1. Packages
  2. Google Cloud Native
  3. API Docs
  4. gkehub
  5. gkehub/v1alpha
  6. getFeature

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.gkehub/v1alpha.getFeature

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Gets details of a single Feature.

    Using getFeature

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getFeature(args: GetFeatureArgs, opts?: InvokeOptions): Promise<GetFeatureResult>
    function getFeatureOutput(args: GetFeatureOutputArgs, opts?: InvokeOptions): Output<GetFeatureResult>
    def get_feature(feature_id: Optional[str] = None,
                    location: Optional[str] = None,
                    project: Optional[str] = None,
                    opts: Optional[InvokeOptions] = None) -> GetFeatureResult
    def get_feature_output(feature_id: Optional[pulumi.Input[str]] = None,
                    location: Optional[pulumi.Input[str]] = None,
                    project: Optional[pulumi.Input[str]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetFeatureResult]
    func LookupFeature(ctx *Context, args *LookupFeatureArgs, opts ...InvokeOption) (*LookupFeatureResult, error)
    func LookupFeatureOutput(ctx *Context, args *LookupFeatureOutputArgs, opts ...InvokeOption) LookupFeatureResultOutput

    > Note: This function is named LookupFeature in the Go SDK.

    public static class GetFeature 
    {
        public static Task<GetFeatureResult> InvokeAsync(GetFeatureArgs args, InvokeOptions? opts = null)
        public static Output<GetFeatureResult> Invoke(GetFeatureInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetFeatureResult> getFeature(GetFeatureArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: google-native:gkehub/v1alpha:getFeature
      arguments:
        # arguments dictionary

    The following arguments are supported:

    FeatureId string
    Location string
    Project string
    FeatureId string
    Location string
    Project string
    featureId String
    location String
    project String
    featureId string
    location string
    project string
    featureId String
    location String
    project String

    getFeature Result

    The following output properties are available:

    CreateTime string
    When the Feature resource was created.
    DeleteTime string
    When the Feature resource was deleted.
    FleetDefaultMemberConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Outputs.CommonFleetDefaultMemberConfigSpecResponse
    Optional. Feature configuration applicable to all memberships of the fleet.
    Labels Dictionary<string, string>
    Labels for this Feature.
    MembershipSpecs Dictionary<string, string>
    Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused. The keys indicate which Membership the configuration is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    MembershipStates Dictionary<string, string>
    Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused. The keys indicate which Membership the state is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.
    Name string
    The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.
    ResourceState Pulumi.GoogleNative.GKEHub.V1Alpha.Outputs.FeatureResourceStateResponse
    State of the Feature resource itself.
    ScopeSpecs Dictionary<string, string>
    Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused. The keys indicate which Scope the configuration is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    ScopeStates Dictionary<string, string>
    Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused. The keys indicate which Scope the state is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.
    Spec Pulumi.GoogleNative.GKEHub.V1Alpha.Outputs.CommonFeatureSpecResponse
    Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.
    State Pulumi.GoogleNative.GKEHub.V1Alpha.Outputs.CommonFeatureStateResponse
    The Hub-wide Feature state.
    UpdateTime string
    When the Feature resource was last updated.
    CreateTime string
    When the Feature resource was created.
    DeleteTime string
    When the Feature resource was deleted.
    FleetDefaultMemberConfig CommonFleetDefaultMemberConfigSpecResponse
    Optional. Feature configuration applicable to all memberships of the fleet.
    Labels map[string]string
    Labels for this Feature.
    MembershipSpecs map[string]string
    Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused. The keys indicate which Membership the configuration is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    MembershipStates map[string]string
    Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused. The keys indicate which Membership the state is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.
    Name string
    The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.
    ResourceState FeatureResourceStateResponse
    State of the Feature resource itself.
    ScopeSpecs map[string]string
    Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused. The keys indicate which Scope the configuration is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    ScopeStates map[string]string
    Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused. The keys indicate which Scope the state is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.
    Spec CommonFeatureSpecResponse
    Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.
    State CommonFeatureStateResponse
    The Hub-wide Feature state.
    UpdateTime string
    When the Feature resource was last updated.
    createTime String
    When the Feature resource was created.
    deleteTime String
    When the Feature resource was deleted.
    fleetDefaultMemberConfig CommonFleetDefaultMemberConfigSpecResponse
    Optional. Feature configuration applicable to all memberships of the fleet.
    labels Map<String,String>
    Labels for this Feature.
    membershipSpecs Map<String,String>
    Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused. The keys indicate which Membership the configuration is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    membershipStates Map<String,String>
    Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused. The keys indicate which Membership the state is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.
    name String
    The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.
    resourceState FeatureResourceStateResponse
    State of the Feature resource itself.
    scopeSpecs Map<String,String>
    Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused. The keys indicate which Scope the configuration is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    scopeStates Map<String,String>
    Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused. The keys indicate which Scope the state is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.
    spec CommonFeatureSpecResponse
    Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.
    state CommonFeatureStateResponse
    The Hub-wide Feature state.
    updateTime String
    When the Feature resource was last updated.
    createTime string
    When the Feature resource was created.
    deleteTime string
    When the Feature resource was deleted.
    fleetDefaultMemberConfig CommonFleetDefaultMemberConfigSpecResponse
    Optional. Feature configuration applicable to all memberships of the fleet.
    labels {[key: string]: string}
    Labels for this Feature.
    membershipSpecs {[key: string]: string}
    Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused. The keys indicate which Membership the configuration is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    membershipStates {[key: string]: string}
    Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused. The keys indicate which Membership the state is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.
    name string
    The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.
    resourceState FeatureResourceStateResponse
    State of the Feature resource itself.
    scopeSpecs {[key: string]: string}
    Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused. The keys indicate which Scope the configuration is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    scopeStates {[key: string]: string}
    Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused. The keys indicate which Scope the state is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.
    spec CommonFeatureSpecResponse
    Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.
    state CommonFeatureStateResponse
    The Hub-wide Feature state.
    updateTime string
    When the Feature resource was last updated.
    create_time str
    When the Feature resource was created.
    delete_time str
    When the Feature resource was deleted.
    fleet_default_member_config CommonFleetDefaultMemberConfigSpecResponse
    Optional. Feature configuration applicable to all memberships of the fleet.
    labels Mapping[str, str]
    Labels for this Feature.
    membership_specs Mapping[str, str]
    Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused. The keys indicate which Membership the configuration is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    membership_states Mapping[str, str]
    Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused. The keys indicate which Membership the state is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.
    name str
    The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.
    resource_state FeatureResourceStateResponse
    State of the Feature resource itself.
    scope_specs Mapping[str, str]
    Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused. The keys indicate which Scope the configuration is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    scope_states Mapping[str, str]
    Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused. The keys indicate which Scope the state is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.
    spec CommonFeatureSpecResponse
    Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.
    state CommonFeatureStateResponse
    The Hub-wide Feature state.
    update_time str
    When the Feature resource was last updated.
    createTime String
    When the Feature resource was created.
    deleteTime String
    When the Feature resource was deleted.
    fleetDefaultMemberConfig Property Map
    Optional. Feature configuration applicable to all memberships of the fleet.
    labels Map<String>
    Labels for this Feature.
    membershipSpecs Map<String>
    Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused. The keys indicate which Membership the configuration is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    membershipStates Map<String>
    Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused. The keys indicate which Membership the state is for, in the form: projects/{p}/locations/{l}/memberships/{m} Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.
    name String
    The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.
    resourceState Property Map
    State of the Feature resource itself.
    scopeSpecs Map<String>
    Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused. The keys indicate which Scope the configuration is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project. {p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.
    scopeStates Map<String>
    Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused. The keys indicate which Scope the state is for, in the form: projects/{p}/locations/global/scopes/{s} Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.
    spec Property Map
    Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.
    state Property Map
    The Hub-wide Feature state.
    updateTime String
    When the Feature resource was last updated.

    Supporting Types

    AnthosObservabilityFeatureSpecResponse

    DefaultMembershipSpec AnthosObservabilityMembershipSpecResponse
    Default membership spec for unconfigured memberships
    defaultMembershipSpec AnthosObservabilityMembershipSpecResponse
    Default membership spec for unconfigured memberships
    defaultMembershipSpec AnthosObservabilityMembershipSpecResponse
    Default membership spec for unconfigured memberships
    default_membership_spec AnthosObservabilityMembershipSpecResponse
    Default membership spec for unconfigured memberships
    defaultMembershipSpec Property Map
    Default membership spec for unconfigured memberships

    AnthosObservabilityMembershipSpecResponse

    DoNotOptimizeMetrics bool
    Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics
    EnableStackdriverOnApplications bool
    Enable collecting and reporting metrics and logs from user apps.
    Version string
    the version of stackdriver operator used by this feature
    DoNotOptimizeMetrics bool
    Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics
    EnableStackdriverOnApplications bool
    Enable collecting and reporting metrics and logs from user apps.
    Version string
    the version of stackdriver operator used by this feature
    doNotOptimizeMetrics Boolean
    Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics
    enableStackdriverOnApplications Boolean
    Enable collecting and reporting metrics and logs from user apps.
    version String
    the version of stackdriver operator used by this feature
    doNotOptimizeMetrics boolean
    Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics
    enableStackdriverOnApplications boolean
    Enable collecting and reporting metrics and logs from user apps.
    version string
    the version of stackdriver operator used by this feature
    do_not_optimize_metrics bool
    Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics
    enable_stackdriver_on_applications bool
    Enable collecting and reporting metrics and logs from user apps.
    version str
    the version of stackdriver operator used by this feature
    doNotOptimizeMetrics Boolean
    Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics
    enableStackdriverOnApplications Boolean
    Enable collecting and reporting metrics and logs from user apps.
    version String
    the version of stackdriver operator used by this feature

    AppDevExperienceFeatureStateResponse

    NetworkingInstallSucceeded Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.StatusResponse
    Status of subcomponent that detects configured Service Mesh resources.
    NetworkingInstallSucceeded StatusResponse
    Status of subcomponent that detects configured Service Mesh resources.
    networkingInstallSucceeded StatusResponse
    Status of subcomponent that detects configured Service Mesh resources.
    networkingInstallSucceeded StatusResponse
    Status of subcomponent that detects configured Service Mesh resources.
    networking_install_succeeded StatusResponse
    Status of subcomponent that detects configured Service Mesh resources.
    networkingInstallSucceeded Property Map
    Status of subcomponent that detects configured Service Mesh resources.

    CloudAuditLoggingFeatureSpecResponse

    AllowlistedServiceAccounts List<string>
    Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)
    AllowlistedServiceAccounts []string
    Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)
    allowlistedServiceAccounts List<String>
    Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)
    allowlistedServiceAccounts string[]
    Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)
    allowlisted_service_accounts Sequence[str]
    Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)
    allowlistedServiceAccounts List<String>
    Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)

    ClusterUpgradeFleetSpecResponse

    GkeUpgradeOverrides List<Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradeGKEUpgradeOverrideResponse>
    Allow users to override some properties of each GKE upgrade.
    PostConditions Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradePostConditionsResponse
    Post conditions to evaluate to mark an upgrade COMPLETE. Required.
    UpstreamFleets List<string>
    This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.
    GkeUpgradeOverrides []ClusterUpgradeGKEUpgradeOverrideResponse
    Allow users to override some properties of each GKE upgrade.
    PostConditions ClusterUpgradePostConditionsResponse
    Post conditions to evaluate to mark an upgrade COMPLETE. Required.
    UpstreamFleets []string
    This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.
    gkeUpgradeOverrides List<ClusterUpgradeGKEUpgradeOverrideResponse>
    Allow users to override some properties of each GKE upgrade.
    postConditions ClusterUpgradePostConditionsResponse
    Post conditions to evaluate to mark an upgrade COMPLETE. Required.
    upstreamFleets List<String>
    This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.
    gkeUpgradeOverrides ClusterUpgradeGKEUpgradeOverrideResponse[]
    Allow users to override some properties of each GKE upgrade.
    postConditions ClusterUpgradePostConditionsResponse
    Post conditions to evaluate to mark an upgrade COMPLETE. Required.
    upstreamFleets string[]
    This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.
    gke_upgrade_overrides Sequence[ClusterUpgradeGKEUpgradeOverrideResponse]
    Allow users to override some properties of each GKE upgrade.
    post_conditions ClusterUpgradePostConditionsResponse
    Post conditions to evaluate to mark an upgrade COMPLETE. Required.
    upstream_fleets Sequence[str]
    This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.
    gkeUpgradeOverrides List<Property Map>
    Allow users to override some properties of each GKE upgrade.
    postConditions Property Map
    Post conditions to evaluate to mark an upgrade COMPLETE. Required.
    upstreamFleets List<String>
    This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.

    ClusterUpgradeFleetStateResponse

    DownstreamFleets List<string>
    This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id.
    GkeState Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradeGKEUpgradeFeatureStateResponse
    Feature state for GKE clusters.
    Ignored Dictionary<string, string>
    A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.
    DownstreamFleets []string
    This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id.
    GkeState ClusterUpgradeGKEUpgradeFeatureStateResponse
    Feature state for GKE clusters.
    Ignored map[string]string
    A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.
    downstreamFleets List<String>
    This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id.
    gkeState ClusterUpgradeGKEUpgradeFeatureStateResponse
    Feature state for GKE clusters.
    ignored Map<String,String>
    A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.
    downstreamFleets string[]
    This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id.
    gkeState ClusterUpgradeGKEUpgradeFeatureStateResponse
    Feature state for GKE clusters.
    ignored {[key: string]: string}
    A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.
    downstream_fleets Sequence[str]
    This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id.
    gke_state ClusterUpgradeGKEUpgradeFeatureStateResponse
    Feature state for GKE clusters.
    ignored Mapping[str, str]
    A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.
    downstreamFleets List<String>
    This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id.
    gkeState Property Map
    Feature state for GKE clusters.
    ignored Map<String>
    A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.

    ClusterUpgradeGKEUpgradeFeatureConditionResponse

    Reason string
    Reason why the feature is in this status.
    Status string
    Status of the condition, one of True, False, Unknown.
    Type string
    Type of the condition, for example, "ready".
    UpdateTime string
    Last timestamp the condition was updated.
    Reason string
    Reason why the feature is in this status.
    Status string
    Status of the condition, one of True, False, Unknown.
    Type string
    Type of the condition, for example, "ready".
    UpdateTime string
    Last timestamp the condition was updated.
    reason String
    Reason why the feature is in this status.
    status String
    Status of the condition, one of True, False, Unknown.
    type String
    Type of the condition, for example, "ready".
    updateTime String
    Last timestamp the condition was updated.
    reason string
    Reason why the feature is in this status.
    status string
    Status of the condition, one of True, False, Unknown.
    type string
    Type of the condition, for example, "ready".
    updateTime string
    Last timestamp the condition was updated.
    reason str
    Reason why the feature is in this status.
    status str
    Status of the condition, one of True, False, Unknown.
    type str
    Type of the condition, for example, "ready".
    update_time str
    Last timestamp the condition was updated.
    reason String
    Reason why the feature is in this status.
    status String
    Status of the condition, one of True, False, Unknown.
    type String
    Type of the condition, for example, "ready".
    updateTime String
    Last timestamp the condition was updated.

    ClusterUpgradeGKEUpgradeFeatureStateResponse

    Conditions []ClusterUpgradeGKEUpgradeFeatureConditionResponse
    Current conditions of the feature.
    UpgradeState []ClusterUpgradeGKEUpgradeStateResponse
    Upgrade state. It will eventually replace state.
    conditions List<ClusterUpgradeGKEUpgradeFeatureConditionResponse>
    Current conditions of the feature.
    upgradeState List<ClusterUpgradeGKEUpgradeStateResponse>
    Upgrade state. It will eventually replace state.
    conditions ClusterUpgradeGKEUpgradeFeatureConditionResponse[]
    Current conditions of the feature.
    upgradeState ClusterUpgradeGKEUpgradeStateResponse[]
    Upgrade state. It will eventually replace state.
    conditions List<Property Map>
    Current conditions of the feature.
    upgradeState List<Property Map>
    Upgrade state. It will eventually replace state.

    ClusterUpgradeGKEUpgradeOverrideResponse

    PostConditions Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradePostConditionsResponse
    Post conditions to override for the specified upgrade (name + version). Required.
    Upgrade Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradeGKEUpgradeResponse
    Which upgrade to override. Required.
    PostConditions ClusterUpgradePostConditionsResponse
    Post conditions to override for the specified upgrade (name + version). Required.
    Upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to override. Required.
    postConditions ClusterUpgradePostConditionsResponse
    Post conditions to override for the specified upgrade (name + version). Required.
    upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to override. Required.
    postConditions ClusterUpgradePostConditionsResponse
    Post conditions to override for the specified upgrade (name + version). Required.
    upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to override. Required.
    post_conditions ClusterUpgradePostConditionsResponse
    Post conditions to override for the specified upgrade (name + version). Required.
    upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to override. Required.
    postConditions Property Map
    Post conditions to override for the specified upgrade (name + version). Required.
    upgrade Property Map
    Which upgrade to override. Required.

    ClusterUpgradeGKEUpgradeResponse

    Name string
    Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.
    Version string
    Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.
    Name string
    Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.
    Version string
    Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.
    name String
    Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.
    version String
    Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.
    name string
    Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.
    version string
    Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.
    name str
    Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.
    version str
    Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.
    name String
    Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.
    version String
    Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.

    ClusterUpgradeGKEUpgradeStateResponse

    Stats Dictionary<string, string>
    Number of GKE clusters in each status code.
    Status Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradeUpgradeStatusResponse
    Status of the upgrade.
    Upgrade Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradeGKEUpgradeResponse
    Which upgrade to track the state.
    Stats map[string]string
    Number of GKE clusters in each status code.
    Status ClusterUpgradeUpgradeStatusResponse
    Status of the upgrade.
    Upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to track the state.
    stats Map<String,String>
    Number of GKE clusters in each status code.
    status ClusterUpgradeUpgradeStatusResponse
    Status of the upgrade.
    upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to track the state.
    stats {[key: string]: string}
    Number of GKE clusters in each status code.
    status ClusterUpgradeUpgradeStatusResponse
    Status of the upgrade.
    upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to track the state.
    stats Mapping[str, str]
    Number of GKE clusters in each status code.
    status ClusterUpgradeUpgradeStatusResponse
    Status of the upgrade.
    upgrade ClusterUpgradeGKEUpgradeResponse
    Which upgrade to track the state.
    stats Map<String>
    Number of GKE clusters in each status code.
    status Property Map
    Status of the upgrade.
    upgrade Property Map
    Which upgrade to track the state.

    ClusterUpgradePostConditionsResponse

    Soaking string
    Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.
    Soaking string
    Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.
    soaking String
    Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.
    soaking string
    Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.
    soaking str
    Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.
    soaking String
    Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.

    ClusterUpgradeUpgradeStatusResponse

    Code string
    Status code of the upgrade.
    Reason string
    Reason for this status.
    UpdateTime string
    Last timestamp the status was updated.
    Code string
    Status code of the upgrade.
    Reason string
    Reason for this status.
    UpdateTime string
    Last timestamp the status was updated.
    code String
    Status code of the upgrade.
    reason String
    Reason for this status.
    updateTime String
    Last timestamp the status was updated.
    code string
    Status code of the upgrade.
    reason string
    Reason for this status.
    updateTime string
    Last timestamp the status was updated.
    code str
    Status code of the upgrade.
    reason str
    Reason for this status.
    update_time str
    Last timestamp the status was updated.
    code String
    Status code of the upgrade.
    reason String
    Reason for this status.
    updateTime String
    Last timestamp the status was updated.

    CommonFeatureSpecResponse

    Anthosobservability Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.AnthosObservabilityFeatureSpecResponse
    Anthos Observability spec
    Appdevexperience Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.AppDevExperienceFeatureSpecResponse
    Appdevexperience specific spec.
    Cloudauditlogging Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.CloudAuditLoggingFeatureSpecResponse
    Cloud Audit Logging-specific spec.
    Clusterupgrade Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ClusterUpgradeFleetSpecResponse
    ClusterUpgrade (fleet-based) feature spec.
    Fleetobservability Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.FleetObservabilityFeatureSpecResponse
    FleetObservability feature spec.
    Multiclusteringress Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.MultiClusterIngressFeatureSpecResponse
    Multicluster Ingress-specific spec.
    Namespaceactuation Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.NamespaceActuationFeatureSpecResponse
    Namespace Actuation feature spec
    Workloadcertificate Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.FeatureSpecResponse
    Workload Certificate spec.
    anthosobservability Property Map
    Anthos Observability spec
    appdevexperience Property Map
    Appdevexperience specific spec.
    cloudauditlogging Property Map
    Cloud Audit Logging-specific spec.
    clusterupgrade Property Map
    ClusterUpgrade (fleet-based) feature spec.
    fleetobservability Property Map
    FleetObservability feature spec.
    multiclusteringress Property Map
    Multicluster Ingress-specific spec.
    namespaceactuation Property Map
    Namespace Actuation feature spec
    workloadcertificate Property Map
    Workload Certificate spec.

    CommonFeatureStateResponse

    Appdevexperience AppDevExperienceFeatureStateResponse
    Appdevexperience specific state.
    Clusterupgrade ClusterUpgradeFleetStateResponse
    ClusterUpgrade fleet-level state.
    Fleetobservability FleetObservabilityFeatureStateResponse
    FleetObservability feature state.
    Namespaceactuation NamespaceActuationFeatureStateResponse
    Namespace Actuation feature state.
    Servicemesh ServiceMeshFeatureStateResponse
    Service Mesh-specific state.
    State FeatureStateResponse
    The "running state" of the Feature in this Hub.
    appdevexperience AppDevExperienceFeatureStateResponse
    Appdevexperience specific state.
    clusterupgrade ClusterUpgradeFleetStateResponse
    ClusterUpgrade fleet-level state.
    fleetobservability FleetObservabilityFeatureStateResponse
    FleetObservability feature state.
    namespaceactuation NamespaceActuationFeatureStateResponse
    Namespace Actuation feature state.
    servicemesh ServiceMeshFeatureStateResponse
    Service Mesh-specific state.
    state FeatureStateResponse
    The "running state" of the Feature in this Hub.
    appdevexperience AppDevExperienceFeatureStateResponse
    Appdevexperience specific state.
    clusterupgrade ClusterUpgradeFleetStateResponse
    ClusterUpgrade fleet-level state.
    fleetobservability FleetObservabilityFeatureStateResponse
    FleetObservability feature state.
    namespaceactuation NamespaceActuationFeatureStateResponse
    Namespace Actuation feature state.
    servicemesh ServiceMeshFeatureStateResponse
    Service Mesh-specific state.
    state FeatureStateResponse
    The "running state" of the Feature in this Hub.
    appdevexperience AppDevExperienceFeatureStateResponse
    Appdevexperience specific state.
    clusterupgrade ClusterUpgradeFleetStateResponse
    ClusterUpgrade fleet-level state.
    fleetobservability FleetObservabilityFeatureStateResponse
    FleetObservability feature state.
    namespaceactuation NamespaceActuationFeatureStateResponse
    Namespace Actuation feature state.
    servicemesh ServiceMeshFeatureStateResponse
    Service Mesh-specific state.
    state FeatureStateResponse
    The "running state" of the Feature in this Hub.
    appdevexperience Property Map
    Appdevexperience specific state.
    clusterupgrade Property Map
    ClusterUpgrade fleet-level state.
    fleetobservability Property Map
    FleetObservability feature state.
    namespaceactuation Property Map
    Namespace Actuation feature state.
    servicemesh Property Map
    Service Mesh-specific state.
    state Property Map
    The "running state" of the Feature in this Hub.

    CommonFleetDefaultMemberConfigSpecResponse

    configmanagement Property Map
    Config Management-specific spec.
    identityservice Property Map
    Identity Service-specific spec.
    mesh Property Map
    Anthos Service Mesh-specific spec
    policycontroller Property Map
    Policy Controller spec.

    ConfigManagementBinauthzConfigResponse

    Enabled bool
    Whether binauthz is enabled in this cluster.
    Enabled bool
    Whether binauthz is enabled in this cluster.
    enabled Boolean
    Whether binauthz is enabled in this cluster.
    enabled boolean
    Whether binauthz is enabled in this cluster.
    enabled bool
    Whether binauthz is enabled in this cluster.
    enabled Boolean
    Whether binauthz is enabled in this cluster.

    ConfigManagementConfigSyncResponse

    AllowVerticalScale bool
    Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Deprecated: Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Enabled bool
    Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
    Git Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementGitConfigResponse
    Git repo configuration for the cluster.
    MetricsGcpServiceAccountEmail string
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA. This field is required when automatic Feature management is enabled.
    Oci Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementOciConfigResponse
    OCI repo configuration for the cluster
    PreventDrift bool
    Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.
    SourceFormat string
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    AllowVerticalScale bool
    Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Deprecated: Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Enabled bool
    Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
    Git ConfigManagementGitConfigResponse
    Git repo configuration for the cluster.
    MetricsGcpServiceAccountEmail string
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA. This field is required when automatic Feature management is enabled.
    Oci ConfigManagementOciConfigResponse
    OCI repo configuration for the cluster
    PreventDrift bool
    Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.
    SourceFormat string
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    allowVerticalScale Boolean
    Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Deprecated: Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    enabled Boolean
    Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
    git ConfigManagementGitConfigResponse
    Git repo configuration for the cluster.
    metricsGcpServiceAccountEmail String
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA. This field is required when automatic Feature management is enabled.
    oci ConfigManagementOciConfigResponse
    OCI repo configuration for the cluster
    preventDrift Boolean
    Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.
    sourceFormat String
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    allowVerticalScale boolean
    Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Deprecated: Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    enabled boolean
    Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
    git ConfigManagementGitConfigResponse
    Git repo configuration for the cluster.
    metricsGcpServiceAccountEmail string
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA. This field is required when automatic Feature management is enabled.
    oci ConfigManagementOciConfigResponse
    OCI repo configuration for the cluster
    preventDrift boolean
    Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.
    sourceFormat string
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    allow_vertical_scale bool
    Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Deprecated: Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    enabled bool
    Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
    git ConfigManagementGitConfigResponse
    Git repo configuration for the cluster.
    metrics_gcp_service_account_email str
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA. This field is required when automatic Feature management is enabled.
    oci ConfigManagementOciConfigResponse
    OCI repo configuration for the cluster
    prevent_drift bool
    Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.
    source_format str
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.
    allowVerticalScale Boolean
    Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    Deprecated: Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

    enabled Boolean
    Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.
    git Property Map
    Git repo configuration for the cluster.
    metricsGcpServiceAccountEmail String
    The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA. This field is required when automatic Feature management is enabled.
    oci Property Map
    OCI repo configuration for the cluster
    preventDrift Boolean
    Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.
    sourceFormat String
    Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.

    ConfigManagementGitConfigResponse

    GcpServiceAccountEmail string
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    HttpsProxy string
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    PolicyDir string
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    SecretType string
    Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
    SyncBranch string
    The branch of the repository to sync from. Default: master.
    SyncRepo string
    The URL of the Git repository to use as the source of truth.
    SyncRev string
    Git revision (tag or hash) to check out. Default HEAD.
    SyncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    GcpServiceAccountEmail string
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    HttpsProxy string
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    PolicyDir string
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    SecretType string
    Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
    SyncBranch string
    The branch of the repository to sync from. Default: master.
    SyncRepo string
    The URL of the Git repository to use as the source of truth.
    SyncRev string
    Git revision (tag or hash) to check out. Default HEAD.
    SyncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    httpsProxy String
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policyDir String
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secretType String
    Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
    syncBranch String
    The branch of the repository to sync from. Default: master.
    syncRepo String
    The URL of the Git repository to use as the source of truth.
    syncRev String
    Git revision (tag or hash) to check out. Default HEAD.
    syncWaitSecs String
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail string
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    httpsProxy string
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policyDir string
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secretType string
    Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
    syncBranch string
    The branch of the repository to sync from. Default: master.
    syncRepo string
    The URL of the Git repository to use as the source of truth.
    syncRev string
    Git revision (tag or hash) to check out. Default HEAD.
    syncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    gcp_service_account_email str
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    https_proxy str
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policy_dir str
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secret_type str
    Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
    sync_branch str
    The branch of the repository to sync from. Default: master.
    sync_repo str
    The URL of the Git repository to use as the source of truth.
    sync_rev str
    Git revision (tag or hash) to check out. Default HEAD.
    sync_wait_secs str
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    httpsProxy String
    URL for the HTTPS proxy to be used when communicating with the Git repo.
    policyDir String
    The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
    secretType String
    Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
    syncBranch String
    The branch of the repository to sync from. Default: master.
    syncRepo String
    The URL of the Git repository to use as the source of truth.
    syncRev String
    Git revision (tag or hash) to check out. Default HEAD.
    syncWaitSecs String
    Period in seconds between consecutive syncs. Default: 15.

    ConfigManagementHierarchyControllerConfigResponse

    EnableHierarchicalResourceQuota bool
    Whether hierarchical resource quota is enabled in this cluster.
    EnablePodTreeLabels bool
    Whether pod tree labels are enabled in this cluster.
    Enabled bool
    Whether Hierarchy Controller is enabled in this cluster.
    EnableHierarchicalResourceQuota bool
    Whether hierarchical resource quota is enabled in this cluster.
    EnablePodTreeLabels bool
    Whether pod tree labels are enabled in this cluster.
    Enabled bool
    Whether Hierarchy Controller is enabled in this cluster.
    enableHierarchicalResourceQuota Boolean
    Whether hierarchical resource quota is enabled in this cluster.
    enablePodTreeLabels Boolean
    Whether pod tree labels are enabled in this cluster.
    enabled Boolean
    Whether Hierarchy Controller is enabled in this cluster.
    enableHierarchicalResourceQuota boolean
    Whether hierarchical resource quota is enabled in this cluster.
    enablePodTreeLabels boolean
    Whether pod tree labels are enabled in this cluster.
    enabled boolean
    Whether Hierarchy Controller is enabled in this cluster.
    enable_hierarchical_resource_quota bool
    Whether hierarchical resource quota is enabled in this cluster.
    enable_pod_tree_labels bool
    Whether pod tree labels are enabled in this cluster.
    enabled bool
    Whether Hierarchy Controller is enabled in this cluster.
    enableHierarchicalResourceQuota Boolean
    Whether hierarchical resource quota is enabled in this cluster.
    enablePodTreeLabels Boolean
    Whether pod tree labels are enabled in this cluster.
    enabled Boolean
    Whether Hierarchy Controller is enabled in this cluster.

    ConfigManagementMembershipSpecResponse

    Binauthz Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementBinauthzConfigResponse
    Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Deprecated: Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Cluster string
    The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.
    ConfigSync Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementConfigSyncResponse
    Config Sync configuration for the cluster.
    HierarchyController Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementHierarchyControllerConfigResponse
    Hierarchy Controller configuration for the cluster.
    PolicyController Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementPolicyControllerResponse
    Policy Controller configuration for the cluster.
    Version string
    Version of ACM installed.
    Binauthz ConfigManagementBinauthzConfigResponse
    Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Deprecated: Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Cluster string
    The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.
    ConfigSync ConfigManagementConfigSyncResponse
    Config Sync configuration for the cluster.
    HierarchyController ConfigManagementHierarchyControllerConfigResponse
    Hierarchy Controller configuration for the cluster.
    PolicyController ConfigManagementPolicyControllerResponse
    Policy Controller configuration for the cluster.
    Version string
    Version of ACM installed.
    binauthz ConfigManagementBinauthzConfigResponse
    Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Deprecated: Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    cluster String
    The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.
    configSync ConfigManagementConfigSyncResponse
    Config Sync configuration for the cluster.
    hierarchyController ConfigManagementHierarchyControllerConfigResponse
    Hierarchy Controller configuration for the cluster.
    policyController ConfigManagementPolicyControllerResponse
    Policy Controller configuration for the cluster.
    version String
    Version of ACM installed.
    binauthz ConfigManagementBinauthzConfigResponse
    Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Deprecated: Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    cluster string
    The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.
    configSync ConfigManagementConfigSyncResponse
    Config Sync configuration for the cluster.
    hierarchyController ConfigManagementHierarchyControllerConfigResponse
    Hierarchy Controller configuration for the cluster.
    policyController ConfigManagementPolicyControllerResponse
    Policy Controller configuration for the cluster.
    version string
    Version of ACM installed.
    binauthz ConfigManagementBinauthzConfigResponse
    Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Deprecated: Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    cluster str
    The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.
    config_sync ConfigManagementConfigSyncResponse
    Config Sync configuration for the cluster.
    hierarchy_controller ConfigManagementHierarchyControllerConfigResponse
    Hierarchy Controller configuration for the cluster.
    policy_controller ConfigManagementPolicyControllerResponse
    Policy Controller configuration for the cluster.
    version str
    Version of ACM installed.
    binauthz Property Map
    Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    Deprecated: Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

    cluster String
    The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.
    configSync Property Map
    Config Sync configuration for the cluster.
    hierarchyController Property Map
    Hierarchy Controller configuration for the cluster.
    policyController Property Map
    Policy Controller configuration for the cluster.
    version String
    Version of ACM installed.

    ConfigManagementOciConfigResponse

    GcpServiceAccountEmail string
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    PolicyDir string
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    SecretType string
    Type of secret configured for access to the Git repo.
    SyncRepo string
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    SyncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    GcpServiceAccountEmail string
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    PolicyDir string
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    SecretType string
    Type of secret configured for access to the Git repo.
    SyncRepo string
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    SyncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    policyDir String
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secretType String
    Type of secret configured for access to the Git repo.
    syncRepo String
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    syncWaitSecs String
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail string
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    policyDir string
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secretType string
    Type of secret configured for access to the Git repo.
    syncRepo string
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    syncWaitSecs string
    Period in seconds between consecutive syncs. Default: 15.
    gcp_service_account_email str
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    policy_dir str
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secret_type str
    Type of secret configured for access to the Git repo.
    sync_repo str
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    sync_wait_secs str
    Period in seconds between consecutive syncs. Default: 15.
    gcpServiceAccountEmail String
    The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount.
    policyDir String
    The absolute path of the directory that contains the local resources. Default: the root directory of the image.
    secretType String
    Type of secret configured for access to the Git repo.
    syncRepo String
    The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.
    syncWaitSecs String
    Period in seconds between consecutive syncs. Default: 15.

    ConfigManagementPolicyControllerMonitoringResponse

    Backends List<string>
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    Backends []string
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends string[]
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends Sequence[str]
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.

    ConfigManagementPolicyControllerResponse

    AuditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    Enabled bool
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    ExemptableNamespaces List<string>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ConfigManagementPolicyControllerMonitoringResponse
    Monitoring specifies the configuration of monitoring.
    MutationEnabled bool
    Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    TemplateLibraryInstalled bool
    Installs the default template library along with Policy Controller.
    UpdateTime string
    Last time this membership spec was updated.
    AuditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    Enabled bool
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    ExemptableNamespaces []string
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring ConfigManagementPolicyControllerMonitoringResponse
    Monitoring specifies the configuration of monitoring.
    MutationEnabled bool
    Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    TemplateLibraryInstalled bool
    Installs the default template library along with Policy Controller.
    UpdateTime string
    Last time this membership spec was updated.
    auditIntervalSeconds String
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled Boolean
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring ConfigManagementPolicyControllerMonitoringResponse
    Monitoring specifies the configuration of monitoring.
    mutationEnabled Boolean
    Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    templateLibraryInstalled Boolean
    Installs the default template library along with Policy Controller.
    updateTime String
    Last time this membership spec was updated.
    auditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled boolean
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptableNamespaces string[]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    logDeniesEnabled boolean
    Logs all denies and dry run failures.
    monitoring ConfigManagementPolicyControllerMonitoringResponse
    Monitoring specifies the configuration of monitoring.
    mutationEnabled boolean
    Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.
    referentialRulesEnabled boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    templateLibraryInstalled boolean
    Installs the default template library along with Policy Controller.
    updateTime string
    Last time this membership spec was updated.
    audit_interval_seconds str
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled bool
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptable_namespaces Sequence[str]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    log_denies_enabled bool
    Logs all denies and dry run failures.
    monitoring ConfigManagementPolicyControllerMonitoringResponse
    Monitoring specifies the configuration of monitoring.
    mutation_enabled bool
    Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.
    referential_rules_enabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    template_library_installed bool
    Installs the default template library along with Policy Controller.
    update_time str
    Last time this membership spec was updated.
    auditIntervalSeconds String
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    enabled Boolean
    Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring Property Map
    Monitoring specifies the configuration of monitoring.
    mutationEnabled Boolean
    Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    templateLibraryInstalled Boolean
    Installs the default template library along with Policy Controller.
    updateTime String
    Last time this membership spec was updated.

    FeatureResourceStateResponse

    State string
    The current state of the Feature resource in the Hub API.
    State string
    The current state of the Feature resource in the Hub API.
    state String
    The current state of the Feature resource in the Hub API.
    state string
    The current state of the Feature resource in the Hub API.
    state str
    The current state of the Feature resource in the Hub API.
    state String
    The current state of the Feature resource in the Hub API.

    FeatureSpecResponse

    DefaultConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.MembershipSpecResponse
    Specifies default membership spec. Users can override the default in the member_configs for each member.
    ProvisionGoogleCa string
    Immutable. Specifies CA configuration.
    DefaultConfig MembershipSpecResponse
    Specifies default membership spec. Users can override the default in the member_configs for each member.
    ProvisionGoogleCa string
    Immutable. Specifies CA configuration.
    defaultConfig MembershipSpecResponse
    Specifies default membership spec. Users can override the default in the member_configs for each member.
    provisionGoogleCa String
    Immutable. Specifies CA configuration.
    defaultConfig MembershipSpecResponse
    Specifies default membership spec. Users can override the default in the member_configs for each member.
    provisionGoogleCa string
    Immutable. Specifies CA configuration.
    default_config MembershipSpecResponse
    Specifies default membership spec. Users can override the default in the member_configs for each member.
    provision_google_ca str
    Immutable. Specifies CA configuration.
    defaultConfig Property Map
    Specifies default membership spec. Users can override the default in the member_configs for each member.
    provisionGoogleCa String
    Immutable. Specifies CA configuration.

    FeatureStateResponse

    Code string
    The high-level, machine-readable status of this Feature.
    Description string
    A human-readable description of the current status.
    UpdateTime string
    The time this status and any related Feature-specific details were updated.
    Code string
    The high-level, machine-readable status of this Feature.
    Description string
    A human-readable description of the current status.
    UpdateTime string
    The time this status and any related Feature-specific details were updated.
    code String
    The high-level, machine-readable status of this Feature.
    description String
    A human-readable description of the current status.
    updateTime String
    The time this status and any related Feature-specific details were updated.
    code string
    The high-level, machine-readable status of this Feature.
    description string
    A human-readable description of the current status.
    updateTime string
    The time this status and any related Feature-specific details were updated.
    code str
    The high-level, machine-readable status of this Feature.
    description str
    A human-readable description of the current status.
    update_time str
    The time this status and any related Feature-specific details were updated.
    code String
    The high-level, machine-readable status of this Feature.
    description String
    A human-readable description of the current status.
    updateTime String
    The time this status and any related Feature-specific details were updated.

    FleetObservabilityFeatureErrorResponse

    Code string
    The code of the error.
    Description string
    A human-readable description of the current status.
    Code string
    The code of the error.
    Description string
    A human-readable description of the current status.
    code String
    The code of the error.
    description String
    A human-readable description of the current status.
    code string
    The code of the error.
    description string
    A human-readable description of the current status.
    code str
    The code of the error.
    description str
    A human-readable description of the current status.
    code String
    The code of the error.
    description String
    A human-readable description of the current status.

    FleetObservabilityFeatureSpecResponse

    LoggingConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.FleetObservabilityLoggingConfigResponse
    Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.
    LoggingConfig FleetObservabilityLoggingConfigResponse
    Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.
    loggingConfig FleetObservabilityLoggingConfigResponse
    Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.
    loggingConfig FleetObservabilityLoggingConfigResponse
    Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.
    logging_config FleetObservabilityLoggingConfigResponse
    Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.
    loggingConfig Property Map
    Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.

    FleetObservabilityFeatureStateResponse

    logging Property Map
    The feature state of default logging.
    monitoring Property Map
    The feature state of fleet monitoring.

    FleetObservabilityFleetObservabilityBaseFeatureStateResponse

    Code string
    The high-level, machine-readable status of this Feature.
    Errors List<Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.FleetObservabilityFeatureErrorResponse>
    Errors after reconciling the monitoring and logging feature if the code is not OK.
    Code string
    The high-level, machine-readable status of this Feature.
    Errors []FleetObservabilityFeatureErrorResponse
    Errors after reconciling the monitoring and logging feature if the code is not OK.
    code String
    The high-level, machine-readable status of this Feature.
    errors List<FleetObservabilityFeatureErrorResponse>
    Errors after reconciling the monitoring and logging feature if the code is not OK.
    code string
    The high-level, machine-readable status of this Feature.
    errors FleetObservabilityFeatureErrorResponse[]
    Errors after reconciling the monitoring and logging feature if the code is not OK.
    code str
    The high-level, machine-readable status of this Feature.
    errors Sequence[FleetObservabilityFeatureErrorResponse]
    Errors after reconciling the monitoring and logging feature if the code is not OK.
    code String
    The high-level, machine-readable status of this Feature.
    errors List<Property Map>
    Errors after reconciling the monitoring and logging feature if the code is not OK.

    FleetObservabilityFleetObservabilityLoggingStateResponse

    defaultLog Property Map
    The base feature state of fleet default log.
    scopeLog Property Map
    The base feature state of fleet scope log.

    FleetObservabilityFleetObservabilityMonitoringStateResponse

    State FleetObservabilityFleetObservabilityBaseFeatureStateResponse
    The base feature state of fleet monitoring feature.
    state FleetObservabilityFleetObservabilityBaseFeatureStateResponse
    The base feature state of fleet monitoring feature.
    state FleetObservabilityFleetObservabilityBaseFeatureStateResponse
    The base feature state of fleet monitoring feature.
    state FleetObservabilityFleetObservabilityBaseFeatureStateResponse
    The base feature state of fleet monitoring feature.
    state Property Map
    The base feature state of fleet monitoring feature.

    FleetObservabilityLoggingConfigResponse

    DefaultConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.FleetObservabilityRoutingConfigResponse
    Specified if applying the default routing config to logs not specified in other configs.
    FleetScopeLogsConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.FleetObservabilityRoutingConfigResponse
    Specified if applying the routing config to all logs for all fleet scopes.
    DefaultConfig FleetObservabilityRoutingConfigResponse
    Specified if applying the default routing config to logs not specified in other configs.
    FleetScopeLogsConfig FleetObservabilityRoutingConfigResponse
    Specified if applying the routing config to all logs for all fleet scopes.
    defaultConfig FleetObservabilityRoutingConfigResponse
    Specified if applying the default routing config to logs not specified in other configs.
    fleetScopeLogsConfig FleetObservabilityRoutingConfigResponse
    Specified if applying the routing config to all logs for all fleet scopes.
    defaultConfig FleetObservabilityRoutingConfigResponse
    Specified if applying the default routing config to logs not specified in other configs.
    fleetScopeLogsConfig FleetObservabilityRoutingConfigResponse
    Specified if applying the routing config to all logs for all fleet scopes.
    default_config FleetObservabilityRoutingConfigResponse
    Specified if applying the default routing config to logs not specified in other configs.
    fleet_scope_logs_config FleetObservabilityRoutingConfigResponse
    Specified if applying the routing config to all logs for all fleet scopes.
    defaultConfig Property Map
    Specified if applying the default routing config to logs not specified in other configs.
    fleetScopeLogsConfig Property Map
    Specified if applying the routing config to all logs for all fleet scopes.

    FleetObservabilityRoutingConfigResponse

    Mode string
    mode configures the logs routing mode.
    Mode string
    mode configures the logs routing mode.
    mode String
    mode configures the logs routing mode.
    mode string
    mode configures the logs routing mode.
    mode str
    mode configures the logs routing mode.
    mode String
    mode configures the logs routing mode.

    IdentityServiceAuthMethodResponse

    AzureadConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.IdentityServiceAzureADConfigResponse
    AzureAD specific Configuration.
    GoogleConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.IdentityServiceGoogleConfigResponse
    GoogleConfig specific configuration.
    Name string
    Identifier for auth config.
    OidcConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.IdentityServiceOidcConfigResponse
    OIDC specific configuration.
    Proxy string
    Proxy server address to use for auth method.
    AzureadConfig IdentityServiceAzureADConfigResponse
    AzureAD specific Configuration.
    GoogleConfig IdentityServiceGoogleConfigResponse
    GoogleConfig specific configuration.
    Name string
    Identifier for auth config.
    OidcConfig IdentityServiceOidcConfigResponse
    OIDC specific configuration.
    Proxy string
    Proxy server address to use for auth method.
    azureadConfig IdentityServiceAzureADConfigResponse
    AzureAD specific Configuration.
    googleConfig IdentityServiceGoogleConfigResponse
    GoogleConfig specific configuration.
    name String
    Identifier for auth config.
    oidcConfig IdentityServiceOidcConfigResponse
    OIDC specific configuration.
    proxy String
    Proxy server address to use for auth method.
    azureadConfig IdentityServiceAzureADConfigResponse
    AzureAD specific Configuration.
    googleConfig IdentityServiceGoogleConfigResponse
    GoogleConfig specific configuration.
    name string
    Identifier for auth config.
    oidcConfig IdentityServiceOidcConfigResponse
    OIDC specific configuration.
    proxy string
    Proxy server address to use for auth method.
    azuread_config IdentityServiceAzureADConfigResponse
    AzureAD specific Configuration.
    google_config IdentityServiceGoogleConfigResponse
    GoogleConfig specific configuration.
    name str
    Identifier for auth config.
    oidc_config IdentityServiceOidcConfigResponse
    OIDC specific configuration.
    proxy str
    Proxy server address to use for auth method.
    azureadConfig Property Map
    AzureAD specific Configuration.
    googleConfig Property Map
    GoogleConfig specific configuration.
    name String
    Identifier for auth config.
    oidcConfig Property Map
    OIDC specific configuration.
    proxy String
    Proxy server address to use for auth method.

    IdentityServiceAzureADConfigResponse

    ClientId string
    ID for the registered client application that makes authentication requests to the Azure AD identity provider.
    ClientSecret string
    Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
    EncryptedClientSecret string
    Encrypted AzureAD client secret.
    KubectlRedirectUri string
    The redirect URL that kubectl uses for authorization.
    Tenant string
    Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
    ClientId string
    ID for the registered client application that makes authentication requests to the Azure AD identity provider.
    ClientSecret string
    Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
    EncryptedClientSecret string
    Encrypted AzureAD client secret.
    KubectlRedirectUri string
    The redirect URL that kubectl uses for authorization.
    Tenant string
    Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
    clientId String
    ID for the registered client application that makes authentication requests to the Azure AD identity provider.
    clientSecret String
    Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
    encryptedClientSecret String
    Encrypted AzureAD client secret.
    kubectlRedirectUri String
    The redirect URL that kubectl uses for authorization.
    tenant String
    Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
    clientId string
    ID for the registered client application that makes authentication requests to the Azure AD identity provider.
    clientSecret string
    Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
    encryptedClientSecret string
    Encrypted AzureAD client secret.
    kubectlRedirectUri string
    The redirect URL that kubectl uses for authorization.
    tenant string
    Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
    client_id str
    ID for the registered client application that makes authentication requests to the Azure AD identity provider.
    client_secret str
    Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
    encrypted_client_secret str
    Encrypted AzureAD client secret.
    kubectl_redirect_uri str
    The redirect URL that kubectl uses for authorization.
    tenant str
    Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
    clientId String
    ID for the registered client application that makes authentication requests to the Azure AD identity provider.
    clientSecret String
    Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
    encryptedClientSecret String
    Encrypted AzureAD client secret.
    kubectlRedirectUri String
    The redirect URL that kubectl uses for authorization.
    tenant String
    Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.

    IdentityServiceGoogleConfigResponse

    Disable bool
    Disable automatic configuration of Google Plugin on supported platforms.
    Disable bool
    Disable automatic configuration of Google Plugin on supported platforms.
    disable Boolean
    Disable automatic configuration of Google Plugin on supported platforms.
    disable boolean
    Disable automatic configuration of Google Plugin on supported platforms.
    disable bool
    Disable automatic configuration of Google Plugin on supported platforms.
    disable Boolean
    Disable automatic configuration of Google Plugin on supported platforms.

    IdentityServiceMembershipSpecResponse

    AuthMethods []IdentityServiceAuthMethodResponse
    A member may support multiple auth methods.
    authMethods List<IdentityServiceAuthMethodResponse>
    A member may support multiple auth methods.
    authMethods IdentityServiceAuthMethodResponse[]
    A member may support multiple auth methods.
    auth_methods Sequence[IdentityServiceAuthMethodResponse]
    A member may support multiple auth methods.
    authMethods List<Property Map>
    A member may support multiple auth methods.

    IdentityServiceOidcConfigResponse

    CertificateAuthorityData string
    PEM-encoded CA for OIDC provider.
    ClientId string
    ID for OIDC client application.
    ClientSecret string
    Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
    DeployCloudConsoleProxy bool
    Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.
    EnableAccessToken bool
    Enable access token.
    EncryptedClientSecret string
    Encrypted OIDC Client secret
    ExtraParams string
    Comma-separated list of key-value pairs.
    GroupPrefix string
    Prefix to prepend to group name.
    GroupsClaim string
    Claim in OIDC ID token that holds group information.
    IssuerUri string
    URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.
    KubectlRedirectUri string
    Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
    Scopes string
    Comma-separated list of identifiers.
    UserClaim string
    Claim in OIDC ID token that holds username.
    UserPrefix string
    Prefix to prepend to user name.
    CertificateAuthorityData string
    PEM-encoded CA for OIDC provider.
    ClientId string
    ID for OIDC client application.
    ClientSecret string
    Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
    DeployCloudConsoleProxy bool
    Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.
    EnableAccessToken bool
    Enable access token.
    EncryptedClientSecret string
    Encrypted OIDC Client secret
    ExtraParams string
    Comma-separated list of key-value pairs.
    GroupPrefix string
    Prefix to prepend to group name.
    GroupsClaim string
    Claim in OIDC ID token that holds group information.
    IssuerUri string
    URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.
    KubectlRedirectUri string
    Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
    Scopes string
    Comma-separated list of identifiers.
    UserClaim string
    Claim in OIDC ID token that holds username.
    UserPrefix string
    Prefix to prepend to user name.
    certificateAuthorityData String
    PEM-encoded CA for OIDC provider.
    clientId String
    ID for OIDC client application.
    clientSecret String
    Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
    deployCloudConsoleProxy Boolean
    Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.
    enableAccessToken Boolean
    Enable access token.
    encryptedClientSecret String
    Encrypted OIDC Client secret
    extraParams String
    Comma-separated list of key-value pairs.
    groupPrefix String
    Prefix to prepend to group name.
    groupsClaim String
    Claim in OIDC ID token that holds group information.
    issuerUri String
    URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.
    kubectlRedirectUri String
    Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
    scopes String
    Comma-separated list of identifiers.
    userClaim String
    Claim in OIDC ID token that holds username.
    userPrefix String
    Prefix to prepend to user name.
    certificateAuthorityData string
    PEM-encoded CA for OIDC provider.
    clientId string
    ID for OIDC client application.
    clientSecret string
    Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
    deployCloudConsoleProxy boolean
    Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.
    enableAccessToken boolean
    Enable access token.
    encryptedClientSecret string
    Encrypted OIDC Client secret
    extraParams string
    Comma-separated list of key-value pairs.
    groupPrefix string
    Prefix to prepend to group name.
    groupsClaim string
    Claim in OIDC ID token that holds group information.
    issuerUri string
    URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.
    kubectlRedirectUri string
    Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
    scopes string
    Comma-separated list of identifiers.
    userClaim string
    Claim in OIDC ID token that holds username.
    userPrefix string
    Prefix to prepend to user name.
    certificate_authority_data str
    PEM-encoded CA for OIDC provider.
    client_id str
    ID for OIDC client application.
    client_secret str
    Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
    deploy_cloud_console_proxy bool
    Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.
    enable_access_token bool
    Enable access token.
    encrypted_client_secret str
    Encrypted OIDC Client secret
    extra_params str
    Comma-separated list of key-value pairs.
    group_prefix str
    Prefix to prepend to group name.
    groups_claim str
    Claim in OIDC ID token that holds group information.
    issuer_uri str
    URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.
    kubectl_redirect_uri str
    Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
    scopes str
    Comma-separated list of identifiers.
    user_claim str
    Claim in OIDC ID token that holds username.
    user_prefix str
    Prefix to prepend to user name.
    certificateAuthorityData String
    PEM-encoded CA for OIDC provider.
    clientId String
    ID for OIDC client application.
    clientSecret String
    Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
    deployCloudConsoleProxy Boolean
    Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.
    enableAccessToken Boolean
    Enable access token.
    encryptedClientSecret String
    Encrypted OIDC Client secret
    extraParams String
    Comma-separated list of key-value pairs.
    groupPrefix String
    Prefix to prepend to group name.
    groupsClaim String
    Claim in OIDC ID token that holds group information.
    issuerUri String
    URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.
    kubectlRedirectUri String
    Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
    scopes String
    Comma-separated list of identifiers.
    userClaim String
    Claim in OIDC ID token that holds username.
    userPrefix String
    Prefix to prepend to user name.

    MembershipSpecResponse

    CertificateManagement string
    Specifies workload certificate management.
    CertificateManagement string
    Specifies workload certificate management.
    certificateManagement String
    Specifies workload certificate management.
    certificateManagement string
    Specifies workload certificate management.
    certificate_management str
    Specifies workload certificate management.
    certificateManagement String
    Specifies workload certificate management.

    MultiClusterIngressFeatureSpecResponse

    Billing string
    Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    Deprecated: Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    ConfigMembership string
    Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar
    Billing string
    Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    Deprecated: Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    ConfigMembership string
    Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar
    billing String
    Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    Deprecated: Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    configMembership String
    Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar
    billing string
    Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    Deprecated: Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    configMembership string
    Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar
    billing str
    Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    Deprecated: Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    config_membership str
    Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar
    billing String
    Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    Deprecated: Deprecated: This field will be ignored and should not be set. Customer's billing structure.

    configMembership String
    Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar

    NamespaceActuationFeatureSpecResponse

    ActuationMode string
    actuation_mode controls the behavior of the controller
    ActuationMode string
    actuation_mode controls the behavior of the controller
    actuationMode String
    actuation_mode controls the behavior of the controller
    actuationMode string
    actuation_mode controls the behavior of the controller
    actuation_mode str
    actuation_mode controls the behavior of the controller
    actuationMode String
    actuation_mode controls the behavior of the controller

    PolicyControllerHubConfigResponse

    AuditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    ConstraintViolationLimit string
    The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.
    DeploymentConfigs Dictionary<string, string>
    Map of deployment configs to deployments ("admission", "audit", "mutation').
    ExemptableNamespaces List<string>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    InstallSpec string
    The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.PolicyControllerMonitoringConfigResponse
    Monitoring specifies the configuration of monitoring.
    MutationEnabled bool
    Enables the ability to mutate resources using Policy Controller.
    PolicyContent Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.PolicyControllerPolicyContentSpecResponse
    Specifies the desired policy content on the cluster
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    AuditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    ConstraintViolationLimit string
    The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.
    DeploymentConfigs map[string]string
    Map of deployment configs to deployments ("admission", "audit", "mutation').
    ExemptableNamespaces []string
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    InstallSpec string
    The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.
    LogDeniesEnabled bool
    Logs all denies and dry run failures.
    Monitoring PolicyControllerMonitoringConfigResponse
    Monitoring specifies the configuration of monitoring.
    MutationEnabled bool
    Enables the ability to mutate resources using Policy Controller.
    PolicyContent PolicyControllerPolicyContentSpecResponse
    Specifies the desired policy content on the cluster
    ReferentialRulesEnabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    auditIntervalSeconds String
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraintViolationLimit String
    The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.
    deploymentConfigs Map<String,String>
    Map of deployment configs to deployments ("admission", "audit", "mutation').
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    installSpec String
    The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring PolicyControllerMonitoringConfigResponse
    Monitoring specifies the configuration of monitoring.
    mutationEnabled Boolean
    Enables the ability to mutate resources using Policy Controller.
    policyContent PolicyControllerPolicyContentSpecResponse
    Specifies the desired policy content on the cluster
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    auditIntervalSeconds string
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraintViolationLimit string
    The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.
    deploymentConfigs {[key: string]: string}
    Map of deployment configs to deployments ("admission", "audit", "mutation').
    exemptableNamespaces string[]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    installSpec string
    The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.
    logDeniesEnabled boolean
    Logs all denies and dry run failures.
    monitoring PolicyControllerMonitoringConfigResponse
    Monitoring specifies the configuration of monitoring.
    mutationEnabled boolean
    Enables the ability to mutate resources using Policy Controller.
    policyContent PolicyControllerPolicyContentSpecResponse
    Specifies the desired policy content on the cluster
    referentialRulesEnabled boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    audit_interval_seconds str
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraint_violation_limit str
    The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.
    deployment_configs Mapping[str, str]
    Map of deployment configs to deployments ("admission", "audit", "mutation').
    exemptable_namespaces Sequence[str]
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    install_spec str
    The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.
    log_denies_enabled bool
    Logs all denies and dry run failures.
    monitoring PolicyControllerMonitoringConfigResponse
    Monitoring specifies the configuration of monitoring.
    mutation_enabled bool
    Enables the ability to mutate resources using Policy Controller.
    policy_content PolicyControllerPolicyContentSpecResponse
    Specifies the desired policy content on the cluster
    referential_rules_enabled bool
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.
    auditIntervalSeconds String
    Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.
    constraintViolationLimit String
    The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.
    deploymentConfigs Map<String>
    Map of deployment configs to deployments ("admission", "audit", "mutation').
    exemptableNamespaces List<String>
    The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.
    installSpec String
    The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.
    logDeniesEnabled Boolean
    Logs all denies and dry run failures.
    monitoring Property Map
    Monitoring specifies the configuration of monitoring.
    mutationEnabled Boolean
    Enables the ability to mutate resources using Policy Controller.
    policyContent Property Map
    Specifies the desired policy content on the cluster
    referentialRulesEnabled Boolean
    Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.

    PolicyControllerMembershipSpecResponse

    PolicyControllerHubConfig Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.PolicyControllerHubConfigResponse
    Policy Controller configuration for the cluster.
    Version string
    Version of Policy Controller installed.
    PolicyControllerHubConfig PolicyControllerHubConfigResponse
    Policy Controller configuration for the cluster.
    Version string
    Version of Policy Controller installed.
    policyControllerHubConfig PolicyControllerHubConfigResponse
    Policy Controller configuration for the cluster.
    version String
    Version of Policy Controller installed.
    policyControllerHubConfig PolicyControllerHubConfigResponse
    Policy Controller configuration for the cluster.
    version string
    Version of Policy Controller installed.
    policy_controller_hub_config PolicyControllerHubConfigResponse
    Policy Controller configuration for the cluster.
    version str
    Version of Policy Controller installed.
    policyControllerHubConfig Property Map
    Policy Controller configuration for the cluster.
    version String
    Version of Policy Controller installed.

    PolicyControllerMonitoringConfigResponse

    Backends List<string>
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    Backends []string
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends string[]
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends Sequence[str]
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.
    backends List<String>
    Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.

    PolicyControllerPolicyContentSpecResponse

    Bundles Dictionary<string, string>
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    TemplateLibrary Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.PolicyControllerTemplateLibraryConfigResponse
    Configures the installation of the Template Library.
    Bundles map[string]string
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    TemplateLibrary PolicyControllerTemplateLibraryConfigResponse
    Configures the installation of the Template Library.
    bundles Map<String,String>
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    templateLibrary PolicyControllerTemplateLibraryConfigResponse
    Configures the installation of the Template Library.
    bundles {[key: string]: string}
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    templateLibrary PolicyControllerTemplateLibraryConfigResponse
    Configures the installation of the Template Library.
    bundles Mapping[str, str]
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    template_library PolicyControllerTemplateLibraryConfigResponse
    Configures the installation of the Template Library.
    bundles Map<String>
    map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.
    templateLibrary Property Map
    Configures the installation of the Template Library.

    PolicyControllerTemplateLibraryConfigResponse

    Installation string
    Configures the manner in which the template library is installed on the cluster.
    Installation string
    Configures the manner in which the template library is installed on the cluster.
    installation String
    Configures the manner in which the template library is installed on the cluster.
    installation string
    Configures the manner in which the template library is installed on the cluster.
    installation str
    Configures the manner in which the template library is installed on the cluster.
    installation String
    Configures the manner in which the template library is installed on the cluster.

    ServiceMeshAnalysisMessageBaseResponse

    DocumentationUrl string
    A url pointing to the Service Mesh or Istio documentation for this specific error type.
    Level string
    Represents how severe a message is.
    Type Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ServiceMeshTypeResponse
    Represents the specific type of a message.
    DocumentationUrl string
    A url pointing to the Service Mesh or Istio documentation for this specific error type.
    Level string
    Represents how severe a message is.
    Type ServiceMeshTypeResponse
    Represents the specific type of a message.
    documentationUrl String
    A url pointing to the Service Mesh or Istio documentation for this specific error type.
    level String
    Represents how severe a message is.
    type ServiceMeshTypeResponse
    Represents the specific type of a message.
    documentationUrl string
    A url pointing to the Service Mesh or Istio documentation for this specific error type.
    level string
    Represents how severe a message is.
    type ServiceMeshTypeResponse
    Represents the specific type of a message.
    documentation_url str
    A url pointing to the Service Mesh or Istio documentation for this specific error type.
    level str
    Represents how severe a message is.
    type ServiceMeshTypeResponse
    Represents the specific type of a message.
    documentationUrl String
    A url pointing to the Service Mesh or Istio documentation for this specific error type.
    level String
    Represents how severe a message is.
    type Property Map
    Represents the specific type of a message.

    ServiceMeshAnalysisMessageResponse

    Args Dictionary<string, string>
    A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.
    Description string
    A human readable description of what the error means. It is suitable for non-internationalize display purposes.
    MessageBase Pulumi.GoogleNative.GKEHub.V1Alpha.Inputs.ServiceMeshAnalysisMessageBaseResponse
    Details common to all types of Istio and ServiceMesh analysis messages.
    ResourcePaths List<string>
    A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE/)?RESOURCETYPE/NAME if the cause is a resource in a cluster
    Args map[string]string
    A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.
    Description string
    A human readable description of what the error means. It is suitable for non-internationalize display purposes.
    MessageBase ServiceMeshAnalysisMessageBaseResponse
    Details common to all types of Istio and ServiceMesh analysis messages.
    ResourcePaths []string
    A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE/)?RESOURCETYPE/NAME if the cause is a resource in a cluster
    args Map<String,String>
    A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.
    description String
    A human readable description of what the error means. It is suitable for non-internationalize display purposes.
    messageBase ServiceMeshAnalysisMessageBaseResponse
    Details common to all types of Istio and ServiceMesh analysis messages.
    resourcePaths List<String>
    A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE/)?RESOURCETYPE/NAME if the cause is a resource in a cluster
    args {[key: string]: string}
    A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.
    description string
    A human readable description of what the error means. It is suitable for non-internationalize display purposes.
    messageBase ServiceMeshAnalysisMessageBaseResponse
    Details common to all types of Istio and ServiceMesh analysis messages.
    resourcePaths string[]
    A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE/)?RESOURCETYPE/NAME if the cause is a resource in a cluster
    args Mapping[str, str]
    A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.
    description str
    A human readable description of what the error means. It is suitable for non-internationalize display purposes.
    message_base ServiceMeshAnalysisMessageBaseResponse
    Details common to all types of Istio and ServiceMesh analysis messages.
    resource_paths Sequence[str]
    A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE/)?RESOURCETYPE/NAME if the cause is a resource in a cluster
    args Map<String>
    A UI can combine these args with a template (based on message_base.type) to produce an internationalized message.
    description String
    A human readable description of what the error means. It is suitable for non-internationalize display purposes.
    messageBase Property Map
    Details common to all types of Istio and ServiceMesh analysis messages.
    resourcePaths List<String>
    A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE/)?RESOURCETYPE/NAME if the cause is a resource in a cluster

    ServiceMeshFeatureStateResponse

    AnalysisMessages []ServiceMeshAnalysisMessageResponse
    Results of running Service Mesh analyzers.
    analysisMessages List<ServiceMeshAnalysisMessageResponse>
    Results of running Service Mesh analyzers.
    analysisMessages ServiceMeshAnalysisMessageResponse[]
    Results of running Service Mesh analyzers.
    analysis_messages Sequence[ServiceMeshAnalysisMessageResponse]
    Results of running Service Mesh analyzers.
    analysisMessages List<Property Map>
    Results of running Service Mesh analyzers.

    ServiceMeshMembershipSpecResponse

    ControlPlane string
    Deprecated: use management instead Enables automatic control plane management.

    Deprecated: Deprecated: use management instead Enables automatic control plane management.

    DefaultChannel string
    Determines which release channel to use for default injection and service mesh APIs.
    Management string
    Enables automatic Service Mesh management.
    ControlPlane string
    Deprecated: use management instead Enables automatic control plane management.

    Deprecated: Deprecated: use management instead Enables automatic control plane management.

    DefaultChannel string
    Determines which release channel to use for default injection and service mesh APIs.
    Management string
    Enables automatic Service Mesh management.
    controlPlane String
    Deprecated: use management instead Enables automatic control plane management.

    Deprecated: Deprecated: use management instead Enables automatic control plane management.

    defaultChannel String
    Determines which release channel to use for default injection and service mesh APIs.
    management String
    Enables automatic Service Mesh management.
    controlPlane string
    Deprecated: use management instead Enables automatic control plane management.

    Deprecated: Deprecated: use management instead Enables automatic control plane management.

    defaultChannel string
    Determines which release channel to use for default injection and service mesh APIs.
    management string
    Enables automatic Service Mesh management.
    control_plane str
    Deprecated: use management instead Enables automatic control plane management.

    Deprecated: Deprecated: use management instead Enables automatic control plane management.

    default_channel str
    Determines which release channel to use for default injection and service mesh APIs.
    management str
    Enables automatic Service Mesh management.
    controlPlane String
    Deprecated: use management instead Enables automatic control plane management.

    Deprecated: Deprecated: use management instead Enables automatic control plane management.

    defaultChannel String
    Determines which release channel to use for default injection and service mesh APIs.
    management String
    Enables automatic Service Mesh management.

    ServiceMeshTypeResponse

    Code string
    A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)
    DisplayName string
    A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)
    Code string
    A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)
    DisplayName string
    A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)
    code String
    A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)
    displayName String
    A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)
    code string
    A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)
    displayName string
    A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)
    code str
    A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)
    display_name str
    A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)
    code String
    A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)
    displayName String
    A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)

    StatusResponse

    Code string
    Code specifies AppDevExperienceFeature's subcomponent ready state.
    Description string
    Description is populated if Code is Failed, explaining why it has failed.
    Code string
    Code specifies AppDevExperienceFeature's subcomponent ready state.
    Description string
    Description is populated if Code is Failed, explaining why it has failed.
    code String
    Code specifies AppDevExperienceFeature's subcomponent ready state.
    description String
    Description is populated if Code is Failed, explaining why it has failed.
    code string
    Code specifies AppDevExperienceFeature's subcomponent ready state.
    description string
    Description is populated if Code is Failed, explaining why it has failed.
    code str
    Code specifies AppDevExperienceFeature's subcomponent ready state.
    description str
    Description is populated if Code is Failed, explaining why it has failed.
    code String
    Code specifies AppDevExperienceFeature's subcomponent ready state.
    description String
    Description is populated if Code is Failed, explaining why it has failed.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi