.Input[str]) - The cluster template revision name (string)

            • password (pulumi.Input[str])

            • port (pulumi.Input[str])

            • soapRoundtripCount (pulumi.Input[float])

            • user (pulumi.Input[str])

          • workspace (pulumi.Input[dict])

            • datacenter (pulumi.Input[str])

            • defaultDatastore (pulumi.Input[str])

            • folder (pulumi.Input[str])

            • resourcepoolPath (pulumi.Input[str])

            • server (pulumi.Input[str])

      • dns (pulumi.Input[dict])

        • nodeSelector (pulumi.Input[dict])

        • provider (pulumi.Input[str])

        • reverseCidrs (pulumi.Input[list])

        • upstreamNameservers (pulumi.Input[list])

      • ignoreDockerVersion (pulumi.Input[bool])

      • ingress (pulumi.Input[dict])

        • dnsPolicy (pulumi.Input[str])

        • extraArgs (pulumi.Input[dict])

        • nodeSelector (pulumi.Input[dict])

        • options (pulumi.Input[dict])

        • provider (pulumi.Input[str])

      • kubernetesVersion (pulumi.Input[str])

      • monitoring (pulumi.Input[dict])

        • options (pulumi.Input[dict])

        • provider (pulumi.Input[str])

      • network (pulumi.Input[dict])

        • calicoNetworkProvider (pulumi.Input[dict])

          • cloudProvider (pulumi.Input[str])

        • canalNetworkProvider (pulumi.Input[dict])

          • iface (pulumi.Input[str])

        • flannelNetworkProvider (pulumi.Input[dict])

          • iface (pulumi.Input[str])

        • mtu (pulumi.Input[float])

        • options (pulumi.Input[dict])

        • plugin (pulumi.Input[str])

        • weaveNetworkProvider (pulumi.Input[dict])

          • password (pulumi.Input[str])

      • nodes (pulumi.Input[list])

        • address (pulumi.Input[str])

        • dockerSocket (pulumi.Input[str])

        • hostnameOverride (pulumi.Input[str])

        • internalAddress (pulumi.Input[str])

        • labels (pulumi.Input[dict]) - Labels for the cluster template revision (map)

        • nodeId (pulumi.Input[str])

        • port (pulumi.Input[str])

        • roles (pulumi.Input[list])

        • sshAgentAuth (pulumi.Input[bool])

        • sshKey (pulumi.Input[str])

        • sshKeyPath (pulumi.Input[str])

        • user (pulumi.Input[str])

      • prefixPath (pulumi.Input[str])

      • privateRegistries (pulumi.Input[list])

        • isDefault (pulumi.Input[bool])

        • password (pulumi.Input[str])

        • url (pulumi.Input[str])

        • user (pulumi.Input[str])

      • services (pulumi.Input[dict])

        • etcd (pulumi.Input[dict])

          • backup_config (pulumi.Input[dict])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

            • intervalHours (pulumi.Input[float])

            • retention (pulumi.Input[float])

            • s3BackupConfig (pulumi.Input[dict])

                • access_key (pulumi.Input[str])* bucketName (pulumi.Input[str])

                • customCa (pulumi.Input[str])* endpoint (pulumi.Input[str])

                • folder (pulumi.Input[str])* region (pulumi.Input[str])

                • secret_key (pulumi.Input[str])

            • safeTimestamp (pulumi.Input[bool])

          • caCert (pulumi.Input[str])

          • cert (pulumi.Input[str])

          • creation (pulumi.Input[str])

          • externalUrls (pulumi.Input[list])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • gid (pulumi.Input[float])

          • image (pulumi.Input[str])

          • key (pulumi.Input[str])

          • path (pulumi.Input[str])

          • retention (pulumi.Input[str])

          • snapshot (pulumi.Input[bool])

          • uid (pulumi.Input[float])

        • kubeApi (pulumi.Input[dict])

          • admissionConfiguration (pulumi.Input[dict])

          • alwaysPullImages (pulumi.Input[bool])

          • auditLog (pulumi.Input[dict])

            • configuration (pulumi.Input[dict])

                • format (pulumi.Input[str])* maxAge (pulumi.Input[float])

                • maxBackup (pulumi.Input[float])* maxSize (pulumi.Input[float])

                • path (pulumi.Input[str])* policy (pulumi.Input[str])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

          • eventRateLimit (pulumi.Input[dict])

            • configuration (pulumi.Input[dict])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

          • podSecurityPolicy (pulumi.Input[bool])

          • secretsEncryptionConfig (pulumi.Input[dict])

            • customConfig (pulumi.Input[dict])

            • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

          • serviceClusterIpRange (pulumi.Input[str])

          • serviceNodePortRange (pulumi.Input[str])

        • kubeController (pulumi.Input[dict])

          • clusterCidr (pulumi.Input[str])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

          • serviceClusterIpRange (pulumi.Input[str])

        • kubelet (pulumi.Input[dict])

          • clusterDnsServer (pulumi.Input[str])

          • clusterDomain (pulumi.Input[str])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • failSwapOn (pulumi.Input[bool])

          • generateServingCertificate (pulumi.Input[bool])

          • image (pulumi.Input[str])

          • infraContainerImage (pulumi.Input[str])

        • kubeproxy (pulumi.Input[dict])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

        • scheduler (pulumi.Input[dict])

          • extraArgs (pulumi.Input[dict])

          • extraBinds (pulumi.Input[list])

          • extraEnvs (pulumi.Input[list])

          • image (pulumi.Input[str])

      • sshAgentAuth (pulumi.Input[bool])

      • sshCertPath (pulumi.Input[str])

      • sshKeyPath (pulumi.Input[str])

      • upgrade_strategy (pulumi.Input[dict])

        • drain (pulumi.Input[bool])

        • drainInput (pulumi.Input[dict])

          • deleteLocalData (pulumi.Input[bool])

          • force (pulumi.Input[bool])

          • gracePeriod (pulumi.Input[float])

          • ignoreDaemonSets (pulumi.Input[bool])

          • timeout (pulumi.Input[float])

        • maxUnavailableControlplane (pulumi.Input[str])

        • maxUnavailableWorker (pulumi.Input[str])

    • scheduled_cluster_scan (pulumi.Input[dict])

      • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

      • scanConfig (pulumi.Input[dict])

        • cisScanConfig (pulumi.Input[dict])

          • debugMaster (pulumi.Input[bool])

          • debugWorker (pulumi.Input[bool])

          • overrideBenchmarkVersion (pulumi.Input[str])

          • overrideSkips (pulumi.Input[list])

          • profile (pulumi.Input[str])

      • scheduleConfig (pulumi.Input[dict])

        • cronSchedule (pulumi.Input[str])

        • retention (pulumi.Input[float])

    • windows_prefered_cluster (pulumi.Input[bool]) - Windows prefered cluster. Default: false (bool)

  • cluster_template_id (pulumi.Input[str]) - Cluster template ID (string)

  • default (pulumi.Input[bool]) - Default variable value (string)

  • enabled (pulumi.Input[bool]) - Enable cluster template revision. Default true (bool)

  • id (pulumi.Input[str]) - The cluster template revision ID (string)

  • labels (pulumi.Input[dict]) - Labels for the cluster template revision (map)

  • name (pulumi.Input[str]) - The cluster template revision name (string)

  • questions (pulumi.Input[list]) - Cluster template questions (list)

    • default (pulumi.Input[str]) - Default variable value (string)

    • required (pulumi.Input[bool]) - Required variable. Default false (bool)

    • type (pulumi.Input[str]) - Variable type. boolean, int and string are allowed. Default string (string)

    • variable (pulumi.Input[str]) - Variable name (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.EtcdBackup(resource_name, opts=None, annotations=None, backup_config=None, cluster_id=None, filename=None, labels=None, manual=None, name=None, namespace_id=None, __props__=None, __name__=None, __opts__=None)

Create a EtcdBackup resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] annotations: Annotations for Etcd Backup object (map) :param pulumi.Input[dict] backup_config: Backup config for etcd backup (list maxitems:1) :param pulumi.Input[str] cluster_id: Cluster ID to config Etcd Backup (string) :param pulumi.Input[str] filename: Filename of the Etcd Backup (string) :param pulumi.Input[dict] labels: Labels for Etcd Backup object (map) :param pulumi.Input[bool] manual: Manual execution of the Etcd Backup. Default false (bool) :param pulumi.Input[str] name: The name of the Etcd Backup (string) :param pulumi.Input[str] namespace_id: Description for the Etcd Backup (string)

The backup_config object supports the following:

  • enabled (pulumi.Input[bool]) - Enable etcd backup (bool)

  • intervalHours (pulumi.Input[float]) - Interval hours for etcd backup. Default 12 (int)

  • retention (pulumi.Input[float]) - Retention for etcd backup. Default 6 (int)

  • s3BackupConfig (pulumi.Input[dict]) - S3 config options for etcd backup. Valid for imported and rke clusters. (list maxitems:1)

    • access_key (pulumi.Input[str]) - Access key for S3 service (string)

    • bucketName (pulumi.Input[str]) - Bucket name for S3 service (string)

    • customCa (pulumi.Input[str]) - Base64 encoded custom CA for S3 service. Use filebase64() for encoding file. Available from Rancher v2.2.5 (string)

    • endpoint (pulumi.Input[str]) - Endpoint for S3 service (string)

    • folder (pulumi.Input[str]) - Folder for S3 service. Available from Rancher v2.2.7 (string)

    • region (pulumi.Input[str]) - Region for S3 service (string)

    • secret_key (pulumi.Input[str]) - Secret key for S3 service (string)

  • safeTimestamp (pulumi.Input[bool])

annotations = None

Annotations for Etcd Backup object (map)

backup_config = None

Backup config for etcd backup (list maxitems:1)

  • enabled (bool) - Enable etcd backup (bool)

  • intervalHours (float) - Interval hours for etcd backup. Default 12 (int)

  • retention (float) - Retention for etcd backup. Default 6 (int)

  • s3BackupConfig (dict) - S3 config options for etcd backup. Valid for imported and rke clusters. (list maxitems:1)

    • access_key (str) - Access key for S3 service (string)

    • bucketName (str) - Bucket name for S3 service (string)

    • customCa (str) - Base64 encoded custom CA for S3 service. Use filebase64() for encoding file. Available from Rancher v2.2.5 (string)

    • endpoint (str) - Endpoint for S3 service (string)

    • folder (str) - Folder for S3 service. Available from Rancher v2.2.7 (string)

    • region (str) - Region for S3 service (string)

    • secret_key (str) - Secret key for S3 service (string)

  • safeTimestamp (bool)

cluster_id = None

Cluster ID to config Etcd Backup (string)

filename = None

Filename of the Etcd Backup (string)

labels = None

Labels for Etcd Backup object (map)

manual = None

Manual execution of the Etcd Backup. Default false (bool)

name = None

The name of the Etcd Backup (string)

namespace_id = None

Description for the Etcd Backup (string)

static get(resource_name, id, opts=None, annotations=None, backup_config=None, cluster_id=None, filename=None, labels=None, manual=None, name=None, namespace_id=None)

Get an existing EtcdBackup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for Etcd Backup object (map)

  • backup_config (pulumi.Input[dict]) – Backup config for etcd backup (list maxitems:1)

  • cluster_id (pulumi.Input[str]) – Cluster ID to config Etcd Backup (string)

  • filename (pulumi.Input[str]) – Filename of the Etcd Backup (string)

  • labels (pulumi.Input[dict]) – Labels for Etcd Backup object (map)

  • manual (pulumi.Input[bool]) – Manual execution of the Etcd Backup. Default false (bool)

  • name (pulumi.Input[str]) – The name of the Etcd Backup (string)

  • namespace_id (pulumi.Input[str]) – Description for the Etcd Backup (string)

The backup_config object supports the following:

  • enabled (pulumi.Input[bool]) - Enable etcd backup (bool)

  • intervalHours (pulumi.Input[float]) - Interval hours for etcd backup. Default 12 (int)

  • retention (pulumi.Input[float]) - Retention for etcd backup. Default 6 (int)

  • s3BackupConfig (pulumi.Input[dict]) - S3 config options for etcd backup. Valid for imported and rke clusters. (list maxitems:1)

    • access_key (pulumi.Input[str]) - Access key for S3 service (string)

    • bucketName (pulumi.Input[str]) - Bucket name for S3 service (string)

    • customCa (pulumi.Input[str]) - Base64 encoded custom CA for S3 service. Use filebase64() for encoding file. Available from Rancher v2.2.5 (string)

    • endpoint (pulumi.Input[str]) - Endpoint for S3 service (string)

    • folder (pulumi.Input[str]) - Folder for S3 service. Available from Rancher v2.2.7 (string)

    • region (pulumi.Input[str]) - Region for S3 service (string)

    • secret_key (pulumi.Input[str]) - Secret key for S3 service (string)

  • safeTimestamp (pulumi.Input[bool])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.GetAppResult(annotations=None, answers=None, catalog_name=None, description=None, external_id=None, id=None, labels=None, name=None, project_id=None, revision_id=None, target_namespace=None, template_name=None, template_version=None, values_yaml=None)

A collection of values returned by getApp.

annotations = None

(Computed) Annotations for the catalog (map)

answers = None

(Computed) Answers for the app (map)

catalog_name = None

(Computed) Catalog name of the app (string)

description = None

(Computed) Description for the app (string)

external_id = None

(Computed) The URL of the helm catalog app (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for the catalog (map)

revision_id = None

(Computed) Current revision id for the app (string)

template_name = None

(Computed) Template name of the app (string)

template_version = None

(Computed) Template version of the app (string)

values_yaml = None

(Computed) values.yaml base64 encoded file content for the app (string)

class pulumi_rancher2.GetCatalogResult(annotations=None, branch=None, cluster_id=None, description=None, id=None, kind=None, labels=None, name=None, password=None, project_id=None, scope=None, url=None, username=None, version=None)

A collection of values returned by getCatalog.

annotations = None

(Computed) Annotations for the catalog (map)

branch = None

(Computed) The branch of the catalog repo to use (string)

cluster_id = None

(Computed) The cluster id of the catalog (string)

description = None

(Computed) A catalog description (string)

id = None

id is the provider-assigned unique ID for this managed resource.

kind = None

(Computed) The kind of the catalog. Just helm by the moment (string)

labels = None

(Computed) Labels for the catalog (map)

password = None

(Computed/Sensitive) The password to access the catalog if needed (string)

project_id = None

(Computed) The project id of the catalog (string)

url = None

(Computed) The url of the catalog repo (string)

username = None

(Computed/Sensitive) The username to access the catalog if needed (string)

version = None

(Computed) Helm version for the catalog (string)

class pulumi_rancher2.GetCertificateResult(annotations=None, certs=None, description=None, id=None, labels=None, name=None, namespace_id=None, project_id=None)

A collection of values returned by getCertificate.

annotations = None

(Computed) Annotations for certificate object (map)

certs = None

(Computed) Base64 encoded certs (string)

description = None

(Computed) A certificate description (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for certificate object (map)

class pulumi_rancher2.GetCloudCredentialResult(annotations=None, id=None, labels=None, name=None)

A collection of values returned by getCloudCredential.

annotations = None

(Computed) Annotations for the Cloud Credential (map)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for the Cloud Credential (map)

class pulumi_rancher2.GetClusterAlertGroupResult(annotations=None, cluster_id=None, description=None, group_interval_seconds=None, group_wait_seconds=None, id=None, labels=None, name=None, recipients=None, repeat_interval_seconds=None)

A collection of values returned by getClusterAlertGroup.

annotations = None

(Computed) The cluster alert group annotations (map)

description = None

(Computed) The cluster alert group description (string)

group_interval_seconds = None

(Computed) The cluster alert group interval seconds. Default: 180 (int)

group_wait_seconds = None

(Computed) The cluster alert group wait seconds. Default: 180 (int)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) The cluster alert group labels (map)

recipients = None

(Computed) The cluster alert group recipients (list)

repeat_interval_seconds = None

(Computed) The cluster alert group wait seconds. Default: 3600 (int)

class pulumi_rancher2.GetClusterAlterRuleResult(annotations=None, cluster_id=None, event_rule=None, group_id=None, group_interval_seconds=None, group_wait_seconds=None, id=None, inherited=None, labels=None, metric_rule=None, name=None, node_rule=None, repeat_interval_seconds=None, severity=None, system_service_rule=None)

A collection of values returned by getClusterAlterRule.

annotations = None

(Computed) The cluster alert rule annotations (map)

event_rule = None

(Computed) The cluster alert rule event rule. ConflictsWith: “metric_rule”, “node_rule”, “system_service_rule”` (list Maxitems:1)

group_id = None

(Computed) The cluster alert rule alert group ID (string)

group_interval_seconds = None

(Computed) The cluster alert rule group interval seconds. Default: 180 (int)

group_wait_seconds = None

(Computed) The cluster alert rule group wait seconds. Default: 180 (int)

id = None

id is the provider-assigned unique ID for this managed resource.

inherited = None

(Computed) The cluster alert rule inherited. Default: true (bool)

labels = None

(Computed) The cluster alert rule labels (map)

metric_rule = None

(Computed) The cluster alert rule metric rule. ConflictsWith: “event_rule”, “node_rule”, “system_service_rule”` (list Maxitems:1)

node_rule = None

(Computed) The cluster alert rule node rule. ConflictsWith: “event_rule”, “metric_rule”, “system_service_rule”` (list Maxitems:1)

repeat_interval_seconds = None

(Optional) The cluster alert rule wait seconds. Default: 3600 (int)

severity = None

(Computed) The cluster alert rule severity. Supported values : "critical" | "info" | "warning". Default: critical (string)

system_service_rule = None

(Computed) The cluster alert rule system service rule. ConflictsWith: “event_rule”, “metric_rule”, “node_rule”` (list Maxitems:1)

class pulumi_rancher2.GetClusterDriverResult(active=None, actual_url=None, annotations=None, builtin=None, checksum=None, id=None, labels=None, name=None, ui_url=None, url=None, whitelist_domains=None)

A collection of values returned by getClusterDriver.

active = None

(Computed) Specify if the cluster driver state (bool)

actual_url = None

(Computed) Actual url of the cluster driver (string)

annotations = None

(Computed) Annotations of the resource (map)

builtin = None

(Computed) Specify whether the cluster driver is an internal cluster driver or not (bool)

checksum = None

(Computed) Verify that the downloaded driver matches the expected checksum (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the resource (map)

ui_url = None

(Computed) The URL to load for customized Add Clusters screen for this driver (string)

whitelist_domains = None

(Computed) Domains to whitelist for the ui (list)

class pulumi_rancher2.GetClusterLoggingResult(annotations=None, cluster_id=None, custom_target_config=None, elasticsearch_config=None, enable_json_parsing=None, fluentd_config=None, id=None, kafka_config=None, kind=None, labels=None, name=None, namespace_id=None, output_flush_interval=None, output_tags=None, splunk_config=None, syslog_config=None)

A collection of values returned by getClusterLogging.

annotations = None

(Computed) Annotations for Cluster Logging object (map)

elasticsearch_config = None

(Computed) The elasticsearch config for Cluster Logging. For kind = elasticsearch (list maxitems:1)

fluentd_config = None

(Computed) The fluentd config for Cluster Logging. For kind = fluentd (list maxitems:1)

id = None

id is the provider-assigned unique ID for this managed resource.

kafka_config = None

(Computed) The kafka config for Cluster Logging. For kind = kafka (list maxitems:1)

kind = None

(Computed) The kind of the Cluster Logging. elasticsearch, fluentd, kafka, splunk and syslog are supported (string)

labels = None

(Computed) Labels for Cluster Logging object (map)

name = None

(Computed) The name of the cluster logging config (string)

namespace_id = None

(Computed) The namespace id from cluster logging (string)

output_flush_interval = None

(Computed) How often buffered logs would be flushed. Default: 3 seconds (int)

output_tags = None

(computed) The output tags for Cluster Logging (map)

splunk_config = None

(Computed) The splunk config for Cluster Logging. For kind = splunk (list maxitems:1)

syslog_config = None

(Computed) The syslog config for Cluster Logging. For kind = syslog (list maxitems:1)

class pulumi_rancher2.GetClusterResult(aks_config=None, annotations=None, cluster_auth_endpoint=None, cluster_monitoring_input=None, cluster_registration_token=None, cluster_template_answers=None, cluster_template_id=None, cluster_template_questions=None, cluster_template_revision_id=None, default_pod_security_policy_template_id=None, default_project_id=None, description=None, driver=None, eks_config=None, enable_cluster_alerting=None, enable_cluster_monitoring=None, enable_network_policy=None, gke_config=None, id=None, k3s_config=None, kube_config=None, labels=None, name=None, rke_config=None, scheduled_cluster_scans=None, system_project_id=None)

A collection of values returned by getCluster.

aks_config = None

(Computed) The Azure aks configuration for aks Clusters. Conflicts with eks_config, gke_config and rke_config (list maxitems:1)

annotations = None

(Computed) Annotations for Node Pool object (map)

cluster_auth_endpoint = None

(Computed) Enabling the local cluster authorized endpoint allows direct communication with the cluster, bypassing the Rancher API proxy. (list maxitems:1)

cluster_monitoring_input = None

(Computed) Cluster monitoring config (list maxitems:1)

cluster_registration_token = None

(Computed) Cluster Registration Token generated for the cluster (list maxitems:1)

cluster_template_answers = None

(Computed) Cluster template answers (list maxitems:1)

cluster_template_id = None

(Computed) Cluster template ID (string)

cluster_template_questions = None

(Computed) Cluster template questions (list)

cluster_template_revision_id = None

(Computed) Cluster template revision ID (string)

default_pod_security_policy_template_id = None

(Optional/Computed) Default pod security policy template id (string)

default_project_id = None

(Computed) Default project ID for the cluster (string)

description = None

(Computed) The description for Cluster (string)

driver = None

(Computed) The driver used for the Cluster. imported, azurekubernetesservice, amazonelasticcontainerservice, googlekubernetesengine and rancherKubernetesEngine are supported (string)

eks_config = None

(Computed) The Amazon eks configuration for eks Clusters. Conflicts with aks_config, gke_config and rke_config (list maxitems:1)

enable_cluster_monitoring = None

(Computed) Enable built-in cluster monitoring. Default false (bool)

enable_network_policy = None

(Computed) Enable project network isolation. Default false (bool)

gke_config = None

(Computed) The Google gke configuration for gke Clusters. Conflicts with aks_config, eks_config and rke_config (list maxitems:1)

id = None

id is the provider-assigned unique ID for this managed resource.

k3s_config = None

(Computed) The K3S configuration for k3s imported Clusters. Conflicts with aks_config, eks_config, gke_config and rke_config (list maxitems:1)

kube_config = None

(Computed) Kube Config generated for the cluster (string)

labels = None

(Computed) Labels for Node Pool object (map)

rke_config = None

(Computed) The RKE configuration for rke Clusters. Conflicts with aks_config, eks_config and gke_config (list maxitems:1)

system_project_id = None

(Computed) System project ID for the cluster (string)

class pulumi_rancher2.GetClusterRoleTemplateBindingResult(annotations=None, cluster_id=None, group_id=None, group_principal_id=None, id=None, labels=None, name=None, role_template_id=None, user_id=None, user_principal_id=None)

A collection of values returned by getClusterRoleTemplateBinding.

annotations = None

(Computed) Annotations of the resource (map)

group_id = None

(Computed) The group ID to assign cluster role template binding (string)

group_principal_id = None

(Computed) The group_principal ID to assign cluster role template binding (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the resource (map)

user_id = None

(Computed) The user ID to assign cluster role template binding (string)

user_principal_id = None

(Computed) The user_principal ID to assign cluster role template binding (string)

class pulumi_rancher2.GetClusterScanResult(annotations=None, cluster_id=None, id=None, labels=None, name=None, run_type=None, scan_config=None, scan_type=None, status=None)

A collection of values returned by getClusterScan.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_rancher2.GetClusterTemplateResult(annotations=None, default_revision_id=None, description=None, id=None, labels=None, members=None, name=None, template_revisions=None)

A collection of values returned by getClusterTemplate.

annotations = None

(Computed) Annotations for the cluster template (map)

default_revision_id = None

(Computed) Default cluster template revision ID (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for the cluster template (map)

members = None

(Computed) Cluster template members (list)

template_revisions = None

(Computed) Cluster template revisions (list)

class pulumi_rancher2.GetEtcdBackupResult(annotations=None, backup_config=None, cluster_id=None, filename=None, id=None, labels=None, manual=None, name=None, namespace_id=None)

A collection of values returned by getEtcdBackup.

annotations = None

(Computed) Annotations for Etcd Backup object (map)

backup_config = None

(Computed) Backup config for etcd backup (list maxitems:1)

filename = None

(Computed) Filename of the Etcd Backup (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for Etcd Backup object (map)

manual = None

(Computed) Manual execution of the Etcd Backup. Default false (bool)

namespace_id = None

(Computed) Description for the Etcd Backup (string)

class pulumi_rancher2.GetGlobalRoleBindingResult(annotations=None, global_role_id=None, group_principal_id=None, id=None, labels=None, name=None, user_id=None)

A collection of values returned by getGlobalRoleBinding.

annotations = None

(Computed) Annotations of the resource (map)

group_principal_id = None

(Computed) The group principal ID to assign global role binding. Rancher v2.4.0 or higher is required (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the resource (map)

user_id = None

(Computed) The user ID to assign global role binding (string)

class pulumi_rancher2.GetMultiClusterAppResult(annotations=None, answers=None, catalog_name=None, id=None, labels=None, members=None, name=None, revision_history_limit=None, revision_id=None, roles=None, targets=None, template_name=None, template_version=None, template_version_id=None, upgrade_strategies=None)

A collection of values returned by getMultiClusterApp.

annotations = None

(Computed) Annotations for multi cluster app object (map)

answers = None

(Computed) The multi cluster app answers (list)

catalog_name = None

(Computed) The multi cluster app catalog name (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for multi cluster app object (map)

members = None

(Computed) The multi cluster app members (list)

revision_history_limit = None

(Computed) The multi cluster app revision history limit (int)

revision_id = None

(Computed) Current revision id for the multi cluster app (string)

roles = None

(Computed) The multi cluster app roles (list)

targets = None

(Computed) The multi cluster app target projects (list)

template_name = None

(Computed) The multi cluster app template name (string)

template_version = None

(Computed) The multi cluster app template version (string)

template_version_id = None

(Computed) The multi cluster app template version ID (string)

upgrade_strategies = None

(Computed) The multi cluster app upgrade strategy (list)

class pulumi_rancher2.GetNamespaceResult(annotations=None, container_resource_limit=None, description=None, id=None, labels=None, name=None, project_id=None, resource_quota=None)

A collection of values returned by getNamespace.

annotations = None

(Computed) Annotations for Node Pool object (map)

container_resource_limit = None

(Computed) Default containers resource limits on namespace (List maxitem:1)

description = None

(Computed) A namespace description (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for Node Pool object (map)

resource_quota = None

(Computed) Resource quota for namespace. Rancher v2.1.x or higher (list maxitems:1)

class pulumi_rancher2.GetNodeDriverResult(active=None, annotations=None, builtin=None, checksum=None, description=None, external_id=None, id=None, labels=None, name=None, ui_url=None, url=None, whitelist_domains=None)

A collection of values returned by getNodeDriver.

active = None

(Computed) Specify if the node driver state (bool)

annotations = None

(Computed) Annotations of the resource (map)

builtin = None

(Computed) Specify wheter the node driver is an internal cluster driver or not (bool)

checksum = None

(Computed) Verify that the downloaded driver matches the expected checksum (string)

description = None

(Computed) Description of the node driver (string)

external_id = None

(Computed) External ID (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the resource (map)

ui_url = None

(Computed) The URL to load for customized Add Node screen for this driver (string)

whitelist_domains = None

(Computed) Domains to whitelist for the ui (list)

class pulumi_rancher2.GetNodePoolResult(annotations=None, cluster_id=None, control_plane=None, delete_not_ready_after_secs=None, etcd=None, hostname_prefix=None, id=None, labels=None, name=None, node_taints=None, node_template_id=None, quantity=None, worker=None)

A collection of values returned by getNodePool.

annotations = None

(Computed) Annotations for Node Pool object (map)

control_plane = None

(Computed) RKE control plane role for created nodes (bool)

delete_not_ready_after_secs = None

(Computed) Delete not ready node after secs. Default 0 (int)

etcd = None

(Computed) RKE etcd role for created nodes (bool)

hostname_prefix = None

(Computed) The prefix for created nodes of the Node Pool (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for Node Pool object (map)

node_taints = None

(Computed) Node taints (List)

quantity = None

(Computed) The number of nodes to create on Node Pool (int)

worker = None

(Computed) RKE role role for created nodes (bool)

class pulumi_rancher2.GetNodeTemplateResult(annotations=None, cloud_credential_id=None, description=None, driver=None, engine_env=None, engine_insecure_registries=None, engine_install_url=None, engine_label=None, engine_opt=None, engine_registry_mirrors=None, engine_storage_driver=None, id=None, labels=None, name=None, use_internal_ip_address=None)

A collection of values returned by getNodeTemplate.

annotations = None

(Computed) Annotations for Node Template object (map)

cloud_credential_id = None

(Computed) Cloud credential ID for the Node Template. Required from Rancher v2.2.x (string)

description = None

(Computed) Description for the Node Template (string)

driver = None

(Computed) The driver of the node template (string)

engine_env = None

(Computed) Engine environment for the node template (string)

engine_insecure_registries = None

(Computed) Insecure registry for the node template (list)

engine_install_url = None

(Computed) Docker engine install URL for the node template (string)

engine_label = None

(Computed) Engine label for the node template (string)

engine_opt = None

(Computed) Engine options for the node template (map)

engine_registry_mirrors = None

(Computed) Engine registry mirror for the node template (list)

engine_storage_driver = None

(Computed) Engine storage driver for the node template (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for Node Template object (map)

use_internal_ip_address = None

(Computed) Engine storage driver for the node template (bool)

class pulumi_rancher2.GetNotifierResult(annotations=None, cluster_id=None, description=None, id=None, labels=None, name=None, pagerduty_config=None, slack_config=None, smtp_config=None, webhook_config=None, wechat_config=None)

A collection of values returned by getNotifier.

annotations = None

(Computed) Annotations for notifier object (map)

description = None

(Computed) The notifier description (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for notifier object (map)

pagerduty_config = None

(Computed) Pagerduty config for notifier (list maxitems:1)

slack_config = None

(Computed) Slack config for notifier (list maxitems:1)

smtp_config = None

(Computed) SMTP config for notifier (list maxitems:1)

webhook_config = None

(Computed) Webhook config for notifier (list maxitems:1)

wechat_config = None

(Computed) Wechat config for notifier (list maxitems:1)

class pulumi_rancher2.GetPodSecurityPolicyTemplateResult(allow_privilege_escalation=None, allowed_capabilities=None, allowed_csi_drivers=None, allowed_flex_volumes=None, allowed_host_paths=None, allowed_proc_mount_types=None, allowed_unsafe_sysctls=None, annotations=None, default_add_capabilities=None, default_allow_privilege_escalation=None, description=None, forbidden_sysctls=None, fs_group=None, host_ipc=None, host_network=None, host_pid=None, host_ports=None, id=None, labels=None, name=None, privileged=None, read_only_root_filesystem=None, required_drop_capabilities=None, run_as_group=None, run_as_user=None, runtime_class=None, se_linux=None, supplemental_group=None, volumes=None)

A collection of values returned by getPodSecurityPolicyTemplate.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_rancher2.GetProjectAlertGroupResult(annotations=None, description=None, group_interval_seconds=None, group_wait_seconds=None, id=None, labels=None, name=None, project_id=None, recipients=None, repeat_interval_seconds=None)

A collection of values returned by getProjectAlertGroup.

annotations = None

(Computed) The project alert group annotations (map)

description = None

(Computed) The project alert group description (string)

group_interval_seconds = None

(Computed) The project alert group interval seconds. Default: 180 (int)

group_wait_seconds = None

(Computed) The project alert group wait seconds. Default: 180 (int)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) The project alert group labels (map)

recipients = None

(Computed) The project alert group recipients (list)

repeat_interval_seconds = None

(Computed) The project alert group wait seconds. Default: 3600 (int)

class pulumi_rancher2.GetProjectAlertRuleResult(annotations=None, group_id=None, group_interval_seconds=None, group_wait_seconds=None, id=None, inherited=None, labels=None, metric_rule=None, name=None, pod_rule=None, project_id=None, repeat_interval_seconds=None, severity=None, workload_rule=None)

A collection of values returned by getProjectAlertRule.

annotations = None

(Computed) The project alert rule annotations (map)

group_id = None

(Computed) The project alert rule alert group ID (string)

group_interval_seconds = None

(Computed) The project alert rule group interval seconds. Default: 180 (int)

group_wait_seconds = None

(Computed) The project alert rule group wait seconds. Default: 180 (int)

id = None

id is the provider-assigned unique ID for this managed resource.

inherited = None

(Computed) The project alert rule inherited. Default: true (bool)

labels = None

(Computed) The project alert rule labels (map)

metric_rule = None

(Computed) The project alert rule metric rule. ConflictsWith: “pod_rule”, “workload_rule”` (list Maxitems:1)

pod_rule = None

(Computed) The project alert rule pod rule. ConflictsWith: “metric_rule”, “workload_rule”` (list Maxitems:1)

repeat_interval_seconds = None

(Computed) The project alert rule wait seconds. Default: 3600 (int)

severity = None

(Computed) The project alert rule severity. Supported values : "critical" | "info" | "warning". Default: critical (string)

workload_rule = None

(Computed) The project alert rule workload rule. ConflictsWith: “metric_rule”, “pod_rule”` (list Maxitems:1)

class pulumi_rancher2.GetProjectLoggingResult(annotations=None, custom_target_config=None, elasticsearch_config=None, enable_json_parsing=None, fluentd_config=None, id=None, kafka_config=None, kind=None, labels=None, name=None, namespace_id=None, output_flush_interval=None, output_tags=None, project_id=None, splunk_config=None, syslog_config=None)

A collection of values returned by getProjectLogging.

annotations = None

(Computed) Annotations for Cluster Logging object (map)

elasticsearch_config = None

(Computed) The elasticsearch config for Cluster Logging. For kind = elasticsearch (list maxitems:1)

fluentd_config = None

(Computed) The fluentd config for Cluster Logging. For kind = fluentd (list maxitems:1)

id = None

id is the provider-assigned unique ID for this managed resource.

kafka_config = None

(Computed) The kafka config for Cluster Logging. For kind = kafka (list maxitems:1)

kind = None

(Computed) The kind of the Cluster Logging. elasticsearch, fluentd, kafka, splunk and syslog are supported (string)

labels = None

(Computed) Labels for Cluster Logging object (map)

name = None

(Computed) The name of the cluster logging config (string)

namespace_id = None

(Computed) The namespace id from cluster logging (string)

output_flush_interval = None

(Computed) How often buffered logs would be flushed. Default: 3 seconds (int)

output_tags = None

(computed) The output tags for Cluster Logging (map)

splunk_config = None

(Computed) The splunk config for Cluster Logging. For kind = splunk (list maxitems:1)

syslog_config = None

(Computed) The syslog config for Cluster Logging. For kind = syslog (list maxitems:1)

class pulumi_rancher2.GetProjectResult(annotations=None, cluster_id=None, container_resource_limit=None, description=None, enable_project_monitoring=None, id=None, labels=None, name=None, pod_security_policy_template_id=None, resource_quota=None, uuid=None)

A collection of values returned by getProject.

annotations = None

(Computed) Annotations of the rancher2 project (map)

container_resource_limit = None

(Computed) Default containers resource limits on project (List maxitem:1)

description = None

(Computed) The project’s description (string)

enable_project_monitoring = None

(Computed) Enable built-in project monitoring. Default false (bool)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the rancher2 project (map)

pod_security_policy_template_id = None

(Computed) Default Pod Security Policy ID for the project (string)

resource_quota = None

(Computed) Resource quota for project. Rancher v2.1.x or higher (list maxitems:1)

uuid = None

(Computed) UUID of the project as stored by Rancher 2 (string)

class pulumi_rancher2.GetProjectRoleTemplateBindingResult(annotations=None, group_id=None, group_principal_id=None, id=None, labels=None, name=None, project_id=None, role_template_id=None, user_id=None, user_principal_id=None)

A collection of values returned by getProjectRoleTemplateBinding.

annotations = None

(Computed) Annotations of the resource (map)

group_id = None

(Computed) The group ID to assign project role template binding (string)

group_principal_id = None

(Computed) The group_principal ID to assign project role template binding (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the resource (map)

user_id = None

(Computed) The user ID to assign project role template binding (string)

user_principal_id = None

(Computed) The user_principal ID to assign project role template binding (string)

class pulumi_rancher2.GetRegistryResult(annotations=None, description=None, id=None, labels=None, name=None, namespace_id=None, project_id=None, registries=None)

A collection of values returned by getRegistry.

annotations = None

(Computed) Annotations for Registry object (map)

description = None

(Computed) A registry description (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for Registry object (map)

registries = None

(Computed) Registries data for registry (list)

class pulumi_rancher2.GetRoleTempalteResult(administrative=None, annotations=None, builtin=None, context=None, default_role=None, description=None, external=None, hidden=None, id=None, labels=None, locked=None, name=None, role_template_ids=None, rules=None)

A collection of values returned by getRoleTempalte.

administrative = None

(Computed) Administrative role template (bool)

annotations = None

(Computed) Annotations for role template object (map)

builtin = None

(Computed) Builtin role template (string)

default_role = None

(Computed) Default role template for new created cluster or project (bool)

description = None

(Computed) Role template description (string)

external = None

(Computed) External role template (bool)

hidden = None

(Computed) Hidden role template (bool)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for role template object (map)

locked = None

(Computed) Locked role template (bool)

role_template_ids = None

(Computed) Inherit role template IDs (list)

rules = None

(Computed) Role template policy rules (list)

class pulumi_rancher2.GetSecretResult(annotations=None, data=None, description=None, id=None, labels=None, name=None, namespace_id=None, project_id=None)

A collection of values returned by getSecret.

annotations = None

(Computed) Annotations for secret object (map)

data = None

(Computed) Secret key/value data. Base64 encoding required for values (map)

description = None

(Computed) A secret description (string)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels for secret object (map)

class pulumi_rancher2.GetSettingResult(id=None, name=None, value=None)

A collection of values returned by getSetting.

id = None

id is the provider-assigned unique ID for this managed resource.

value = None

the settting’s value.

class pulumi_rancher2.GetUserResult(annotations=None, enabled=None, id=None, is_external=None, labels=None, name=None, principal_ids=None, username=None)

A collection of values returned by getUser.

annotations = None

(Computed) Annotations of the resource (map)

enabled = None

(Computed) The user is enabled (bool)

id = None

id is the provider-assigned unique ID for this managed resource.

labels = None

(Computed) Labels of the resource (map)

name = None

(Computed) The user common name (string)

principal_ids = None

(Computed) The user principal IDs (list)

class pulumi_rancher2.GlobalRoleBinding(resource_name, opts=None, annotations=None, global_role_id=None, group_principal_id=None, labels=None, name=None, user_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Global Role Binding resource. This can be used to create Global Role Bindings for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for global role binding (map)

  • global_role_id (pulumi.Input[str]) – The role id from create global role binding (string)

  • group_principal_id (pulumi.Input[str]) – The group principal ID to assign global role binding (only works with external auth providers that support groups). Rancher v2.4.0 or higher is required (string)

  • labels (pulumi.Input[dict]) – Labels for global role binding (map)

  • name (pulumi.Input[str]) – The name of the global role binding (string)

  • user_id (pulumi.Input[str]) – The user ID to assign global role binding (string)

annotations = None

Annotations for global role binding (map)

global_role_id = None

The role id from create global role binding (string)

group_principal_id = None

The group principal ID to assign global role binding (only works with external auth providers that support groups). Rancher v2.4.0 or higher is required (string)

labels = None

Labels for global role binding (map)

name = None

The name of the global role binding (string)

user_id = None

The user ID to assign global role binding (string)

static get(resource_name, id, opts=None, annotations=None, global_role_id=None, group_principal_id=None, labels=None, name=None, user_id=None)

Get an existing GlobalRoleBinding resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for global role binding (map)

  • global_role_id (pulumi.Input[str]) – The role id from create global role binding (string)

  • group_principal_id (pulumi.Input[str]) – The group principal ID to assign global role binding (only works with external auth providers that support groups). Rancher v2.4.0 or higher is required (string)

  • labels (pulumi.Input[dict]) – Labels for global role binding (map)

  • name (pulumi.Input[str]) – The name of the global role binding (string)

  • user_id (pulumi.Input[str]) – The user ID to assign global role binding (string)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.MultiClusterApp(resource_name, opts=None, annotations=None, answers=None, catalog_name=None, labels=None, members=None, name=None, revision_history_limit=None, revision_id=None, roles=None, targets=None, template_name=None, template_version=None, upgrade_strategy=None, wait=None, __props__=None, __name__=None, __opts__=None)

Create a MultiClusterApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] annotations: Annotations for multi cluster app object (map) :param pulumi.Input[list] answers: The multi cluster app answers (list) :param pulumi.Input[str] catalog_name: The multi cluster app catalog name (string) :param pulumi.Input[dict] labels: Labels for multi cluster app object (map) :param pulumi.Input[list] members: The multi cluster app answers (list) :param pulumi.Input[str] name: The multi cluster app name (string) :param pulumi.Input[float] revision_history_limit: The multi cluster app revision history limit. Default 10 (int) :param pulumi.Input[str] revision_id: Current revision id for the multi cluster app (string) :param pulumi.Input[list] roles: The multi cluster app roles (list) :param pulumi.Input[list] targets: The multi cluster app target projects (list) :param pulumi.Input[str] template_name: The multi cluster app template name (string) :param pulumi.Input[str] template_version: The multi cluster app template version. Default: latest (string) :param pulumi.Input[dict] upgrade_strategy: The multi cluster app upgrade strategy (list MaxItems:1) :param pulumi.Input[bool] wait: Wait until the multi cluster app is active. Default true (bool)

The answers object supports the following:

  • cluster_id (pulumi.Input[str]) - Cluster ID for answer (string)

  • project_id (pulumi.Input[str]) - Project ID for target (string)

  • values (pulumi.Input[dict]) - Key/values for answer (map)

The members object supports the following:

  • accessType (pulumi.Input[str]) - Member access type. Valid values: ["member" | "owner" | "read-only"] (string)

  • group_principal_id (pulumi.Input[str]) - Member group principal id (string)

  • user_principal_id (pulumi.Input[str]) - Member user principal id (string)

The targets object supports the following:

  • appId (pulumi.Input[str]) - App ID for target (string)

  • healthState (pulumi.Input[str]) - App health state for target (string)

  • project_id (pulumi.Input[str]) - Project ID for target (string)

  • state (pulumi.Input[str]) - App state for target (string)

The upgrade_strategy object supports the following:

  • rollingUpdate (pulumi.Input[dict]) - Upgrade strategy rolling update (list MaxItems:1)

    • batchSize (pulumi.Input[float]) - Rolling update batch size. Default 1 (int)

    • interval (pulumi.Input[float]) - Rolling update interval. Default 1 (int)

annotations = None

Annotations for multi cluster app object (map)

answers = None

The multi cluster app answers (list)

  • cluster_id (str) - Cluster ID for answer (string)

  • project_id (str) - Project ID for target (string)

  • values (dict) - Key/values for answer (map)

catalog_name = None

The multi cluster app catalog name (string)

labels = None

Labels for multi cluster app object (map)

members = None

The multi cluster app answers (list)

  • accessType (str) - Member access type. Valid values: ["member" | "owner" | "read-only"] (string)

  • group_principal_id (str) - Member group principal id (string)

  • user_principal_id (str) - Member user principal id (string)

name = None

The multi cluster app name (string)

revision_history_limit = None

The multi cluster app revision history limit. Default 10 (int)

revision_id = None

Current revision id for the multi cluster app (string)

roles = None

The multi cluster app roles (list)

targets = None

The multi cluster app target projects (list)

  • appId (str) - App ID for target (string)

  • healthState (str) - App health state for target (string)

  • project_id (str) - Project ID for target (string)

  • state (str) - App state for target (string)

template_name = None

The multi cluster app template name (string)

template_version = None

The multi cluster app template version. Default: latest (string)

template_version_id = None

(Computed) The multi cluster app template version ID (string)

upgrade_strategy = None

The multi cluster app upgrade strategy (list MaxItems:1)

  • rollingUpdate (dict) - Upgrade strategy rolling update (list MaxItems:1)

    • batchSize (float) - Rolling update batch size. Default 1 (int)

    • interval (float) - Rolling update interval. Default 1 (int)

wait = None

Wait until the multi cluster app is active. Default true (bool)

static get(resource_name, id, opts=None, annotations=None, answers=None, catalog_name=None, labels=None, members=None, name=None, revision_history_limit=None, revision_id=None, roles=None, targets=None, template_name=None, template_version=None, template_version_id=None, upgrade_strategy=None, wait=None)

Get an existing MultiClusterApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for multi cluster app object (map)

  • answers (pulumi.Input[list]) – The multi cluster app answers (list)

  • catalog_name (pulumi.Input[str]) – The multi cluster app catalog name (string)

  • labels (pulumi.Input[dict]) – Labels for multi cluster app object (map)

  • members (pulumi.Input[list]) – The multi cluster app answers (list)

  • name (pulumi.Input[str]) – The multi cluster app name (string)

  • revision_history_limit (pulumi.Input[float]) – The multi cluster app revision history limit. Default 10 (int)

  • revision_id (pulumi.Input[str]) – Current revision id for the multi cluster app (string)

  • roles (pulumi.Input[list]) – The multi cluster app roles (list)

  • targets (pulumi.Input[list]) – The multi cluster app target projects (list)

  • template_name (pulumi.Input[str]) – The multi cluster app template name (string)

  • template_version (pulumi.Input[str]) – The multi cluster app template version. Default: latest (string)

  • template_version_id (pulumi.Input[str]) – (Computed) The multi cluster app template version ID (string)

  • upgrade_strategy (pulumi.Input[dict]) – The multi cluster app upgrade strategy (list MaxItems:1)

  • wait (pulumi.Input[bool]) – Wait until the multi cluster app is active. Default true (bool)

The answers object supports the following:

  • cluster_id (pulumi.Input[str]) - Cluster ID for answer (string)

  • project_id (pulumi.Input[str]) - Project ID for target (string)

  • values (pulumi.Input[dict]) - Key/values for answer (map)

The members object supports the following:

  • accessType (pulumi.Input[str]) - Member access type. Valid values: ["member" | "owner" | "read-only"] (string)

  • group_principal_id (pulumi.Input[str]) - Member group principal id (string)

  • user_principal_id (pulumi.Input[str]) - Member user principal id (string)

The targets object supports the following:

  • appId (pulumi.Input[str]) - App ID for target (string)

  • healthState (pulumi.Input[str]) - App health state for target (string)

  • project_id (pulumi.Input[str]) - Project ID for target (string)

  • state (pulumi.Input[str]) - App state for target (string)

The upgrade_strategy object supports the following:

  • rollingUpdate (pulumi.Input[dict]) - Upgrade strategy rolling update (list MaxItems:1)

    • batchSize (pulumi.Input[float]) - Rolling update batch size. Default 1 (int)

    • interval (pulumi.Input[float]) - Rolling update interval. Default 1 (int)

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_rancher2.Namespace(resource_name, opts=None, annotations=None, container_resource_limit=None, description=None, labels=None, name=None, project_id=None, resource_quota=None, wait_for_cluster=None, __props__=None, __name__=None, __opts__=None)

Provides a Rancher v2 Namespace resource. This can be used to create namespaces for Rancher v2 environments and retrieve their information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • annotations (pulumi.Input[dict]) – Annotations for Node Pool object (map)

  • container_resource_limit (pulumi.Input[dict]) – Default containers resource limits on namespace (List maxitem:1)

  • description (pulumi.Input[str]) – A namespace description (string)

  • labels (pulumi.Input[dict]) – Labels for Node Pool object (map)

  • name (pulumi.Input[str]) – The name of the namespace (string)

  • project_id (pulumi.Input[str]) – The project id where assign namespace. It’s on the form project_id=<cluster_id>:<id>. Updating <id> part on same <cluster_id> namespace will be moved between projects (string)

  • resource_quota (pulumi.Input[dict]) – Resource quota for namespace. Rancher v2.1.x or higher (list maxitems:1)

  • wait_for_cluster (pulumi.Input[bool]) – Wait for cluster becomes active. Default false (bool)

The container_resource_limit object supports the following:

  • limitsCpu (pulumi.Input[str]) - Limit for limits cpu in namespace (string)

  • limitsMemory (pulumi.Input[str]) - Limit for limits memory in namespace (string)

  • requestsCpu (pulumi.Input[str]) - Limit for requests cpu in namespace (string)

  • requestsMemory (pulumi.Input[str]) - Limit for requests memory in namespace (string)

The resource_quota object supports the following:

  • limit (pulumi.Input[dict]) - Resource quota limit for namespace (list maxitems:1)

    • configMaps (pulumi.Input[str]) - Limit for config maps in namespace (string)

    • limitsCpu (pulumi.Input[str]) - Limit for limits cpu in namespace (string)

    • limitsMemory (pulumi.Input[str]) - Limit for limits memory in namespace (string)

    • persistentVolumeClaims (pulumi.Input[str]) - Limit for persistent volume claims in namespace (string)

    • pods (pulumi.Input[str]) - Limit for pods in namespace (string)

    • replicationControllers (pulumi.Input[str]) - Limit for replication controllers in namespace (string)

    • requestsCpu (pulumi.Input[str]) - Limit for requests cpu in namespace (string)

    • requestsMemory (pulumi.Input[str]) - Limit for requests memory in namespace (string)

    • requestsStorage (pulumi.Input[str]) - Limit for requests storage in namespace (string)

    • secrets (pulumi.Input[str]) - Limit for secrets in namespace (string)

    • services (pulumi.Input[str])

    • servicesLoadBalancers (pulumi.Input[str]) - Limit for services load balancers in namespace (string)

    • servicesNodePorts (pulumi.Input[str]) - Limit for services node ports in namespace (string)

annotations = None

Annotations for Node Pool object (map)

container_resource_limit = None

Default containers resource limits on namespace (List maxitem:1)

  • limitsCpu (str) - Limit for limits cpu in namespace (string)

  • limitsMemory (str) - Limit for limits memory in namespace (string)

  • requestsCpu (str) - Limit for requests cpu in namespace (string)

  • requestsMemory (str) - Limit for requests memory in namespace (string)

description = None

A namespace description (string)

labels = None

Labels for Node Pool object (map)

name = None

The name of the namespace (string)

project_id = None

The project id where assign namespace. It’s on the form project_id=<cluster_id>:<id>. Updating <id> part on same <cluster_id> namespace will be moved between projects (string)

resource_quota = None

Resource quota for namespace. Rancher v2.1.x or higher (list maxitems:1)

  • limit (dict) - Resource quota limit for namespace (list maxitems:1)

    • configMaps (str) - Limit for config maps in namespace (string)

    • limitsCpu (str) - Limit for limits cpu in namespace (string)

    • limitsMemory (str) - Limit for limits memory in namespace (string)

    • persistentVolumeClaims (str) - Limit for persistent volume claims in namespace (string)

    • pods (str) - Limit for pods in namespace (string)

    • replicationControllers (str) - Limit for replication controllers in namespace (string)

    • requestsCpu (str) - Limit for requests cpu in namespace (string)

    • requestsMemory (str) - Limit for requests memory in namespace (string)

    • requestsStorage (str) - Limit for requests storage in namespace (string)

    • secrets (str) - Limit for secrets in namespace (string)

    • services (str)

    • servicesLoadBalancers (str) - Limit for services load balancers in namespace (string)

    • servicesNodePorts (str) - Limit for services node ports in namespace (string)

wait_for_cluster = None

Wait for cluster becomes active. Default false (bool)

static