1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. gkehub
  5. FeatureMembership
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

gcp.gkehub.FeatureMembership

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

    Contains information about a GKEHub Feature Memberships. Feature Memberships configure GKEHub Features that apply to specific memberships rather than the project as a whole. The google_gke_hub is the Fleet API.

    Example Usage

    Config Management

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const cluster = new gcp.container.Cluster("cluster", {
        name: "my-cluster",
        location: "us-central1-a",
        initialNodeCount: 1,
    });
    const membership = new gcp.gkehub.Membership("membership", {
        membershipId: "my-membership",
        endpoint: {
            gkeCluster: {
                resourceLink: pulumi.interpolate`//container.googleapis.com/${cluster.id}`,
            },
        },
    });
    const feature = new gcp.gkehub.Feature("feature", {
        name: "configmanagement",
        location: "global",
        labels: {
            foo: "bar",
        },
    });
    const featureMember = new gcp.gkehub.FeatureMembership("feature_member", {
        location: "global",
        feature: feature.name,
        membership: membership.membershipId,
        configmanagement: {
            version: "1.6.2",
            configSync: {
                git: {
                    syncRepo: "https://github.com/hashicorp/terraform",
                },
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    cluster = gcp.container.Cluster("cluster",
        name="my-cluster",
        location="us-central1-a",
        initial_node_count=1)
    membership = gcp.gkehub.Membership("membership",
        membership_id="my-membership",
        endpoint=gcp.gkehub.MembershipEndpointArgs(
            gke_cluster=gcp.gkehub.MembershipEndpointGkeClusterArgs(
                resource_link=cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
            ),
        ))
    feature = gcp.gkehub.Feature("feature",
        name="configmanagement",
        location="global",
        labels={
            "foo": "bar",
        })
    feature_member = gcp.gkehub.FeatureMembership("feature_member",
        location="global",
        feature=feature.name,
        membership=membership.membership_id,
        configmanagement=gcp.gkehub.FeatureMembershipConfigmanagementArgs(
            version="1.6.2",
            config_sync=gcp.gkehub.FeatureMembershipConfigmanagementConfigSyncArgs(
                git=gcp.gkehub.FeatureMembershipConfigmanagementConfigSyncGitArgs(
                    sync_repo="https://github.com/hashicorp/terraform",
                ),
            ),
        ))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cluster, err := container.NewCluster(ctx, "cluster", &container.ClusterArgs{
    			Name:             pulumi.String("my-cluster"),
    			Location:         pulumi.String("us-central1-a"),
    			InitialNodeCount: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
    			MembershipId: pulumi.String("my-membership"),
    			Endpoint: &gkehub.MembershipEndpointArgs{
    				GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
    					ResourceLink: cluster.ID().ApplyT(func(id string) (string, error) {
    						return fmt.Sprintf("//container.googleapis.com/%v", id), nil
    					}).(pulumi.StringOutput),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		feature, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("configmanagement"),
    			Location: pulumi.String("global"),
    			Labels: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = gkehub.NewFeatureMembership(ctx, "feature_member", &gkehub.FeatureMembershipArgs{
    			Location:   pulumi.String("global"),
    			Feature:    feature.Name,
    			Membership: membership.MembershipId,
    			Configmanagement: &gkehub.FeatureMembershipConfigmanagementArgs{
    				Version: pulumi.String("1.6.2"),
    				ConfigSync: &gkehub.FeatureMembershipConfigmanagementConfigSyncArgs{
    					Git: &gkehub.FeatureMembershipConfigmanagementConfigSyncGitArgs{
    						SyncRepo: pulumi.String("https://github.com/hashicorp/terraform"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Gcp.Container.Cluster("cluster", new()
        {
            Name = "my-cluster",
            Location = "us-central1-a",
            InitialNodeCount = 1,
        });
    
        var membership = new Gcp.GkeHub.Membership("membership", new()
        {
            MembershipId = "my-membership",
            Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
            {
                GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
                {
                    ResourceLink = cluster.Id.Apply(id => $"//container.googleapis.com/{id}"),
                },
            },
        });
    
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "configmanagement",
            Location = "global",
            Labels = 
            {
                { "foo", "bar" },
            },
        });
    
        var featureMember = new Gcp.GkeHub.FeatureMembership("feature_member", new()
        {
            Location = "global",
            Feature = feature.Name,
            Membership = membership.MembershipId,
            Configmanagement = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementArgs
            {
                Version = "1.6.2",
                ConfigSync = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementConfigSyncArgs
                {
                    Git = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementConfigSyncGitArgs
                    {
                        SyncRepo = "https://github.com/hashicorp/terraform",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.Cluster;
    import com.pulumi.gcp.container.ClusterArgs;
    import com.pulumi.gcp.gkehub.Membership;
    import com.pulumi.gcp.gkehub.MembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import com.pulumi.gcp.gkehub.FeatureMembership;
    import com.pulumi.gcp.gkehub.FeatureMembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementConfigSyncArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementConfigSyncGitArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Cluster("cluster", ClusterArgs.builder()        
                .name("my-cluster")
                .location("us-central1-a")
                .initialNodeCount(1)
                .build());
    
            var membership = new Membership("membership", MembershipArgs.builder()        
                .membershipId("my-membership")
                .endpoint(MembershipEndpointArgs.builder()
                    .gkeCluster(MembershipEndpointGkeClusterArgs.builder()
                        .resourceLink(cluster.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
                        .build())
                    .build())
                .build());
    
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("configmanagement")
                .location("global")
                .labels(Map.of("foo", "bar"))
                .build());
    
            var featureMember = new FeatureMembership("featureMember", FeatureMembershipArgs.builder()        
                .location("global")
                .feature(feature.name())
                .membership(membership.membershipId())
                .configmanagement(FeatureMembershipConfigmanagementArgs.builder()
                    .version("1.6.2")
                    .configSync(FeatureMembershipConfigmanagementConfigSyncArgs.builder()
                        .git(FeatureMembershipConfigmanagementConfigSyncGitArgs.builder()
                            .syncRepo("https://github.com/hashicorp/terraform")
                            .build())
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      cluster:
        type: gcp:container:Cluster
        properties:
          name: my-cluster
          location: us-central1-a
          initialNodeCount: 1
      membership:
        type: gcp:gkehub:Membership
        properties:
          membershipId: my-membership
          endpoint:
            gkeCluster:
              resourceLink: //container.googleapis.com/${cluster.id}
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: configmanagement
          location: global
          labels:
            foo: bar
      featureMember:
        type: gcp:gkehub:FeatureMembership
        name: feature_member
        properties:
          location: global
          feature: ${feature.name}
          membership: ${membership.membershipId}
          configmanagement:
            version: 1.6.2
            configSync:
              git:
                syncRepo: https://github.com/hashicorp/terraform
    

    Config Management With OCI

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const cluster = new gcp.container.Cluster("cluster", {
        name: "my-cluster",
        location: "us-central1-a",
        initialNodeCount: 1,
    });
    const membership = new gcp.gkehub.Membership("membership", {
        membershipId: "my-membership",
        endpoint: {
            gkeCluster: {
                resourceLink: pulumi.interpolate`//container.googleapis.com/${cluster.id}`,
            },
        },
    });
    const feature = new gcp.gkehub.Feature("feature", {
        name: "configmanagement",
        location: "global",
        labels: {
            foo: "bar",
        },
    });
    const featureMember = new gcp.gkehub.FeatureMembership("feature_member", {
        location: "global",
        feature: feature.name,
        membership: membership.membershipId,
        configmanagement: {
            version: "1.15.1",
            configSync: {
                oci: {
                    syncRepo: "us-central1-docker.pkg.dev/sample-project/config-repo/config-sync-gke:latest",
                    policyDir: "config-connector",
                    syncWaitSecs: "20",
                    secretType: "gcpserviceaccount",
                    gcpServiceAccountEmail: "sa@project-id.iam.gserviceaccount.com",
                },
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    cluster = gcp.container.Cluster("cluster",
        name="my-cluster",
        location="us-central1-a",
        initial_node_count=1)
    membership = gcp.gkehub.Membership("membership",
        membership_id="my-membership",
        endpoint=gcp.gkehub.MembershipEndpointArgs(
            gke_cluster=gcp.gkehub.MembershipEndpointGkeClusterArgs(
                resource_link=cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
            ),
        ))
    feature = gcp.gkehub.Feature("feature",
        name="configmanagement",
        location="global",
        labels={
            "foo": "bar",
        })
    feature_member = gcp.gkehub.FeatureMembership("feature_member",
        location="global",
        feature=feature.name,
        membership=membership.membership_id,
        configmanagement=gcp.gkehub.FeatureMembershipConfigmanagementArgs(
            version="1.15.1",
            config_sync=gcp.gkehub.FeatureMembershipConfigmanagementConfigSyncArgs(
                oci=gcp.gkehub.FeatureMembershipConfigmanagementConfigSyncOciArgs(
                    sync_repo="us-central1-docker.pkg.dev/sample-project/config-repo/config-sync-gke:latest",
                    policy_dir="config-connector",
                    sync_wait_secs="20",
                    secret_type="gcpserviceaccount",
                    gcp_service_account_email="sa@project-id.iam.gserviceaccount.com",
                ),
            ),
        ))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cluster, err := container.NewCluster(ctx, "cluster", &container.ClusterArgs{
    			Name:             pulumi.String("my-cluster"),
    			Location:         pulumi.String("us-central1-a"),
    			InitialNodeCount: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
    			MembershipId: pulumi.String("my-membership"),
    			Endpoint: &gkehub.MembershipEndpointArgs{
    				GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
    					ResourceLink: cluster.ID().ApplyT(func(id string) (string, error) {
    						return fmt.Sprintf("//container.googleapis.com/%v", id), nil
    					}).(pulumi.StringOutput),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		feature, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("configmanagement"),
    			Location: pulumi.String("global"),
    			Labels: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = gkehub.NewFeatureMembership(ctx, "feature_member", &gkehub.FeatureMembershipArgs{
    			Location:   pulumi.String("global"),
    			Feature:    feature.Name,
    			Membership: membership.MembershipId,
    			Configmanagement: &gkehub.FeatureMembershipConfigmanagementArgs{
    				Version: pulumi.String("1.15.1"),
    				ConfigSync: &gkehub.FeatureMembershipConfigmanagementConfigSyncArgs{
    					Oci: &gkehub.FeatureMembershipConfigmanagementConfigSyncOciArgs{
    						SyncRepo:               pulumi.String("us-central1-docker.pkg.dev/sample-project/config-repo/config-sync-gke:latest"),
    						PolicyDir:              pulumi.String("config-connector"),
    						SyncWaitSecs:           pulumi.String("20"),
    						SecretType:             pulumi.String("gcpserviceaccount"),
    						GcpServiceAccountEmail: pulumi.String("sa@project-id.iam.gserviceaccount.com"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Gcp.Container.Cluster("cluster", new()
        {
            Name = "my-cluster",
            Location = "us-central1-a",
            InitialNodeCount = 1,
        });
    
        var membership = new Gcp.GkeHub.Membership("membership", new()
        {
            MembershipId = "my-membership",
            Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
            {
                GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
                {
                    ResourceLink = cluster.Id.Apply(id => $"//container.googleapis.com/{id}"),
                },
            },
        });
    
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "configmanagement",
            Location = "global",
            Labels = 
            {
                { "foo", "bar" },
            },
        });
    
        var featureMember = new Gcp.GkeHub.FeatureMembership("feature_member", new()
        {
            Location = "global",
            Feature = feature.Name,
            Membership = membership.MembershipId,
            Configmanagement = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementArgs
            {
                Version = "1.15.1",
                ConfigSync = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementConfigSyncArgs
                {
                    Oci = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementConfigSyncOciArgs
                    {
                        SyncRepo = "us-central1-docker.pkg.dev/sample-project/config-repo/config-sync-gke:latest",
                        PolicyDir = "config-connector",
                        SyncWaitSecs = "20",
                        SecretType = "gcpserviceaccount",
                        GcpServiceAccountEmail = "sa@project-id.iam.gserviceaccount.com",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.Cluster;
    import com.pulumi.gcp.container.ClusterArgs;
    import com.pulumi.gcp.gkehub.Membership;
    import com.pulumi.gcp.gkehub.MembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import com.pulumi.gcp.gkehub.FeatureMembership;
    import com.pulumi.gcp.gkehub.FeatureMembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementConfigSyncArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementConfigSyncOciArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Cluster("cluster", ClusterArgs.builder()        
                .name("my-cluster")
                .location("us-central1-a")
                .initialNodeCount(1)
                .build());
    
            var membership = new Membership("membership", MembershipArgs.builder()        
                .membershipId("my-membership")
                .endpoint(MembershipEndpointArgs.builder()
                    .gkeCluster(MembershipEndpointGkeClusterArgs.builder()
                        .resourceLink(cluster.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
                        .build())
                    .build())
                .build());
    
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("configmanagement")
                .location("global")
                .labels(Map.of("foo", "bar"))
                .build());
    
            var featureMember = new FeatureMembership("featureMember", FeatureMembershipArgs.builder()        
                .location("global")
                .feature(feature.name())
                .membership(membership.membershipId())
                .configmanagement(FeatureMembershipConfigmanagementArgs.builder()
                    .version("1.15.1")
                    .configSync(FeatureMembershipConfigmanagementConfigSyncArgs.builder()
                        .oci(FeatureMembershipConfigmanagementConfigSyncOciArgs.builder()
                            .syncRepo("us-central1-docker.pkg.dev/sample-project/config-repo/config-sync-gke:latest")
                            .policyDir("config-connector")
                            .syncWaitSecs("20")
                            .secretType("gcpserviceaccount")
                            .gcpServiceAccountEmail("sa@project-id.iam.gserviceaccount.com")
                            .build())
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      cluster:
        type: gcp:container:Cluster
        properties:
          name: my-cluster
          location: us-central1-a
          initialNodeCount: 1
      membership:
        type: gcp:gkehub:Membership
        properties:
          membershipId: my-membership
          endpoint:
            gkeCluster:
              resourceLink: //container.googleapis.com/${cluster.id}
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: configmanagement
          location: global
          labels:
            foo: bar
      featureMember:
        type: gcp:gkehub:FeatureMembership
        name: feature_member
        properties:
          location: global
          feature: ${feature.name}
          membership: ${membership.membershipId}
          configmanagement:
            version: 1.15.1
            configSync:
              oci:
                syncRepo: us-central1-docker.pkg.dev/sample-project/config-repo/config-sync-gke:latest
                policyDir: config-connector
                syncWaitSecs: '20'
                secretType: gcpserviceaccount
                gcpServiceAccountEmail: sa@project-id.iam.gserviceaccount.com
    

    Multi Cluster Service Discovery

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const feature = new gcp.gkehub.Feature("feature", {
        name: "multiclusterservicediscovery",
        location: "global",
        labels: {
            foo: "bar",
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    feature = gcp.gkehub.Feature("feature",
        name="multiclusterservicediscovery",
        location="global",
        labels={
            "foo": "bar",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("multiclusterservicediscovery"),
    			Location: pulumi.String("global"),
    			Labels: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "multiclusterservicediscovery",
            Location = "global",
            Labels = 
            {
                { "foo", "bar" },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("multiclusterservicediscovery")
                .location("global")
                .labels(Map.of("foo", "bar"))
                .build());
    
        }
    }
    
    resources:
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: multiclusterservicediscovery
          location: global
          labels:
            foo: bar
    

    Service Mesh

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const cluster = new gcp.container.Cluster("cluster", {
        name: "my-cluster",
        location: "us-central1-a",
        initialNodeCount: 1,
    });
    const membership = new gcp.gkehub.Membership("membership", {
        membershipId: "my-membership",
        endpoint: {
            gkeCluster: {
                resourceLink: pulumi.interpolate`//container.googleapis.com/${cluster.id}`,
            },
        },
    });
    const feature = new gcp.gkehub.Feature("feature", {
        name: "servicemesh",
        location: "global",
    });
    const featureMember = new gcp.gkehub.FeatureMembership("feature_member", {
        location: "global",
        feature: feature.name,
        membership: membership.membershipId,
        mesh: {
            management: "MANAGEMENT_AUTOMATIC",
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    cluster = gcp.container.Cluster("cluster",
        name="my-cluster",
        location="us-central1-a",
        initial_node_count=1)
    membership = gcp.gkehub.Membership("membership",
        membership_id="my-membership",
        endpoint=gcp.gkehub.MembershipEndpointArgs(
            gke_cluster=gcp.gkehub.MembershipEndpointGkeClusterArgs(
                resource_link=cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
            ),
        ))
    feature = gcp.gkehub.Feature("feature",
        name="servicemesh",
        location="global")
    feature_member = gcp.gkehub.FeatureMembership("feature_member",
        location="global",
        feature=feature.name,
        membership=membership.membership_id,
        mesh=gcp.gkehub.FeatureMembershipMeshArgs(
            management="MANAGEMENT_AUTOMATIC",
        ))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cluster, err := container.NewCluster(ctx, "cluster", &container.ClusterArgs{
    			Name:             pulumi.String("my-cluster"),
    			Location:         pulumi.String("us-central1-a"),
    			InitialNodeCount: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
    			MembershipId: pulumi.String("my-membership"),
    			Endpoint: &gkehub.MembershipEndpointArgs{
    				GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
    					ResourceLink: cluster.ID().ApplyT(func(id string) (string, error) {
    						return fmt.Sprintf("//container.googleapis.com/%v", id), nil
    					}).(pulumi.StringOutput),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		feature, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("servicemesh"),
    			Location: pulumi.String("global"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = gkehub.NewFeatureMembership(ctx, "feature_member", &gkehub.FeatureMembershipArgs{
    			Location:   pulumi.String("global"),
    			Feature:    feature.Name,
    			Membership: membership.MembershipId,
    			Mesh: &gkehub.FeatureMembershipMeshArgs{
    				Management: pulumi.String("MANAGEMENT_AUTOMATIC"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Gcp.Container.Cluster("cluster", new()
        {
            Name = "my-cluster",
            Location = "us-central1-a",
            InitialNodeCount = 1,
        });
    
        var membership = new Gcp.GkeHub.Membership("membership", new()
        {
            MembershipId = "my-membership",
            Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
            {
                GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
                {
                    ResourceLink = cluster.Id.Apply(id => $"//container.googleapis.com/{id}"),
                },
            },
        });
    
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "servicemesh",
            Location = "global",
        });
    
        var featureMember = new Gcp.GkeHub.FeatureMembership("feature_member", new()
        {
            Location = "global",
            Feature = feature.Name,
            Membership = membership.MembershipId,
            Mesh = new Gcp.GkeHub.Inputs.FeatureMembershipMeshArgs
            {
                Management = "MANAGEMENT_AUTOMATIC",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.Cluster;
    import com.pulumi.gcp.container.ClusterArgs;
    import com.pulumi.gcp.gkehub.Membership;
    import com.pulumi.gcp.gkehub.MembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import com.pulumi.gcp.gkehub.FeatureMembership;
    import com.pulumi.gcp.gkehub.FeatureMembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipMeshArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Cluster("cluster", ClusterArgs.builder()        
                .name("my-cluster")
                .location("us-central1-a")
                .initialNodeCount(1)
                .build());
    
            var membership = new Membership("membership", MembershipArgs.builder()        
                .membershipId("my-membership")
                .endpoint(MembershipEndpointArgs.builder()
                    .gkeCluster(MembershipEndpointGkeClusterArgs.builder()
                        .resourceLink(cluster.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
                        .build())
                    .build())
                .build());
    
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("servicemesh")
                .location("global")
                .build());
    
            var featureMember = new FeatureMembership("featureMember", FeatureMembershipArgs.builder()        
                .location("global")
                .feature(feature.name())
                .membership(membership.membershipId())
                .mesh(FeatureMembershipMeshArgs.builder()
                    .management("MANAGEMENT_AUTOMATIC")
                    .build())
                .build());
    
        }
    }
    
    resources:
      cluster:
        type: gcp:container:Cluster
        properties:
          name: my-cluster
          location: us-central1-a
          initialNodeCount: 1
      membership:
        type: gcp:gkehub:Membership
        properties:
          membershipId: my-membership
          endpoint:
            gkeCluster:
              resourceLink: //container.googleapis.com/${cluster.id}
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: servicemesh
          location: global
      featureMember:
        type: gcp:gkehub:FeatureMembership
        name: feature_member
        properties:
          location: global
          feature: ${feature.name}
          membership: ${membership.membershipId}
          mesh:
            management: MANAGEMENT_AUTOMATIC
    

    Config Management With Regional Membership

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const cluster = new gcp.container.Cluster("cluster", {
        name: "my-cluster",
        location: "us-central1-a",
        initialNodeCount: 1,
    });
    const membership = new gcp.gkehub.Membership("membership", {
        membershipId: "my-membership",
        location: "us-central1",
        endpoint: {
            gkeCluster: {
                resourceLink: pulumi.interpolate`//container.googleapis.com/${cluster.id}`,
            },
        },
    });
    const feature = new gcp.gkehub.Feature("feature", {
        name: "configmanagement",
        location: "global",
        labels: {
            foo: "bar",
        },
    });
    const featureMember = new gcp.gkehub.FeatureMembership("feature_member", {
        location: "global",
        feature: feature.name,
        membership: membership.membershipId,
        membershipLocation: membership.location,
        configmanagement: {
            version: "1.6.2",
            configSync: {
                git: {
                    syncRepo: "https://github.com/hashicorp/terraform",
                },
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    cluster = gcp.container.Cluster("cluster",
        name="my-cluster",
        location="us-central1-a",
        initial_node_count=1)
    membership = gcp.gkehub.Membership("membership",
        membership_id="my-membership",
        location="us-central1",
        endpoint=gcp.gkehub.MembershipEndpointArgs(
            gke_cluster=gcp.gkehub.MembershipEndpointGkeClusterArgs(
                resource_link=cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
            ),
        ))
    feature = gcp.gkehub.Feature("feature",
        name="configmanagement",
        location="global",
        labels={
            "foo": "bar",
        })
    feature_member = gcp.gkehub.FeatureMembership("feature_member",
        location="global",
        feature=feature.name,
        membership=membership.membership_id,
        membership_location=membership.location,
        configmanagement=gcp.gkehub.FeatureMembershipConfigmanagementArgs(
            version="1.6.2",
            config_sync=gcp.gkehub.FeatureMembershipConfigmanagementConfigSyncArgs(
                git=gcp.gkehub.FeatureMembershipConfigmanagementConfigSyncGitArgs(
                    sync_repo="https://github.com/hashicorp/terraform",
                ),
            ),
        ))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cluster, err := container.NewCluster(ctx, "cluster", &container.ClusterArgs{
    			Name:             pulumi.String("my-cluster"),
    			Location:         pulumi.String("us-central1-a"),
    			InitialNodeCount: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
    			MembershipId: pulumi.String("my-membership"),
    			Location:     pulumi.String("us-central1"),
    			Endpoint: &gkehub.MembershipEndpointArgs{
    				GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
    					ResourceLink: cluster.ID().ApplyT(func(id string) (string, error) {
    						return fmt.Sprintf("//container.googleapis.com/%v", id), nil
    					}).(pulumi.StringOutput),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		feature, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("configmanagement"),
    			Location: pulumi.String("global"),
    			Labels: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = gkehub.NewFeatureMembership(ctx, "feature_member", &gkehub.FeatureMembershipArgs{
    			Location:           pulumi.String("global"),
    			Feature:            feature.Name,
    			Membership:         membership.MembershipId,
    			MembershipLocation: membership.Location,
    			Configmanagement: &gkehub.FeatureMembershipConfigmanagementArgs{
    				Version: pulumi.String("1.6.2"),
    				ConfigSync: &gkehub.FeatureMembershipConfigmanagementConfigSyncArgs{
    					Git: &gkehub.FeatureMembershipConfigmanagementConfigSyncGitArgs{
    						SyncRepo: pulumi.String("https://github.com/hashicorp/terraform"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Gcp.Container.Cluster("cluster", new()
        {
            Name = "my-cluster",
            Location = "us-central1-a",
            InitialNodeCount = 1,
        });
    
        var membership = new Gcp.GkeHub.Membership("membership", new()
        {
            MembershipId = "my-membership",
            Location = "us-central1",
            Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
            {
                GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
                {
                    ResourceLink = cluster.Id.Apply(id => $"//container.googleapis.com/{id}"),
                },
            },
        });
    
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "configmanagement",
            Location = "global",
            Labels = 
            {
                { "foo", "bar" },
            },
        });
    
        var featureMember = new Gcp.GkeHub.FeatureMembership("feature_member", new()
        {
            Location = "global",
            Feature = feature.Name,
            Membership = membership.MembershipId,
            MembershipLocation = membership.Location,
            Configmanagement = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementArgs
            {
                Version = "1.6.2",
                ConfigSync = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementConfigSyncArgs
                {
                    Git = new Gcp.GkeHub.Inputs.FeatureMembershipConfigmanagementConfigSyncGitArgs
                    {
                        SyncRepo = "https://github.com/hashicorp/terraform",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.Cluster;
    import com.pulumi.gcp.container.ClusterArgs;
    import com.pulumi.gcp.gkehub.Membership;
    import com.pulumi.gcp.gkehub.MembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import com.pulumi.gcp.gkehub.FeatureMembership;
    import com.pulumi.gcp.gkehub.FeatureMembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementConfigSyncArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipConfigmanagementConfigSyncGitArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Cluster("cluster", ClusterArgs.builder()        
                .name("my-cluster")
                .location("us-central1-a")
                .initialNodeCount(1)
                .build());
    
            var membership = new Membership("membership", MembershipArgs.builder()        
                .membershipId("my-membership")
                .location("us-central1")
                .endpoint(MembershipEndpointArgs.builder()
                    .gkeCluster(MembershipEndpointGkeClusterArgs.builder()
                        .resourceLink(cluster.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
                        .build())
                    .build())
                .build());
    
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("configmanagement")
                .location("global")
                .labels(Map.of("foo", "bar"))
                .build());
    
            var featureMember = new FeatureMembership("featureMember", FeatureMembershipArgs.builder()        
                .location("global")
                .feature(feature.name())
                .membership(membership.membershipId())
                .membershipLocation(membership.location())
                .configmanagement(FeatureMembershipConfigmanagementArgs.builder()
                    .version("1.6.2")
                    .configSync(FeatureMembershipConfigmanagementConfigSyncArgs.builder()
                        .git(FeatureMembershipConfigmanagementConfigSyncGitArgs.builder()
                            .syncRepo("https://github.com/hashicorp/terraform")
                            .build())
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      cluster:
        type: gcp:container:Cluster
        properties:
          name: my-cluster
          location: us-central1-a
          initialNodeCount: 1
      membership:
        type: gcp:gkehub:Membership
        properties:
          membershipId: my-membership
          location: us-central1
          endpoint:
            gkeCluster:
              resourceLink: //container.googleapis.com/${cluster.id}
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: configmanagement
          location: global
          labels:
            foo: bar
      featureMember:
        type: gcp:gkehub:FeatureMembership
        name: feature_member
        properties:
          location: global
          feature: ${feature.name}
          membership: ${membership.membershipId}
          membershipLocation: ${membership.location}
          configmanagement:
            version: 1.6.2
            configSync:
              git:
                syncRepo: https://github.com/hashicorp/terraform
    

    Policy Controller With Minimal Configuration

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const cluster = new gcp.container.Cluster("cluster", {
        name: "my-cluster",
        location: "us-central1-a",
        initialNodeCount: 1,
    });
    const membership = new gcp.gkehub.Membership("membership", {
        membershipId: "my-membership",
        endpoint: {
            gkeCluster: {
                resourceLink: pulumi.interpolate`//container.googleapis.com/${cluster.id}`,
            },
        },
    });
    const feature = new gcp.gkehub.Feature("feature", {
        name: "policycontroller",
        location: "global",
    });
    const featureMember = new gcp.gkehub.FeatureMembership("feature_member", {
        location: "global",
        feature: feature.name,
        membership: membership.membershipId,
        policycontroller: {
            policyControllerHubConfig: {
                installSpec: "INSTALL_SPEC_ENABLED",
            },
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    cluster = gcp.container.Cluster("cluster",
        name="my-cluster",
        location="us-central1-a",
        initial_node_count=1)
    membership = gcp.gkehub.Membership("membership",
        membership_id="my-membership",
        endpoint=gcp.gkehub.MembershipEndpointArgs(
            gke_cluster=gcp.gkehub.MembershipEndpointGkeClusterArgs(
                resource_link=cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
            ),
        ))
    feature = gcp.gkehub.Feature("feature",
        name="policycontroller",
        location="global")
    feature_member = gcp.gkehub.FeatureMembership("feature_member",
        location="global",
        feature=feature.name,
        membership=membership.membership_id,
        policycontroller=gcp.gkehub.FeatureMembershipPolicycontrollerArgs(
            policy_controller_hub_config=gcp.gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs(
                install_spec="INSTALL_SPEC_ENABLED",
            ),
        ))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cluster, err := container.NewCluster(ctx, "cluster", &container.ClusterArgs{
    			Name:             pulumi.String("my-cluster"),
    			Location:         pulumi.String("us-central1-a"),
    			InitialNodeCount: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
    			MembershipId: pulumi.String("my-membership"),
    			Endpoint: &gkehub.MembershipEndpointArgs{
    				GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
    					ResourceLink: cluster.ID().ApplyT(func(id string) (string, error) {
    						return fmt.Sprintf("//container.googleapis.com/%v", id), nil
    					}).(pulumi.StringOutput),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		feature, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("policycontroller"),
    			Location: pulumi.String("global"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = gkehub.NewFeatureMembership(ctx, "feature_member", &gkehub.FeatureMembershipArgs{
    			Location:   pulumi.String("global"),
    			Feature:    feature.Name,
    			Membership: membership.MembershipId,
    			Policycontroller: &gkehub.FeatureMembershipPolicycontrollerArgs{
    				PolicyControllerHubConfig: &gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs{
    					InstallSpec: pulumi.String("INSTALL_SPEC_ENABLED"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Gcp.Container.Cluster("cluster", new()
        {
            Name = "my-cluster",
            Location = "us-central1-a",
            InitialNodeCount = 1,
        });
    
        var membership = new Gcp.GkeHub.Membership("membership", new()
        {
            MembershipId = "my-membership",
            Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
            {
                GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
                {
                    ResourceLink = cluster.Id.Apply(id => $"//container.googleapis.com/{id}"),
                },
            },
        });
    
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "policycontroller",
            Location = "global",
        });
    
        var featureMember = new Gcp.GkeHub.FeatureMembership("feature_member", new()
        {
            Location = "global",
            Feature = feature.Name,
            Membership = membership.MembershipId,
            Policycontroller = new Gcp.GkeHub.Inputs.FeatureMembershipPolicycontrollerArgs
            {
                PolicyControllerHubConfig = new Gcp.GkeHub.Inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs
                {
                    InstallSpec = "INSTALL_SPEC_ENABLED",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.Cluster;
    import com.pulumi.gcp.container.ClusterArgs;
    import com.pulumi.gcp.gkehub.Membership;
    import com.pulumi.gcp.gkehub.MembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import com.pulumi.gcp.gkehub.FeatureMembership;
    import com.pulumi.gcp.gkehub.FeatureMembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipPolicycontrollerArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Cluster("cluster", ClusterArgs.builder()        
                .name("my-cluster")
                .location("us-central1-a")
                .initialNodeCount(1)
                .build());
    
            var membership = new Membership("membership", MembershipArgs.builder()        
                .membershipId("my-membership")
                .endpoint(MembershipEndpointArgs.builder()
                    .gkeCluster(MembershipEndpointGkeClusterArgs.builder()
                        .resourceLink(cluster.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
                        .build())
                    .build())
                .build());
    
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("policycontroller")
                .location("global")
                .build());
    
            var featureMember = new FeatureMembership("featureMember", FeatureMembershipArgs.builder()        
                .location("global")
                .feature(feature.name())
                .membership(membership.membershipId())
                .policycontroller(FeatureMembershipPolicycontrollerArgs.builder()
                    .policyControllerHubConfig(FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs.builder()
                        .installSpec("INSTALL_SPEC_ENABLED")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      cluster:
        type: gcp:container:Cluster
        properties:
          name: my-cluster
          location: us-central1-a
          initialNodeCount: 1
      membership:
        type: gcp:gkehub:Membership
        properties:
          membershipId: my-membership
          endpoint:
            gkeCluster:
              resourceLink: //container.googleapis.com/${cluster.id}
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: policycontroller
          location: global
      featureMember:
        type: gcp:gkehub:FeatureMembership
        name: feature_member
        properties:
          location: global
          feature: ${feature.name}
          membership: ${membership.membershipId}
          policycontroller:
            policyControllerHubConfig:
              installSpec: INSTALL_SPEC_ENABLED
    

    Policy Controller With Custom Configurations

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const cluster = new gcp.container.Cluster("cluster", {
        name: "my-cluster",
        location: "us-central1-a",
        initialNodeCount: 1,
    });
    const membership = new gcp.gkehub.Membership("membership", {
        membershipId: "my-membership",
        endpoint: {
            gkeCluster: {
                resourceLink: pulumi.interpolate`//container.googleapis.com/${cluster.id}`,
            },
        },
    });
    const feature = new gcp.gkehub.Feature("feature", {
        name: "policycontroller",
        location: "global",
    });
    const featureMember = new gcp.gkehub.FeatureMembership("feature_member", {
        location: "global",
        feature: feature.name,
        membership: membership.membershipId,
        policycontroller: {
            policyControllerHubConfig: {
                installSpec: "INSTALL_SPEC_SUSPENDED",
                policyContent: {
                    templateLibrary: {
                        installation: "NOT_INSTALLED",
                    },
                },
                constraintViolationLimit: 50,
                auditIntervalSeconds: 120,
                referentialRulesEnabled: true,
                logDeniesEnabled: true,
                mutationEnabled: true,
            },
            version: "1.17.0",
        },
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    cluster = gcp.container.Cluster("cluster",
        name="my-cluster",
        location="us-central1-a",
        initial_node_count=1)
    membership = gcp.gkehub.Membership("membership",
        membership_id="my-membership",
        endpoint=gcp.gkehub.MembershipEndpointArgs(
            gke_cluster=gcp.gkehub.MembershipEndpointGkeClusterArgs(
                resource_link=cluster.id.apply(lambda id: f"//container.googleapis.com/{id}"),
            ),
        ))
    feature = gcp.gkehub.Feature("feature",
        name="policycontroller",
        location="global")
    feature_member = gcp.gkehub.FeatureMembership("feature_member",
        location="global",
        feature=feature.name,
        membership=membership.membership_id,
        policycontroller=gcp.gkehub.FeatureMembershipPolicycontrollerArgs(
            policy_controller_hub_config=gcp.gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs(
                install_spec="INSTALL_SPEC_SUSPENDED",
                policy_content=gcp.gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentArgs(
                    template_library=gcp.gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryArgs(
                        installation="NOT_INSTALLED",
                    ),
                ),
                constraint_violation_limit=50,
                audit_interval_seconds=120,
                referential_rules_enabled=True,
                log_denies_enabled=True,
                mutation_enabled=True,
            ),
            version="1.17.0",
        ))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cluster, err := container.NewCluster(ctx, "cluster", &container.ClusterArgs{
    			Name:             pulumi.String("my-cluster"),
    			Location:         pulumi.String("us-central1-a"),
    			InitialNodeCount: pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
    			MembershipId: pulumi.String("my-membership"),
    			Endpoint: &gkehub.MembershipEndpointArgs{
    				GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
    					ResourceLink: cluster.ID().ApplyT(func(id string) (string, error) {
    						return fmt.Sprintf("//container.googleapis.com/%v", id), nil
    					}).(pulumi.StringOutput),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		feature, err := gkehub.NewFeature(ctx, "feature", &gkehub.FeatureArgs{
    			Name:     pulumi.String("policycontroller"),
    			Location: pulumi.String("global"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = gkehub.NewFeatureMembership(ctx, "feature_member", &gkehub.FeatureMembershipArgs{
    			Location:   pulumi.String("global"),
    			Feature:    feature.Name,
    			Membership: membership.MembershipId,
    			Policycontroller: &gkehub.FeatureMembershipPolicycontrollerArgs{
    				PolicyControllerHubConfig: &gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs{
    					InstallSpec: pulumi.String("INSTALL_SPEC_SUSPENDED"),
    					PolicyContent: &gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentArgs{
    						TemplateLibrary: &gkehub.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryArgs{
    							Installation: pulumi.String("NOT_INSTALLED"),
    						},
    					},
    					ConstraintViolationLimit: pulumi.Int(50),
    					AuditIntervalSeconds:     pulumi.Int(120),
    					ReferentialRulesEnabled:  pulumi.Bool(true),
    					LogDeniesEnabled:         pulumi.Bool(true),
    					MutationEnabled:          pulumi.Bool(true),
    				},
    				Version: pulumi.String("1.17.0"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var cluster = new Gcp.Container.Cluster("cluster", new()
        {
            Name = "my-cluster",
            Location = "us-central1-a",
            InitialNodeCount = 1,
        });
    
        var membership = new Gcp.GkeHub.Membership("membership", new()
        {
            MembershipId = "my-membership",
            Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
            {
                GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
                {
                    ResourceLink = cluster.Id.Apply(id => $"//container.googleapis.com/{id}"),
                },
            },
        });
    
        var feature = new Gcp.GkeHub.Feature("feature", new()
        {
            Name = "policycontroller",
            Location = "global",
        });
    
        var featureMember = new Gcp.GkeHub.FeatureMembership("feature_member", new()
        {
            Location = "global",
            Feature = feature.Name,
            Membership = membership.MembershipId,
            Policycontroller = new Gcp.GkeHub.Inputs.FeatureMembershipPolicycontrollerArgs
            {
                PolicyControllerHubConfig = new Gcp.GkeHub.Inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs
                {
                    InstallSpec = "INSTALL_SPEC_SUSPENDED",
                    PolicyContent = new Gcp.GkeHub.Inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentArgs
                    {
                        TemplateLibrary = new Gcp.GkeHub.Inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryArgs
                        {
                            Installation = "NOT_INSTALLED",
                        },
                    },
                    ConstraintViolationLimit = 50,
                    AuditIntervalSeconds = 120,
                    ReferentialRulesEnabled = true,
                    LogDeniesEnabled = true,
                    MutationEnabled = true,
                },
                Version = "1.17.0",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.container.Cluster;
    import com.pulumi.gcp.container.ClusterArgs;
    import com.pulumi.gcp.gkehub.Membership;
    import com.pulumi.gcp.gkehub.MembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
    import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
    import com.pulumi.gcp.gkehub.Feature;
    import com.pulumi.gcp.gkehub.FeatureArgs;
    import com.pulumi.gcp.gkehub.FeatureMembership;
    import com.pulumi.gcp.gkehub.FeatureMembershipArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipPolicycontrollerArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentArgs;
    import com.pulumi.gcp.gkehub.inputs.FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var cluster = new Cluster("cluster", ClusterArgs.builder()        
                .name("my-cluster")
                .location("us-central1-a")
                .initialNodeCount(1)
                .build());
    
            var membership = new Membership("membership", MembershipArgs.builder()        
                .membershipId("my-membership")
                .endpoint(MembershipEndpointArgs.builder()
                    .gkeCluster(MembershipEndpointGkeClusterArgs.builder()
                        .resourceLink(cluster.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
                        .build())
                    .build())
                .build());
    
            var feature = new Feature("feature", FeatureArgs.builder()        
                .name("policycontroller")
                .location("global")
                .build());
    
            var featureMember = new FeatureMembership("featureMember", FeatureMembershipArgs.builder()        
                .location("global")
                .feature(feature.name())
                .membership(membership.membershipId())
                .policycontroller(FeatureMembershipPolicycontrollerArgs.builder()
                    .policyControllerHubConfig(FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs.builder()
                        .installSpec("INSTALL_SPEC_SUSPENDED")
                        .policyContent(FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentArgs.builder()
                            .templateLibrary(FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryArgs.builder()
                                .installation("NOT_INSTALLED")
                                .build())
                            .build())
                        .constraintViolationLimit(50)
                        .auditIntervalSeconds(120)
                        .referentialRulesEnabled(true)
                        .logDeniesEnabled(true)
                        .mutationEnabled(true)
                        .build())
                    .version("1.17.0")
                    .build())
                .build());
    
        }
    }
    
    resources:
      cluster:
        type: gcp:container:Cluster
        properties:
          name: my-cluster
          location: us-central1-a
          initialNodeCount: 1
      membership:
        type: gcp:gkehub:Membership
        properties:
          membershipId: my-membership
          endpoint:
            gkeCluster:
              resourceLink: //container.googleapis.com/${cluster.id}
      feature:
        type: gcp:gkehub:Feature
        properties:
          name: policycontroller
          location: global
      featureMember:
        type: gcp:gkehub:FeatureMembership
        name: feature_member
        properties:
          location: global
          feature: ${feature.name}
          membership: ${membership.membershipId}
          policycontroller:
            policyControllerHubConfig:
              installSpec: INSTALL_SPEC_SUSPENDED
              policyContent:
                templateLibrary:
                  installation: NOT_INSTALLED
              constraintViolationLimit: 50
              auditIntervalSeconds: 120
              referentialRulesEnabled: true
              logDeniesEnabled: true
              mutationEnabled: true
            version: 1.17.0
    

    Create FeatureMembership Resource

    new FeatureMembership(name: string, args: FeatureMembershipArgs, opts?: CustomResourceOptions);
    @overload
    def FeatureMembership(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          configmanagement: Optional[FeatureMembershipConfigmanagementArgs] = None,
                          feature: Optional[str] = None,
                          location: Optional[str] = None,
                          membership: Optional[str] = None,
                          membership_location: Optional[str] = None,
                          mesh: Optional[FeatureMembershipMeshArgs] = None,
                          policycontroller: Optional[FeatureMembershipPolicycontrollerArgs] = None,
                          project: Optional[str] = None)
    @overload
    def FeatureMembership(resource_name: str,
                          args: FeatureMembershipArgs,
                          opts: Optional[ResourceOptions] = None)
    func NewFeatureMembership(ctx *Context, name string, args FeatureMembershipArgs, opts ...ResourceOption) (*FeatureMembership, error)
    public FeatureMembership(string name, FeatureMembershipArgs args, CustomResourceOptions? opts = null)
    public FeatureMembership(String name, FeatureMembershipArgs args)
    public FeatureMembership(String name, FeatureMembershipArgs args, CustomResourceOptions options)
    
    type: gcp:gkehub:FeatureMembership
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args FeatureMembershipArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FeatureMembershipArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FeatureMembershipArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FeatureMembershipArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FeatureMembershipArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    FeatureMembership Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The FeatureMembership resource accepts the following input properties:

    Feature string
    The name of the feature
    Location string
    The location of the feature
    Membership string
    The name of the membership
    Configmanagement FeatureMembershipConfigmanagement
    Config Management-specific spec. Structure is documented below.
    MembershipLocation string
    The location of the membership, for example, "us-central1". Default is "global".
    Mesh FeatureMembershipMesh
    Service mesh specific spec. Structure is documented below.
    Policycontroller FeatureMembershipPolicycontroller
    Policy Controller-specific spec. Structure is documented below.
    Project string
    The project of the feature
    Feature string
    The name of the feature
    Location string
    The location of the feature
    Membership string
    The name of the membership
    Configmanagement FeatureMembershipConfigmanagementArgs
    Config Management-specific spec. Structure is documented below.
    MembershipLocation string
    The location of the membership, for example, "us-central1". Default is "global".
    Mesh FeatureMembershipMeshArgs
    Service mesh specific spec. Structure is documented below.
    Policycontroller FeatureMembershipPolicycontrollerArgs
    Policy Controller-specific spec. Structure is documented below.
    Project string
    The project of the feature
    feature String
    The name of the feature
    location String
    The location of the feature
    membership String
    The name of the membership
    configmanagement FeatureMembershipConfigmanagement
    Config Management-specific spec. Structure is documented below.
    membershipLocation String
    The location of the membership, for example, "us-central1". Default is "global".
    mesh FeatureMembershipMesh
    Service mesh specific spec. Structure is documented below.
    policycontroller FeatureMembershipPolicycontroller
    Policy Controller-specific spec. Structure is documented below.
    project String
    The project of the feature
    feature string
    The name of the feature
    location string
    The location of the feature
    membership string
    The name of the membership
    configmanagement FeatureMembershipConfigmanagement
    Config Management-specific spec. Structure is documented below.
    membershipLocation string
    The location of the membership, for example, "us-central1". Default is "global".
    mesh FeatureMembershipMesh
    Service mesh specific spec. Structure is documented below.
    policycontroller FeatureMembershipPolicycontroller
    Policy Controller-specific spec. Structure is documented below.
    project string
    The project of the feature
    feature str
    The name of the feature
    location str
    The location of the feature
    membership str
    The name of the membership
    configmanagement FeatureMembershipConfigmanagementArgs
    Config Management-specific spec. Structure is documented below.
    membership_location str
    The location of the membership, for example, "us-central1". Default is "global".
    mesh FeatureMembershipMeshArgs
    Service mesh specific spec. Structure is documented below.
    policycontroller FeatureMembershipPolicycontrollerArgs
    Policy Controller-specific spec. Structure is documented below.
    project str
    The project of the feature
    feature String
    The name of the feature
    location String
    The location of the feature
    membership String
    The name of the membership
    configmanagement Property Map
    Config Management-specific spec. Structure is documented below.
    membershipLocation String
    The location of the membership, for example, "us-central1". Default is "global".
    mesh Property Map
    Service mesh specific spec. Structure is documented below.
    policycontroller Property Map
    Policy Controller-specific spec. Structure is documented below.
    project String
    The project of the feature

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FeatureMembership resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing FeatureMembership Resource

    Get an existing FeatureMembership resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FeatureMembershipState, opts?: CustomResourceOptions): FeatureMembership
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            configmanagement: Optional[FeatureMembershipConfigmanagementArgs] = None,
            feature: Optional[str] = None,
            location: Optional[str] = None,
            membership: Optional[str] = None,
            membership_location: Optional[str] = None,
            mesh: Optional[FeatureMembershipMeshArgs] = None,
            policycontroller: Optional[FeatureMembershipPolicycontrollerArgs] = None,
            project: Optional[str] = None) -> FeatureMembership
    func GetFeatureMembership(ctx *Context, name string, id IDInput, state *FeatureMembershipState, opts ...ResourceOption) (*FeatureMembership, error)
    public static FeatureMembership Get(string name, Input<string> id, FeatureMembershipState? state, CustomResourceOptions? opts = null)
    public static FeatureMembership get(String name, Output<String> id, FeatureMembershipState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Configmanagement FeatureMembershipConfigmanagement
    Config Management-specific spec. Structure is documented below.
    Feature string
    The name of the feature
    Location string
    The location of the feature
    Membership string
    The name of the membership
    MembershipLocation string
    The location of the membership, for example, "us-central1". Default is "global".
    Mesh FeatureMembershipMesh
    Service mesh specific spec. Structure is documented below.
    Policycontroller FeatureMembershipPolicycontroller
    Policy Controller-specific spec. Structure is documented below.
    Project string
    The project of the feature
    Configmanagement FeatureMembershipConfigmanagementArgs
    Config Management-specific spec. Structure is documented below.
    Feature string
    The name of the feature
    Location string
    The location of the feature
    Membership string
    The name of the membership
    MembershipLocation string
    The location of the membership, for example, "us-central1". Default is "global".
    Mesh FeatureMembershipMeshArgs
    Service mesh specific spec. Structure is documented below.
    Policycontroller FeatureMembershipPolicycontrollerArgs
    Policy Controller-specific spec. Structure is documented below.
    Project string
    The project of the feature
    configmanagement FeatureMembershipConfigmanagement
    Config Management-specific spec. Structure is documented below.
    feature String
    The name of the feature
    location String
    The location of the feature
    membership String
    The name of the membership
    membershipLocation String
    The location of the membership, for example, "us-central1". Default is "global".
    mesh FeatureMembershipMesh
    Service mesh specific spec. Structure is documented below.
    policycontroller FeatureMembershipPolicycontroller
    Policy Controller-specific spec. Structure is documented below.
    project String
    The project of the feature
    configmanagement FeatureMembershipConfigmanagement
    Config Management-specific spec. Structure is documented below.
    feature string
    The name of the feature
    location string
    The location of the feature
    membership string
    The name of the membership
    membershipLocation string
    The location of the membership, for example, "us-central1". Default is "global".
    mesh FeatureMembershipMesh
    Service mesh specific spec. Structure is documented below.
    policycontroller FeatureMembershipPolicycontroller
    Policy Controller-specific spec. Structure is documented below.
    project string
    The project of the feature
    configmanagement FeatureMembershipConfigmanagementArgs
    Config Management-specific spec. Structure is documented below.
    feature str
    The name of the feature
    location str
    The location of the feature
    membership str
    The name of the membership
    membership_location str
    The location of the membership, for example, "us-central1". Default is "global".
    mesh FeatureMembershipMeshArgs
    Service mesh specific spec. Structure is documented below.
    policycontroller FeatureMembershipPolicycontrollerArgs
    Policy Controller-specific spec. Structure is documented below.
    project str
    The project of the feature
    configmanagement Property Map
    Config Management-specific spec. Structure is documented below.
    feature String
    The name of the feature
    location String
    The location of the feature
    membership String
    The name of the membership
    membershipLocation String
    The location of the membership, for example, "us-central1". Default is "global".
    mesh Property Map
    Service mesh specific spec. Structure is documented below.
    policycontroller Property Map
    Policy Controller-specific spec. Structure is documented below.
    project String
    The project of the feature

    Supporting Types

    FeatureMembershipConfigmanagement, FeatureMembershipConfigmanagementArgs

    Binauthz FeatureMembershipConfigmanagementBinauthz
    Binauthz configuration for the cluster. Structure is documented below.
    ConfigSync FeatureMembershipConfigmanagementConfigSync
    Config Sync configuration for the cluster. Structure is documented below.
    HierarchyController FeatureMembershipConfigmanagementHierarchyController
    Hierarchy Controller configuration for the cluster. Structure is documented below.
    PolicyController FeatureMembershipConfigmanagementPolicyController
    Policy Controller configuration for the cluster. Structure is documented below.
    Version string
    Version of ACM installed.
    Binauthz FeatureMembershipConfigmanagementBinauthz
    Binauthz configuration for the cluster. Structure is documented below.
    ConfigSync FeatureMembershipConfigmanagementConfigSync
    Config Sync configuration for the cluster. Structure is documented below.
    HierarchyController FeatureMembershipConfigmanagementHierarchyController
    Hierarchy Controller configuration for the cluster. Structure is documented below.
    PolicyController FeatureMembershipConfigmanagementPolicyController
    Policy Controller configuration for the cluster. Structure is documented below.
    Version string
    Version of ACM installed.
    binauthz FeatureMembershipConfigmanagementBinauthz
    Binauthz configuration for the cluster. Structure is documented below.
    configSync FeatureMembershipConfigmanagementConfigSync
    Config Sync configuration for the cluster. Structure is documented below.
    hierarchyController FeatureMembershipConfigmanagementHierarchyController
    Hierarchy Controller configuration for the cluster. Structure is documented below.
    policyController FeatureMembershipConfigmanagementPolicyController
    Policy Controller configuration for the cluster. Structure is documented below.
    version String
    Version of ACM installed.
    binauthz FeatureMembershipConfigmanagementBinauthz
    Binauthz configuration for the cluster. Structure is documented below.
    configSync FeatureMembershipConfigmanagementConfigSync
    Config Sync configuration for the cluster. Structure is documented below.
    hierarchyController FeatureMembershipConfigmanagementHierarchyController
    Hierarchy Controller configuration for the cluster. Structure is documented below.
    policyController FeatureMembershipConfigmanagementPolicyController
    Policy Controller configuration for the cluster. Structure is documented below.
    version string
    Version of ACM installed.
    binauthz FeatureMembershipConfigmanagementBinauthz
    Binauthz configuration for the cluster. Structure is documented below.
    config_sync FeatureMembershipConfigmanagementConfigSync
    Config Sync configuration for the cluster. Structure is documented below.
    hierarchy_controller FeatureMembershipConfigmanagementHierarchyController
    Hierarchy Controller configuration for the cluster. Structure is documented below.
    policy_controller FeatureMembershipConfigmanagementPolicyController
    Policy Controller configuration for the cluster. Structure is documented below.
    version str
    Version of ACM installed.
    binauthz Property Map
    Binauthz configuration for the cluster. Structure is documented below.
    configSync Property Map
    Config Sync configuration for the cluster. Structure is documented below.
    hierarchyController Property Map
    Hierarchy Controller configuration for the cluster. Structure is documented below.
    policyController Property Map
    Policy Controller configuration for the cluster. Structure is documented below.
    version String
    Version of ACM installed.

    FeatureMembershipConfigmanagementBinauthz, FeatureMembershipConfigmanagementBinauthzArgs

    Enabled bool
    Whether binauthz is enabled in this cluster.
    Enabled bool
    Whether binauthz is enabled in this cluster.
    enabled Boolean
    Whether binauthz is enabled in this cluster.
    enabled boolean
    Whether binauthz is enabled in this cluster.
    enabled bool
    Whether binauthz is enabled in this cluster.
    enabled Boolean
    Whether binauthz is enabled in this cluster.

    FeatureMembershipConfigmanagementConfigSync, FeatureMembershipConfigmanagementConfigSyncArgs

    Git FeatureMembershipConfigmanagementConfigSyncGit
    (Optional) Structure is documented below.
    MetricsGcpServiceAccountEmail string
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring. The GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.
    Oci FeatureMembershipConfigmanagementConfigSyncOci

    (Optional) Supported from ACM versions 1.12.0 onwards. Structure is documented below.

    Use either git or oci config option.

    PreventDrift bool
    Supported from ACM versions 1.10.0 onwards. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to "false", disables the Config Sync admission webhook and does not prevent drifts.
    SourceFormat string
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    Git FeatureMembershipConfigmanagementConfigSyncGit
    (Optional) Structure is documented below.
    MetricsGcpServiceAccountEmail string
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring. The GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.
    Oci FeatureMembershipConfigmanagementConfigSyncOci

    (Optional) Supported from ACM versions 1.12.0 onwards. Structure is documented below.

    Use either git or oci config option.

    PreventDrift bool
    Supported from ACM versions 1.10.0 onwards. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to "false", disables the Config Sync admission webhook and does not prevent drifts.
    SourceFormat string
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    git FeatureMembershipConfigmanagementConfigSyncGit
    (Optional) Structure is documented below.
    metricsGcpServiceAccountEmail String
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring. The GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.
    oci FeatureMembershipConfigmanagementConfigSyncOci

    (Optional) Supported from ACM versions 1.12.0 onwards. Structure is documented below.

    Use either git or oci config option.

    preventDrift Boolean
    Supported from ACM versions 1.10.0 onwards. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to "false", disables the Config Sync admission webhook and does not prevent drifts.
    sourceFormat String
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    git FeatureMembershipConfigmanagementConfigSyncGit
    (Optional) Structure is documented below.
    metricsGcpServiceAccountEmail string
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring. The GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.
    oci FeatureMembershipConfigmanagementConfigSyncOci

    (Optional) Supported from ACM versions 1.12.0 onwards. Structure is documented below.

    Use either git or oci config option.

    preventDrift boolean
    Supported from ACM versions 1.10.0 onwards. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to "false", disables the Config Sync admission webhook and does not prevent drifts.
    sourceFormat string
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    git FeatureMembershipConfigmanagementConfigSyncGit
    (Optional) Structure is documented below.
    metrics_gcp_service_account_email str
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring. The GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.
    oci FeatureMembershipConfigmanagementConfigSyncOci

    (Optional) Supported from ACM versions 1.12.0 onwards. Structure is documented below.

    Use either git or oci config option.

    prevent_drift bool
    Supported from ACM versions 1.10.0 onwards. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to "false", disables the Config Sync admission webhook and does not prevent drifts.
    source_format str
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    git Property Map
    (Optional) Structure is documented below.
    metricsGcpServiceAccountEmail String
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring. The GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.
    oci Property Map

    (Optional) Supported from ACM versions 1.12.0 onwards. Structure is documented below.

    Use either git or oci config option.

    preventDrift Boolean
    Supported from ACM versions 1.10.0 onwards. Set to true to enable the Config Sync admission webhook to prevent drifts. If set to "false", disables the Config Sync admission webhook and does not prevent drifts.
    sourceFormat String
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.

    FeatureMembershipConfigmanagementConfigSyncGit, FeatureMembershipConfigmanagementConfigSyncGitArgs

    GcpServiceAccountEmail string
    The GCP Service Account Email used for auth when secretType is gcpServiceAccount.
    HttpsProxy string
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    PolicyDir string
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    SecretType string
    Type of secret configured for access to the Git repo.
    SyncBranch string
    The branch of the repository to sync from. Default: master.
    SyncRepo string
    The URL of the Git repository to use as the source of truth.
    SyncRev string
    Git revision (tag or hash) to check out. Default HEAD.
    SyncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    GcpServiceAccountEmail string
    The GCP Service Account Email used for auth when secretType is gcpServiceAccount.
    HttpsProxy string
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    PolicyDir string
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    SecretType string
    Type of secret configured for access to the Git repo.
    SyncBranch string
    The branch of the repository to sync from. Default: master.
    SyncRepo string
    The URL of the Git repository to use as the source of truth.
    SyncRev string
    Git revision (tag or hash) to check out. Default HEAD.
    SyncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The GCP Service Account Email used for auth when secretType is gcpServiceAccount.
    httpsProxy String
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policyDir String
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secretType String
    Type of secret configured for access to the Git repo.
    syncBranch String
    The branch of the repository to sync from. Default: master.
    syncRepo String
    The URL of the Git repository to use as the source of truth.
    syncRev String
    Git revision (tag or hash) to check out. Default HEAD.
    syncWaitSecs String
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail string
    The GCP Service Account Email used for auth when secretType is gcpServiceAccount.
    httpsProxy string
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policyDir string
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secretType string
    Type of secret configured for access to the Git repo.
    syncBranch string
    The branch of the repository to sync from. Default: master.
    syncRepo string
    The URL of the Git repository to use as the source of truth.
    syncRev string
    Git revision (tag or hash) to check out. Default HEAD.
    syncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    gcp_service_account_email str
    The GCP Service Account Email used for auth when secretType is gcpServiceAccount.
    https_proxy str
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policy_dir str
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secret_type str
    Type of secret configured for access to the Git repo.
    sync_branch str
    The branch of the repository to sync from. Default: master.
    sync_repo str
    The URL of the Git repository to use as the source of truth.
    sync_rev str
    Git revision (tag or hash) to check out. Default HEAD.
    sync_wait_secs str
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The GCP Service Account Email used for auth when secretType is gcpServiceAccount.
    httpsProxy String
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policyDir String
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secretType String
    Type of secret configured for access to the Git repo.
    syncBranch String
    The branch of the repository to sync from. Default: master.
    syncRepo String
    The URL of the Git repository to use as the source of truth.
    syncRev String
    Git revision (tag or hash) to check out. Default HEAD.
    syncWaitSecs String
    Period in seconds between consecutive syncs. Default: 15.

    FeatureMembershipConfigmanagementConfigSyncOci, FeatureMembershipConfigmanagementConfigSyncOciArgs

    GcpServiceAccountEmail string
    The GCP Service Account Email used for auth when secret_type is gcpserviceaccount.
    PolicyDir string
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    SecretType string
    Type of secret configured for access to the OCI Image. Must be one of gcenode, gcpserviceaccount or none.
    SyncRepo string
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    SyncWaitSecs string
    Period in seconds(int64 format) between consecutive syncs. Default: 15.
    GcpServiceAccountEmail string
    The GCP Service Account Email used for auth when secret_type is gcpserviceaccount.
    PolicyDir string
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    SecretType string
    Type of secret configured for access to the OCI Image. Must be one of gcenode, gcpserviceaccount or none.
    SyncRepo string
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    SyncWaitSecs string
    Period in seconds(int64 format) between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The GCP Service Account Email used for auth when secret_type is gcpserviceaccount.
    policyDir String
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secretType String
    Type of secret configured for access to the OCI Image. Must be one of gcenode, gcpserviceaccount or none.
    syncRepo String
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    syncWaitSecs String
    Period in seconds(int64 format) between consecutive syncs. Default: 15.
    gcpServiceAccountEmail string
    The GCP Service Account Email used for auth when secret_type is gcpserviceaccount.
    policyDir string
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secretType string
    Type of secret configured for access to the OCI Image. Must be one of gcenode, gcpserviceaccount or none.
    syncRepo string
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    syncWaitSecs string
    Period in seconds(int64 format) between consecutive syncs. Default: 15.
    gcp_service_account_email str
    The GCP Service Account Email used for auth when secret_type is gcpserviceaccount.
    policy_dir str
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secret_type str
    Type of secret configured for access to the OCI Image. Must be one of gcenode, gcpserviceaccount or none.
    sync_repo str
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    sync_wait_secs str
    Period in seconds(int64 format) between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The GCP Service Account Email used for auth when secret_type is gcpserviceaccount.
    policyDir String
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secretType String
    Type of secret configured for access to the OCI Image. Must be one of gcenode, gcpserviceaccount or none.
    syncRepo String
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    syncWaitSecs String
    Period in seconds(int64 format) between consecutive syncs. Default: 15.

    FeatureMembershipConfigmanagementHierarchyController, FeatureMembershipConfigmanagementHierarchyControllerArgs

    EnableHierarchicalResourceQuota bool
    Whether hierarchical resource quota is enabled in this cluster.
    EnablePodTreeLabels bool
    Whether pod tree labels are enabled in this cluster.
    Enabled bool
    Whether Hierarchy Controller is enabled in this cluster.
    EnableHierarchicalResourceQuota bool
    Whether hierarchical resource quota is enabled in this cluster.
    EnablePodTreeLabels bool
    Whether pod tree labels are enabled in this cluster.
    Enabled bool
    Whether Hierarchy Controller is enabled in this cluster.
    enableHierarchicalResourceQuota Boolean
    Whether hierarchical resource quota is enabled in this cluster.
    enablePodTreeLabels Boolean
    Whether pod tree labels are enabled in this cluster.
    enabled Boolean
    Whether Hierarchy Controller is enabled in this cluster.
    enableHierarchicalResourceQuota boolean
    Whether hierarchical resource quota is enabled in this cluster.
    enablePodTreeLabels boolean
    Whether pod tree labels are enabled in this cluster.
    enabled boolean
    Whether Hierarchy Controller is enabled in this cluster.
    enable_hierarchical_resource_quota bool
    Whether hierarchical resource quota is enabled in this cluster.
    enable_pod_tree_labels bool
    Whether pod tree labels are enabled in this cluster.
    enabled bool
    Whether Hierarchy Controller is enabled in this cluster.
    enableHierarchicalResourceQuota Boolean
    Whether hierarchical resource quota is enabled in this cluster.
    enablePodTreeLabels Boolean
    Whether pod tree labels are enabled in this cluster.
    enabled Boolean
    Whether Hierarchy Controller is enabled in this cluster.

    FeatureMembershipConfigmanagementPolicyController, FeatureMembershipConfigmanagementPolicyControllerArgs

    AuditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    Enabled bool
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    ExemptableNamespaces List<string>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring FeatureMembershipConfigmanagementPolicyControllerMonitoring
    Specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]. Default: ["cloudmonitoring", "prometheus"]
    MutationEnabled bool
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    TemplateLibraryInstalled bool
    Installs the default template library along with Policy Controller.
    AuditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    Enabled bool
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    ExemptableNamespaces []string
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring FeatureMembershipConfigmanagementPolicyControllerMonitoring
    Specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]. Default: ["cloudmonitoring", "prometheus"]
    MutationEnabled bool
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    TemplateLibraryInstalled bool
    Installs the default template library along with Policy Controller.
    auditIntervalSeconds String
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled Boolean
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring FeatureMembershipConfigmanagementPolicyControllerMonitoring
    Specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]. Default: ["cloudmonitoring", "prometheus"]
    mutationEnabled Boolean
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    templateLibraryInstalled Boolean
    Installs the default template library along with Policy Controller.
    auditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled boolean
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptableNamespaces string[]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    logDeniesEnabled boolean
    Logs all denies and dry run failures.
    monitoring FeatureMembershipConfigmanagementPolicyControllerMonitoring
    Specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]. Default: ["cloudmonitoring", "prometheus"]
    mutationEnabled boolean
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    referentialRulesEnabled boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    templateLibraryInstalled boolean
    Installs the default template library along with Policy Controller.
    audit_interval_seconds str
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled bool
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptable_namespaces Sequence[str]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    log_denies_enabled bool
    Logs all denies and dry run failures.
    monitoring FeatureMembershipConfigmanagementPolicyControllerMonitoring
    Specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]. Default: ["cloudmonitoring", "prometheus"]
    mutation_enabled bool
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    referential_rules_enabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    template_library_installed bool
    Installs the default template library along with Policy Controller.
    auditIntervalSeconds String
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled Boolean
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring Property Map
    Specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"]. Default: ["cloudmonitoring", "prometheus"]
    mutationEnabled Boolean
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    templateLibraryInstalled Boolean
    Installs the default template library along with Policy Controller.

    FeatureMembershipConfigmanagementPolicyControllerMonitoring, FeatureMembershipConfigmanagementPolicyControllerMonitoringArgs

    Backends List<string>
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    Backends []string
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends string[]
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends Sequence[str]
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.

    FeatureMembershipMesh, FeatureMembershipMeshArgs

    ControlPlane string
    DEPRECATED Whether to automatically manage Service Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED, AUTOMATIC, MANUAL

    Deprecated:Deprecated in favor of the management field

    Management string
    Whether to automatically manage Service Mesh. Can either be MANAGEMENT_AUTOMATIC or MANAGEMENT_MANUAL.
    ControlPlane string
    DEPRECATED Whether to automatically manage Service Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED, AUTOMATIC, MANUAL

    Deprecated:Deprecated in favor of the management field

    Management string
    Whether to automatically manage Service Mesh. Can either be MANAGEMENT_AUTOMATIC or MANAGEMENT_MANUAL.
    controlPlane String
    DEPRECATED Whether to automatically manage Service Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED, AUTOMATIC, MANUAL

    Deprecated:Deprecated in favor of the management field

    management String
    Whether to automatically manage Service Mesh. Can either be MANAGEMENT_AUTOMATIC or MANAGEMENT_MANUAL.
    controlPlane string
    DEPRECATED Whether to automatically manage Service Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED, AUTOMATIC, MANUAL

    Deprecated:Deprecated in favor of the management field

    management string
    Whether to automatically manage Service Mesh. Can either be MANAGEMENT_AUTOMATIC or MANAGEMENT_MANUAL.
    control_plane str
    DEPRECATED Whether to automatically manage Service Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED, AUTOMATIC, MANUAL

    Deprecated:Deprecated in favor of the management field

    management str
    Whether to automatically manage Service Mesh. Can either be MANAGEMENT_AUTOMATIC or MANAGEMENT_MANUAL.
    controlPlane String
    DEPRECATED Whether to automatically manage Service Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED, AUTOMATIC, MANUAL

    Deprecated:Deprecated in favor of the management field

    management String
    Whether to automatically manage Service Mesh. Can either be MANAGEMENT_AUTOMATIC or MANAGEMENT_MANUAL.

    FeatureMembershipPolicycontroller, FeatureMembershipPolicycontrollerArgs

    PolicyControllerHubConfig FeatureMembershipPolicycontrollerPolicyControllerHubConfig
    Policy Controller configuration for the cluster. Structure is documented below.
    Version string
    Version of Policy Controller to install. Defaults to the latest version.
    PolicyControllerHubConfig FeatureMembershipPolicycontrollerPolicyControllerHubConfig
    Policy Controller configuration for the cluster. Structure is documented below.
    Version string
    Version of Policy Controller to install. Defaults to the latest version.
    policyControllerHubConfig FeatureMembershipPolicycontrollerPolicyControllerHubConfig
    Policy Controller configuration for the cluster. Structure is documented below.
    version String
    Version of Policy Controller to install. Defaults to the latest version.
    policyControllerHubConfig FeatureMembershipPolicycontrollerPolicyControllerHubConfig
    Policy Controller configuration for the cluster. Structure is documented below.
    version string
    Version of Policy Controller to install. Defaults to the latest version.
    policy_controller_hub_config FeatureMembershipPolicycontrollerPolicyControllerHubConfig
    Policy Controller configuration for the cluster. Structure is documented below.
    version str
    Version of Policy Controller to install. Defaults to the latest version.
    policyControllerHubConfig Property Map
    Policy Controller configuration for the cluster. Structure is documented below.
    version String
    Version of Policy Controller to install. Defaults to the latest version.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfig, FeatureMembershipPolicycontrollerPolicyControllerHubConfigArgs

    AuditIntervalSeconds int
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    ConstraintViolationLimit int
    The maximum number of audit violations to be stored in a constraint. If not set, the default of 20 will be used.
    DeploymentConfigs List<FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfig>
    Map of deployment configs to deployments ("admission", "audit", "mutation").
    ExemptableNamespaces List<string>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    InstallSpec string
    Configures the mode of the Policy Controller installation. Must be one of INSTALL_SPEC_NOT_INSTALLED, INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED or INSTALL_SPEC_DETACHED.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring
    Specifies the backends Policy Controller should export metrics to. Structure is documented below.
    MutationEnabled bool
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    PolicyContent FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent
    Specifies the desired policy content on the cluster. Structure is documented below.
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    AuditIntervalSeconds int
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    ConstraintViolationLimit int
    The maximum number of audit violations to be stored in a constraint. If not set, the default of 20 will be used.
    DeploymentConfigs []FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfig
    Map of deployment configs to deployments ("admission", "audit", "mutation").
    ExemptableNamespaces []string
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    InstallSpec string
    Configures the mode of the Policy Controller installation. Must be one of INSTALL_SPEC_NOT_INSTALLED, INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED or INSTALL_SPEC_DETACHED.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring
    Specifies the backends Policy Controller should export metrics to. Structure is documented below.
    MutationEnabled bool
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    PolicyContent FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent
    Specifies the desired policy content on the cluster. Structure is documented below.
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    auditIntervalSeconds Integer
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraintViolationLimit Integer
    The maximum number of audit violations to be stored in a constraint. If not set, the default of 20 will be used.
    deploymentConfigs List<FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfig>
    Map of deployment configs to deployments ("admission", "audit", "mutation").
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    installSpec String
    Configures the mode of the Policy Controller installation. Must be one of INSTALL_SPEC_NOT_INSTALLED, INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED or INSTALL_SPEC_DETACHED.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring
    Specifies the backends Policy Controller should export metrics to. Structure is documented below.
    mutationEnabled Boolean
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    policyContent FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent
    Specifies the desired policy content on the cluster. Structure is documented below.
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    auditIntervalSeconds number
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraintViolationLimit number
    The maximum number of audit violations to be stored in a constraint. If not set, the default of 20 will be used.
    deploymentConfigs FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfig[]
    Map of deployment configs to deployments ("admission", "audit", "mutation").
    exemptableNamespaces string[]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    installSpec string
    Configures the mode of the Policy Controller installation. Must be one of INSTALL_SPEC_NOT_INSTALLED, INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED or INSTALL_SPEC_DETACHED.
    logDeniesEnabled boolean
    Logs all denies and dry run failures.
    monitoring FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring
    Specifies the backends Policy Controller should export metrics to. Structure is documented below.
    mutationEnabled boolean
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    policyContent FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent
    Specifies the desired policy content on the cluster. Structure is documented below.
    referentialRulesEnabled boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    audit_interval_seconds int
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraint_violation_limit int
    The maximum number of audit violations to be stored in a constraint. If not set, the default of 20 will be used.
    deployment_configs Sequence[FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfig]
    Map of deployment configs to deployments ("admission", "audit", "mutation").
    exemptable_namespaces Sequence[str]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    install_spec str
    Configures the mode of the Policy Controller installation. Must be one of INSTALL_SPEC_NOT_INSTALLED, INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED or INSTALL_SPEC_DETACHED.
    log_denies_enabled bool
    Logs all denies and dry run failures.
    monitoring FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring
    Specifies the backends Policy Controller should export metrics to. Structure is documented below.
    mutation_enabled bool
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    policy_content FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent
    Specifies the desired policy content on the cluster. Structure is documented below.
    referential_rules_enabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    auditIntervalSeconds Number
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraintViolationLimit Number
    The maximum number of audit violations to be stored in a constraint. If not set, the default of 20 will be used.
    deploymentConfigs List<Property Map>
    Map of deployment configs to deployments ("admission", "audit", "mutation").
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    installSpec String
    Configures the mode of the Policy Controller installation. Must be one of INSTALL_SPEC_NOT_INSTALLED, INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED or INSTALL_SPEC_DETACHED.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring Property Map
    Specifies the backends Policy Controller should export metrics to. Structure is documented below.
    mutationEnabled Boolean
    Enables mutation in policy controller. If true, mutation CRDs, webhook, and controller deployment will be deployed to the cluster.
    policyContent Property Map
    Specifies the desired policy content on the cluster. Structure is documented below.
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfig, FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigArgs

    ComponentName string
    The name of the component. One of admission audit or mutation
    ContainerResources FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResources
    Container resource requirements.
    PodAffinity string
    Pod affinity configuration. Possible values: AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY
    PodTolerations List<FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodToleration>
    Pod tolerations of node taints.
    ReplicaCount int
    Pod replica count.
    ComponentName string
    The name of the component. One of admission audit or mutation
    ContainerResources FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResources
    Container resource requirements.
    PodAffinity string
    Pod affinity configuration. Possible values: AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY
    PodTolerations []FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodToleration
    Pod tolerations of node taints.
    ReplicaCount int
    Pod replica count.
    componentName String
    The name of the component. One of admission audit or mutation
    containerResources FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResources
    Container resource requirements.
    podAffinity String
    Pod affinity configuration. Possible values: AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY
    podTolerations List<FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodToleration>
    Pod tolerations of node taints.
    replicaCount Integer
    Pod replica count.
    componentName string
    The name of the component. One of admission audit or mutation
    containerResources FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResources
    Container resource requirements.
    podAffinity string
    Pod affinity configuration. Possible values: AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY
    podTolerations FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodToleration[]
    Pod tolerations of node taints.
    replicaCount number
    Pod replica count.
    component_name str
    The name of the component. One of admission audit or mutation
    container_resources FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResources
    Container resource requirements.
    pod_affinity str
    Pod affinity configuration. Possible values: AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY
    pod_tolerations Sequence[FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodToleration]
    Pod tolerations of node taints.
    replica_count int
    Pod replica count.
    componentName String
    The name of the component. One of admission audit or mutation
    containerResources Property Map
    Container resource requirements.
    podAffinity String
    Pod affinity configuration. Possible values: AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY
    podTolerations List<Property Map>
    Pod tolerations of node taints.
    replicaCount Number
    Pod replica count.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResources, FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesArgs

    Limits FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimits
    Limits describes the maximum amount of compute resources allowed for use by the running container.
    Requests FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequests
    Requests describes the amount of compute resources reserved for the container by the kube-scheduler.
    Limits FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimits
    Limits describes the maximum amount of compute resources allowed for use by the running container.
    Requests FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequests
    Requests describes the amount of compute resources reserved for the container by the kube-scheduler.
    limits FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimits
    Limits describes the maximum amount of compute resources allowed for use by the running container.
    requests FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequests
    Requests describes the amount of compute resources reserved for the container by the kube-scheduler.
    limits FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimits
    Limits describes the maximum amount of compute resources allowed for use by the running container.
    requests FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequests
    Requests describes the amount of compute resources reserved for the container by the kube-scheduler.
    limits FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimits
    Limits describes the maximum amount of compute resources allowed for use by the running container.
    requests FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequests
    Requests describes the amount of compute resources reserved for the container by the kube-scheduler.
    limits Property Map
    Limits describes the maximum amount of compute resources allowed for use by the running container.
    requests Property Map
    Requests describes the amount of compute resources reserved for the container by the kube-scheduler.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimits, FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesLimitsArgs

    Cpu string
    CPU requirement expressed in Kubernetes resource units.
    Memory string
    Memory requirement expressed in Kubernetes resource units.
    Cpu string
    CPU requirement expressed in Kubernetes resource units.
    Memory string
    Memory requirement expressed in Kubernetes resource units.
    cpu String
    CPU requirement expressed in Kubernetes resource units.
    memory String
    Memory requirement expressed in Kubernetes resource units.
    cpu string
    CPU requirement expressed in Kubernetes resource units.
    memory string
    Memory requirement expressed in Kubernetes resource units.
    cpu str
    CPU requirement expressed in Kubernetes resource units.
    memory str
    Memory requirement expressed in Kubernetes resource units.
    cpu String
    CPU requirement expressed in Kubernetes resource units.
    memory String
    Memory requirement expressed in Kubernetes resource units.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequests, FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigContainerResourcesRequestsArgs

    Cpu string
    CPU requirement expressed in Kubernetes resource units.
    Memory string
    Memory requirement expressed in Kubernetes resource units.
    Cpu string
    CPU requirement expressed in Kubernetes resource units.
    Memory string
    Memory requirement expressed in Kubernetes resource units.
    cpu String
    CPU requirement expressed in Kubernetes resource units.
    memory String
    Memory requirement expressed in Kubernetes resource units.
    cpu string
    CPU requirement expressed in Kubernetes resource units.
    memory string
    Memory requirement expressed in Kubernetes resource units.
    cpu str
    CPU requirement expressed in Kubernetes resource units.
    memory str
    Memory requirement expressed in Kubernetes resource units.
    cpu String
    CPU requirement expressed in Kubernetes resource units.
    memory String
    Memory requirement expressed in Kubernetes resource units.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodToleration, FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigPodTolerationArgs

    Effect string
    Matches a taint effect.
    Key string
    Matches a taint key (not necessarily unique).
    Operator string
    Matches a taint operator.
    Value string
    Matches a taint value.
    Effect string
    Matches a taint effect.
    Key string
    Matches a taint key (not necessarily unique).
    Operator string
    Matches a taint operator.
    Value string
    Matches a taint value.
    effect String
    Matches a taint effect.
    key String
    Matches a taint key (not necessarily unique).
    operator String
    Matches a taint operator.
    value String
    Matches a taint value.
    effect string
    Matches a taint effect.
    key string
    Matches a taint key (not necessarily unique).
    operator string
    Matches a taint operator.
    value string
    Matches a taint value.
    effect str
    Matches a taint effect.
    key str
    Matches a taint key (not necessarily unique).
    operator str
    Matches a taint operator.
    value str
    Matches a taint value.
    effect String
    Matches a taint effect.
    key String
    Matches a taint key (not necessarily unique).
    operator String
    Matches a taint operator.
    value String
    Matches a taint value.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring, FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringArgs

    Backends List<string>
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    Backends []string
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends string[]
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends Sequence[str]
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. Must be one of CLOUD_MONITORING or PROMETHEUS. Defaults to [CLOUD_MONITORING, PROMETHEUS]. Specifying an empty value [] disables metrics export.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent, FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentArgs

    Bundles List<FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundle>
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    TemplateLibrary FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary
    Configures the installation of the Template Library. Structure is documented below.
    Bundles []FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundle
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    TemplateLibrary FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary
    Configures the installation of the Template Library. Structure is documented below.
    bundles List<FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundle>
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    templateLibrary FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary
    Configures the installation of the Template Library. Structure is documented below.
    bundles FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundle[]
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    templateLibrary FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary
    Configures the installation of the Template Library. Structure is documented below.
    bundles Sequence[FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundle]
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    template_library FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary
    Configures the installation of the Template Library. Structure is documented below.
    bundles List<Property Map>
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    templateLibrary Property Map
    Configures the installation of the Template Library. Structure is documented below.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundle, FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundleArgs

    BundleName string
    The name of the bundle.
    ExemptedNamespaces List<string>
    The set of namespaces to be exempted from the bundle.
    BundleName string
    The name of the bundle.
    ExemptedNamespaces []string
    The set of namespaces to be exempted from the bundle.
    bundleName String
    The name of the bundle.
    exemptedNamespaces List<String>
    The set of namespaces to be exempted from the bundle.
    bundleName string
    The name of the bundle.
    exemptedNamespaces string[]
    The set of namespaces to be exempted from the bundle.
    bundle_name str
    The name of the bundle.
    exempted_namespaces Sequence[str]
    The set of namespaces to be exempted from the bundle.
    bundleName String
    The name of the bundle.
    exemptedNamespaces List<String>
    The set of namespaces to be exempted from the bundle.

    FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary, FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryArgs

    Installation string
    Configures the manner in which the template library is installed on the cluster. Must be one of ALL, NOT_INSTALLED or INSTALLATION_UNSPECIFIED. Defaults to ALL.
    Installation string
    Configures the manner in which the template library is installed on the cluster. Must be one of ALL, NOT_INSTALLED or INSTALLATION_UNSPECIFIED. Defaults to ALL.
    installation String
    Configures the manner in which the template library is installed on the cluster. Must be one of ALL, NOT_INSTALLED or INSTALLATION_UNSPECIFIED. Defaults to ALL.
    installation string
    Configures the manner in which the template library is installed on the cluster. Must be one of ALL, NOT_INSTALLED or INSTALLATION_UNSPECIFIED. Defaults to ALL.
    installation str
    Configures the manner in which the template library is installed on the cluster. Must be one of ALL, NOT_INSTALLED or INSTALLATION_UNSPECIFIED. Defaults to ALL.
    installation String
    Configures the manner in which the template library is installed on the cluster. Must be one of ALL, NOT_INSTALLED or INSTALLATION_UNSPECIFIED. Defaults to ALL.

    Import

    FeatureMembership can be imported using any of these accepted formats:

    • projects/{{project}}/locations/{{location}}/features/{{feature}}/membershipId/{{membership}}

    • {{project}}/{{location}}/{{feature}}/{{membership}}

    • {{location}}/{{feature}}/{{membership}}

    When using the pulumi import command, FeatureMembership can be imported using one of the formats above. For example:

    $ pulumi import gcp:gkehub/featureMembership:FeatureMembership default projects/{{project}}/locations/{{location}}/features/{{feature}}/membershipId/{{membership}}
    
    $ pulumi import gcp:gkehub/featureMembership:FeatureMembership default {{project}}/{{location}}/{{feature}}/{{membership}}
    
    $ pulumi import gcp:gkehub/featureMembership:FeatureMembership default {{location}}/{{feature}}/{{membership}}
    

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi