diff --git a/go.work.sum b/go.work.sum index 77d4fdd..1f27a90 100644 --- a/go.work.sum +++ b/go.work.sum @@ -468,6 +468,8 @@ codeberg.org/go-pdf/fpdf v0.10.0 h1:u+w669foDDx5Ds43mpiiayp40Ov6sZalgcPMDBcZRd4= codeberg.org/go-pdf/fpdf v0.10.0/go.mod h1:Y0DGRAdZ0OmnZPvjbMp/1bYxmIPxm0ws4tfoPOc4LjU= codeberg.org/polyfloyd/go-errorlint v1.9.0 h1:VkdEEmA1VBpH6ecQoMR4LdphVI3fA4RrCh2an7YmodI= codeberg.org/polyfloyd/go-errorlint v1.9.0/go.mod h1:GPRRu2LzVijNn4YkrZYJfatQIdS+TrcK8rL5Xs24qw8= +cyphar.com/go-pathrs v0.2.1 h1:9nx1vOgwVvX1mNBWDu93+vaceedpbsDqo+XuBGL40b8= +cyphar.com/go-pathrs v0.2.1/go.mod h1:y8f1EMG7r+hCuFf/rXsKqMJrJAUoADZGNh5/vZPKcGc= dev.gaijin.team/go/exhaustruct/v4 v4.0.0 h1:873r7aNneqoBB3IaFIzhvt2RFYTuHgmMjoKfwODoI1Y= dev.gaijin.team/go/exhaustruct/v4 v4.0.0/go.mod h1:aZ/k2o4Y05aMJtiux15x8iXaumE88YdiB0Ai4fXOzPI= dev.gaijin.team/go/golib v0.6.0 h1:v6nnznFTs4bppib/NyU1PQxobwDHwCXXl15P7DV5Zgo= @@ -973,8 +975,6 @@ github.com/prometheus/otlptranslator v1.0.0 h1:s0LJW/iN9dkIH+EnhiD3BlkkP5QVIUVEo github.com/prometheus/otlptranslator v1.0.0/go.mod h1:vRYWnXvI6aWGpsdY/mOT/cbeVRBlPWtBNDb7kGR3uKM= github.com/prometheus/procfs v0.19.2 h1:zUMhqEW66Ex7OXIiDkll3tl9a1ZdilUOd/F6ZXw4Vws= github.com/prometheus/procfs v0.19.2/go.mod h1:M0aotyiemPhBCM0z5w87kL22CxfcH05ZpYlu+b4J7mw= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20260318212141-5525259d096b h1:efoz3DmFhw7EPJ3JxVfWYwpg5Dl6QTLvzMV0a7Y7mlo= -github.com/pulumi/terraform-plugin-sdk/v2 v2.0.0-20260318212141-5525259d096b/go.mod h1:PuG4P97Ju3QXW6c6vRkRadWJbvnEu2Xh+oOuqcYOqX4= github.com/quasilyte/go-ruleguard v0.4.5 h1:AGY0tiOT5hJX9BTdx/xBdoCubQUAE2grkqY2lSwvZcA= github.com/quasilyte/go-ruleguard v0.4.5/go.mod h1:Vl05zJ538vcEEwu16V/Hdu7IYZWyKSwIy4c88Ro1kRE= github.com/quasilyte/go-ruleguard/dsl v0.3.23 h1:lxjt5B6ZCiBeeNO8/oQsegE6fLeCzuMRoVWSkXC4uvY= @@ -1252,6 +1252,8 @@ golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4 h1:bTLqdHv7xrGlFbvf5/T golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4/go.mod h1:g5NllXBEermZrmR51cJDQxmJUHUOfRAaNyWBM+R+548= golang.org/x/telemetry v0.0.0-20260311193753-579e4da9a98c h1:6a8FdnNk6bTXBjR4AGKFgUKuo+7GnR3FX5L7CbveeZc= golang.org/x/telemetry v0.0.0-20260311193753-579e4da9a98c/go.mod h1:TpUTTEp9frx7rTdLpC9gFG9kdI7zVLFTFFlqaH2Cncw= +golang.org/x/telemetry v0.0.0-20260409153401-be6f6cb8b1fa h1:efT73AJZfAAUV7SOip6pWGkwJDzIGiKBZGVzHYa+ve4= +golang.org/x/telemetry v0.0.0-20260409153401-be6f6cb8b1fa/go.mod h1:kHjTxDEnAu6/Nl9lDkzjWpR+bmKfxeiRuSDlsMb70gE= golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= @@ -1263,6 +1265,8 @@ golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= golang.org/x/tools/go/expect v0.1.0-deprecated h1:jY2C5HGYR5lqex3gEniOQL0r7Dq5+VGVgY1nudX5lXY= golang.org/x/tools/go/expect v0.1.0-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY= +golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnpsEAGHaNy0n/rJM= +golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY= golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM= golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated/go.mod h1:RVAQXBGNv1ib0J382/DPCRS/BPnsGebyM1Gj5VSDpG8= golang.org/x/tools/godoc v0.1.0-deprecated h1:o+aZ1BOj6Hsx/GBdJO/s815sqftjSnrZZwyYTHODvtk= diff --git a/provider/cmd/pulumi-resource-stackit/bridge-metadata.json b/provider/cmd/pulumi-resource-stackit/bridge-metadata.json index 4ac6f14..5ac4bb7 100644 --- a/provider/cmd/pulumi-resource-stackit/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-stackit/bridge-metadata.json @@ -181,6 +181,46 @@ }, "regions": { "maxItemsOne": false + }, + "waf": { + "fields": { + "allowed_http_methods": { + "maxItemsOne": false + }, + "allowed_http_versions": { + "maxItemsOne": false + }, + "allowed_request_content_types": { + "maxItemsOne": false + }, + "disabled_rule_collection_ids": { + "maxItemsOne": false + }, + "disabled_rule_group_ids": { + "maxItemsOne": false + }, + "disabled_rule_ids": { + "maxItemsOne": false + }, + "enabled_rule_collection_ids": { + "maxItemsOne": false + }, + "enabled_rule_group_ids": { + "maxItemsOne": false + }, + "enabled_rule_ids": { + "maxItemsOne": false + }, + "log_only_rule_collection_ids": { + "maxItemsOne": false + }, + "log_only_rule_group_ids": { + "maxItemsOne": false + }, + "log_only_rule_ids": { + "maxItemsOne": false + } + } } } }, @@ -709,6 +749,14 @@ "stackit_service_account": { "current": "stackit:index/serviceAccount:ServiceAccount" }, + "stackit_service_account_federated_identity_provider": { + "current": "stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider", + "fields": { + "assertions": { + "maxItemsOne": false + } + } + }, "stackit_service_account_key": { "current": "stackit:index/serviceAccountKey:ServiceAccountKey" }, @@ -978,6 +1026,46 @@ }, "regions": { "maxItemsOne": false + }, + "waf": { + "fields": { + "allowed_http_methods": { + "maxItemsOne": false + }, + "allowed_http_versions": { + "maxItemsOne": false + }, + "allowed_request_content_types": { + "maxItemsOne": false + }, + "disabled_rule_collection_ids": { + "maxItemsOne": false + }, + "disabled_rule_group_ids": { + "maxItemsOne": false + }, + "disabled_rule_ids": { + "maxItemsOne": false + }, + "enabled_rule_collection_ids": { + "maxItemsOne": false + }, + "enabled_rule_group_ids": { + "maxItemsOne": false + }, + "enabled_rule_ids": { + "maxItemsOne": false + }, + "log_only_rule_collection_ids": { + "maxItemsOne": false + }, + "log_only_rule_group_ids": { + "maxItemsOne": false + }, + "log_only_rule_ids": { + "maxItemsOne": false + } + } } } }, @@ -1568,6 +1656,14 @@ "stackit_service_account": { "current": "stackit:index/getServiceAccount:getServiceAccount" }, + "stackit_service_account_federated_identity_provider": { + "current": "stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", + "fields": { + "assertions": { + "maxItemsOne": false + } + } + }, "stackit_service_accounts": { "current": "stackit:index/getServiceAccounts:getServiceAccounts", "fields": { diff --git a/provider/cmd/pulumi-resource-stackit/schema.json b/provider/cmd/pulumi-resource-stackit/schema.json index e3da59e..c561fc9 100644 --- a/provider/cmd/pulumi-resource-stackit/schema.json +++ b/provider/cmd/pulumi-resource-stackit/schema.json @@ -813,6 +813,10 @@ "type": "string" }, "description": "The configured regions where content will be hosted\n" + }, + "waf": { + "$ref": "#/types/stackit:index/CdnDistributionConfigWaf:CdnDistributionConfigWaf", + "description": "Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings.\n" } }, "type": "object", @@ -826,7 +830,8 @@ "backend", "blockedCountries", "optimizer", - "regions" + "regions", + "waf" ] } } @@ -1001,6 +1006,128 @@ } } }, + "stackit:index/CdnDistributionConfigWaf:CdnDistributionConfigWaf": { + "properties": { + "allowedHttpMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`.\n" + }, + "allowedHttpVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`.\n" + }, + "allowedRequestContentTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`.\n" + }, + "disabledRuleCollectionIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "disabledRuleGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "disabledRuleIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "enabledRuleCollectionIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "enabledRuleGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "enabledRuleIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "logOnlyRuleCollectionIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "logOnlyRuleGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "logOnlyRuleIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "mode": { + "type": "string", + "description": "The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'.\n" + }, + "paranoiaLevel": { + "type": "string", + "description": "Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'.\n" + }, + "type": { + "type": "string", + "description": "The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'.\n" + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "allowedHttpMethods", + "allowedHttpVersions", + "allowedRequestContentTypes", + "disabledRuleCollectionIds", + "disabledRuleGroupIds", + "disabledRuleIds", + "enabledRuleCollectionIds", + "enabledRuleGroupIds", + "enabledRuleIds", + "logOnlyRuleCollectionIds", + "logOnlyRuleGroupIds", + "logOnlyRuleIds", + "mode", + "paranoiaLevel", + "type" + ] + } + } + }, "stackit:index/CdnDistributionDomain:CdnDistributionDomain": { "properties": { "errors": { @@ -2815,6 +2942,27 @@ } } }, + "stackit:index/ServerAgent:ServerAgent": { + "properties": { + "provisioned": { + "type": "boolean", + "description": "Whether a STACKIT Server Agent is provisioned at the server\n" + }, + "provisioningPolicy": { + "type": "string", + "description": "Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value.\n" + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "provisioned", + "provisioningPolicy" + ] + } + } + }, "stackit:index/ServerBackupScheduleBackupProperties:ServerBackupScheduleBackupProperties": { "properties": { "name": { @@ -2879,6 +3027,28 @@ } } }, + "stackit:index/ServiceAccountFederatedIdentityProviderAssertion:ServiceAccountFederatedIdentityProviderAssertion": { + "properties": { + "item": { + "type": "string", + "description": "The assertion claim. At least one assertion with the claim \"aud\" is required for security reasons.\n" + }, + "operator": { + "type": "string", + "description": "The assertion operator. Currently, the only supported operator is \"equals\".\n" + }, + "value": { + "type": "string", + "description": "The assertion value.\n" + } + }, + "type": "object", + "required": [ + "item", + "operator", + "value" + ] + }, "stackit:index/SfsExportPolicyRule:SfsExportPolicyRule": { "properties": { "description": { @@ -4057,6 +4227,10 @@ "type": "string" }, "description": "The configured regions where content will be hosted\n" + }, + "waf": { + "$ref": "#/types/stackit:index/getCdnDistributionConfigWaf:getCdnDistributionConfigWaf", + "description": "Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings.\n" } }, "type": "object", @@ -4064,7 +4238,8 @@ "backend", "optimizer", "redirects", - "regions" + "regions", + "waf" ], "language": { "nodejs": { @@ -4229,6 +4404,129 @@ } } }, + "stackit:index/getCdnDistributionConfigWaf:getCdnDistributionConfigWaf": { + "properties": { + "allowedHttpMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`.\n" + }, + "allowedHttpVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`.\n" + }, + "allowedRequestContentTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`.\n" + }, + "disabledRuleCollectionIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "disabledRuleGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "disabledRuleIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "enabledRuleCollectionIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "enabledRuleGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "enabledRuleIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "logOnlyRuleCollectionIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "logOnlyRuleGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "logOnlyRuleIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n" + }, + "mode": { + "type": "string", + "description": "The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'.\n" + }, + "paranoiaLevel": { + "type": "string", + "description": "Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'.\n" + }, + "type": { + "type": "string", + "description": "The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'.\n" + } + }, + "type": "object", + "required": [ + "allowedHttpMethods", + "allowedHttpVersions", + "allowedRequestContentTypes", + "disabledRuleCollectionIds", + "disabledRuleGroupIds", + "disabledRuleIds", + "enabledRuleCollectionIds", + "enabledRuleGroupIds", + "enabledRuleIds", + "logOnlyRuleCollectionIds", + "logOnlyRuleGroupIds", + "logOnlyRuleIds", + "mode", + "paranoiaLevel", + "type" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "stackit:index/getCdnDistributionDomain:getCdnDistributionDomain": { "properties": { "errors": { @@ -6557,6 +6855,23 @@ } } }, + "stackit:index/getServerAgent:getServerAgent": { + "properties": { + "provisioned": { + "type": "boolean", + "description": "Whether a STACKIT Server Agent is provisioned at the server\n" + } + }, + "type": "object", + "required": [ + "provisioned" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "stackit:index/getServerBackupScheduleBackupProperties:getServerBackupScheduleBackupProperties": { "properties": { "name": { @@ -6705,6 +7020,33 @@ } } }, + "stackit:index/getServiceAccountFederatedIdentityProviderAssertion:getServiceAccountFederatedIdentityProviderAssertion": { + "properties": { + "item": { + "type": "string", + "description": "The assertion claim. At least one assertion with the claim \"aud\" is required for security reasons.\n" + }, + "operator": { + "type": "string", + "description": "The assertion operator. Currently, the only supported operator is \"equals\".\n" + }, + "value": { + "type": "string", + "description": "The assertion value.\n" + } + }, + "type": "object", + "required": [ + "item", + "operator", + "value" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "stackit:index/getServiceAccountsItem:getServiceAccountsItem": { "properties": { "email": { @@ -8596,7 +8938,7 @@ } }, "stackit:index/authorizationProjectRoleAssignment:AuthorizationProjectRoleAssignment": { - "description": "Project Role Assignment resource schema.\n\n\u003e This resource is part of the iam experiment and is likely going to undergo significant changes or be removed in the future. Use it at your own discretion.\n\n## Example Usage\n\n```terraform\nresource \"stackit_resourcemanager_project\" \"example\" {\n name = \"example_project\"\n owner_email = \"foo.bar@stackit.cloud\"\n # in this case a folder or a org-id\n parent_container_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n}\n\nresource \"stackit_authorization_project_role_assignment\" \"pra\" {\n resource_id = stackit_resourcemanager_project.example.folder_id\n role = \"reader\"\n subject = \"foo.bar@stackit.cloud\"\n}\n\n# Only use the import statement, if you want to import an existing project role assignment\nimport {\n to = stackit_authorization_project_role_assignment.import-example\n id = \"${var.project_id},${var.project_role_assignment_role},${var.project_role_assignment_subject}\"\n}\n```\n", + "description": "Project Role Assignment resource schema.\n\n\u003e This resource is part of the iam experiment and is likely going to undergo significant changes or be removed in the future. Use it at your own discretion.\n\n## Example Usage\n\n```terraform\nresource \"stackit_resourcemanager_project\" \"example\" {\n name = \"example_project\"\n owner_email = \"foo.bar@stackit.cloud\"\n # in this case a folder or a org-id\n parent_container_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n}\n\nresource \"stackit_authorization_project_role_assignment\" \"pra\" {\n resource_id = stackit_resourcemanager_project.example.project_id\n role = \"reader\"\n subject = \"foo.bar@stackit.cloud\"\n}\n\n# Only use the import statement, if you want to import an existing project role assignment\nimport {\n to = stackit_authorization_project_role_assignment.import-example\n id = \"${var.project_id},${var.project_role_assignment_role},${var.project_role_assignment_subject}\"\n}\n```\n", "properties": { "resourceId": { "type": "string", @@ -8805,7 +9147,7 @@ } }, "stackit:index/cdnDistribution:CdnDistribution": { - "description": "CDN distribution data source schema.\n\n\u003e This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide for how to opt-in to use beta resources.\n\n## Example Usage\n\n```terraform\nresource \"stackit_cdn_distribution\" \"example_distribution\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n config = {\n backend = {\n type = \"http\"\n origin_url = \"https://mybackend.onstackit.cloud\"\n geofencing = {\n \"https://mybackend.onstackit.cloud\" = [\"DE\"]\n }\n }\n regions = [\"EU\", \"US\", \"ASIA\", \"AF\", \"SA\"]\n blocked_countries = [\"DE\", \"AT\", \"CH\"]\n\n optimizer = {\n enabled = true\n }\n }\n}\n\nresource \"stackit_cdn_distribution\" \"example_bucket_distribution\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n config = {\n backend = {\n type = \"bucket\"\n bucket_url = \"https://my-test.object.storage.eu01.onstackit.cloud\"\n region = \"eu01\"\n\n # Credentials are required for bucket backends\n # It is strongly recommended to use variables for secrets\n credentials = {\n access_key_id = var.bucket_access_key\n secret_access_key = var.bucket_secret_key\n }\n }\n regions = [\"EU\", \"US\"]\n blocked_countries = [\"CN\", \"RU\"]\n\n optimizer = {\n enabled = false\n }\n\n redirects = {\n rules = [\n {\n description = \"test redirect\"\n enabled = true\n rule_match_condition = \"ANY\"\n status_code = 302\n target_url = \"https://stackit.de/\"\n matchers = [\n {\n values = [\"*/otherPath/\"]\n value_match_condition = \"ANY\"\n }\n ]\n }\n ]\n }\n }\n}\n\n# Only use the import statement, if you want to import an existing cdn distribution\nimport {\n to = stackit_cdn_distribution.import-example\n id = \"${var.project_id},${var.distribution_id}\"\n}\n```\n", + "description": "CDN distribution data source schema.\n\n\u003e This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide for how to opt-in to use beta resources.\n\n## Example Usage\n\n```terraform\nresource \"stackit_cdn_distribution\" \"example_distribution\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n config = {\n backend = {\n type = \"http\"\n origin_url = \"https://mybackend.onstackit.cloud\"\n geofencing = {\n \"https://mybackend.onstackit.cloud\" = [\"DE\"]\n }\n }\n regions = [\"EU\", \"US\", \"ASIA\", \"AF\", \"SA\"]\n blocked_countries = [\"DE\", \"AT\", \"CH\"]\n\n optimizer = {\n enabled = true\n }\n }\n}\n\nresource \"stackit_cdn_distribution\" \"example_bucket_distribution\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n config = {\n backend = {\n type = \"bucket\"\n bucket_url = \"https://my-test.object.storage.eu01.onstackit.cloud\"\n region = \"eu01\"\n\n # Credentials are required for bucket backends\n # It is strongly recommended to use variables for secrets\n credentials = {\n access_key_id = var.bucket_access_key\n secret_access_key = var.bucket_secret_key\n }\n }\n regions = [\"EU\", \"US\"]\n blocked_countries = [\"CN\", \"RU\"]\n\n optimizer = {\n enabled = false\n }\n\n redirects = {\n rules = [\n {\n description = \"test redirect\"\n enabled = true\n rule_match_condition = \"ANY\"\n status_code = 302\n target_url = \"https://stackit.de/\"\n matchers = [\n {\n values = [\"*/otherPath/\"]\n value_match_condition = \"ANY\"\n }\n ]\n }\n ]\n }\n\n # WAF Configuration\n # \n # Precedence Hierarchy: Specific Rules \u003e Groups \u003e Collections\n # In this example, the entire \"@builtin/crs/request\" collection is ENABLED.\n # However, because specific Rule IDs have a higher precedence, the rule \n # \"@builtin/crs/request/942151\" is explicitly DISABLED, overriding the collection setting.\n # \n # To view all available collections, groups, and rules, consult the API documentation:\n # https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections\n waf = {\n mode = \"ENABLED\"\n type = \"PREMIUM\"\n paranoia_level = \"L1\"\n allowed_http_versions = [\"HTTP/1.0\", \"HTTP/1.1\"]\n allowed_http_methods = [\"GET\"]\n allowed_request_content_types = [\"text/plain\"]\n\n # Collections\n enabled_rule_collection_ids = [\"@builtin/crs/request\"]\n disabled_rule_collection_ids = []\n log_only_rule_collection_ids = [\"@builtin/crs/response\"]\n\n # Groups\n enabled_rule_group_ids = []\n disabled_rule_group_ids = []\n log_only_rule_group_ids = []\n\n # Specific Rules (Highest Precedence)\n enabled_rule_ids = [\"@builtin/crs/request/913100\"]\n disabled_rule_ids = [\"@builtin/crs/request/942151\"]\n log_only_rule_ids = [\"@builtin/crs/response/954120\"]\n }\n }\n}\n\n# Only use the import statement, if you want to import an existing cdn distribution\nimport {\n to = stackit_cdn_distribution.import-example\n id = \"${var.project_id},${var.distribution_id}\"\n}\n```\n", "properties": { "config": { "$ref": "#/types/stackit:index/CdnDistributionConfig:CdnDistributionConfig", @@ -13609,6 +13951,15 @@ "type": "string", "description": "The name of the Observability instance.\n" }, + "otlpGrpcTracesUrl": { + "type": "string" + }, + "otlpHttpLogsUrl": { + "type": "string" + }, + "otlpHttpTracesUrl": { + "type": "string" + }, "otlpTracesUrl": { "type": "string" }, @@ -13664,6 +14015,9 @@ "metricsRetentionDays5mDownsampling", "metricsUrl", "name", + "otlpGrpcTracesUrl", + "otlpHttpLogsUrl", + "otlpHttpTracesUrl", "otlpTracesUrl", "parameters", "planId", @@ -13828,6 +14182,15 @@ "type": "string", "description": "The name of the Observability instance.\n" }, + "otlpGrpcTracesUrl": { + "type": "string" + }, + "otlpHttpLogsUrl": { + "type": "string" + }, + "otlpHttpTracesUrl": { + "type": "string" + }, "otlpTracesUrl": { "type": "string" }, @@ -16877,6 +17240,10 @@ "type": "string", "description": "The affinity group the server is assigned to.\n" }, + "agent": { + "$ref": "#/types/stackit:index/ServerAgent:ServerAgent", + "description": "The STACKIT Server Agent configured for the server\n" + }, "availabilityZone": { "type": "string", "description": "The availability zone of the server.\n" @@ -16949,6 +17316,7 @@ } }, "required": [ + "agent", "availabilityZone", "createdAt", "launchedAt", @@ -16964,6 +17332,10 @@ "type": "string", "description": "The affinity group the server is assigned to.\n" }, + "agent": { + "$ref": "#/types/stackit:index/ServerAgent:ServerAgent", + "description": "The STACKIT Server Agent configured for the server\n" + }, "availabilityZone": { "type": "string", "description": "The availability zone of the server.\n" @@ -17030,6 +17402,10 @@ "type": "string", "description": "The affinity group the server is assigned to.\n" }, + "agent": { + "$ref": "#/types/stackit:index/ServerAgent:ServerAgent", + "description": "The STACKIT Server Agent configured for the server\n" + }, "availabilityZone": { "type": "string", "description": "The availability zone of the server.\n" @@ -17784,6 +18160,110 @@ "type": "object" } }, + "stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider": { + "description": "Service account federated identity provider schema.\n## Example Usage\n\n### Create a federated identity provider\n```terraform\nresource \"stackit_service_account\" \"sa\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n name = \"my-service-account\"\n}\n\nresource \"stackit_service_account_federated_identity_provider\" \"provider\" {\n project_id = stackit_service_account.sa.project_id\n service_account_email = stackit_service_account.sa.email\n name = \"my-provider\"\n issuer = \"https://auth.example.com\"\n\n assertions = [\n {\n item = \"aud\" # Including the audience check is mandatory for security reasons, the value is free to choose\n operator = \"equals\"\n value = \"sts.accounts.stackit.cloud\"\n },\n {\n item = \"email\"\n operator = \"equals\"\n value = \"terraform@example.com\"\n }\n ]\n}\n\n```\n\n\n### Additional Examples\n\n```terraform\nresource \"stackit_service_account\" \"sa\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n name = \"my-service-account\"\n}\n\nresource \"stackit_service_account_federated_identity_provider\" \"provider\" {\n project_id = stackit_service_account.sa.project_id\n service_account_email = stackit_service_account.sa.email\n name = \"gh-actions\"\n issuer = \"https://token.actions.githubusercontent.com\"\n\n assertions = [\n {\n item = \"aud\"\n operator = \"equals\"\n value = \"sts.accounts.stackit.cloud\"\n },\n {\n item = \"sub\"\n operator = \"equals\"\n value = \"repo:stackitcloud/terraform-provider-stackit:ref:refs/heads/main\"\n }\n ]\n}\n\n# Only use the import statement, if you want to import an existing federated identity provider\nimport {\n to = stackit_service_account_federated_identity_provider.import-example\n id = \"${var.project_id},${var.service_account_email},${var.federation_id}\"\n}\n```\n", + "properties": { + "assertions": { + "type": "array", + "items": { + "$ref": "#/types/stackit:index/ServiceAccountFederatedIdentityProviderAssertion:ServiceAccountFederatedIdentityProviderAssertion" + }, + "description": "The assertions for the federated identity provider.\n" + }, + "federationId": { + "type": "string", + "description": "The unique identifier for the federated identity provider associated with the service account.\n" + }, + "issuer": { + "type": "string", + "description": "The issuer URL.\n" + }, + "name": { + "type": "string", + "description": "The name of the federated identity provider.\n" + }, + "projectId": { + "type": "string", + "description": "The STACKIT project ID associated with the service account.\n" + }, + "serviceAccountEmail": { + "type": "string", + "description": "The email address associated with the service account, used for account identification and communication.\n" + } + }, + "required": [ + "assertions", + "federationId", + "issuer", + "name", + "projectId", + "serviceAccountEmail" + ], + "inputProperties": { + "assertions": { + "type": "array", + "items": { + "$ref": "#/types/stackit:index/ServiceAccountFederatedIdentityProviderAssertion:ServiceAccountFederatedIdentityProviderAssertion" + }, + "description": "The assertions for the federated identity provider.\n" + }, + "issuer": { + "type": "string", + "description": "The issuer URL.\n" + }, + "name": { + "type": "string", + "description": "The name of the federated identity provider.\n" + }, + "projectId": { + "type": "string", + "description": "The STACKIT project ID associated with the service account.\n" + }, + "serviceAccountEmail": { + "type": "string", + "description": "The email address associated with the service account, used for account identification and communication.\n" + } + }, + "requiredInputs": [ + "assertions", + "issuer", + "projectId", + "serviceAccountEmail" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering ServiceAccountFederatedIdentityProvider resources.\n", + "properties": { + "assertions": { + "type": "array", + "items": { + "$ref": "#/types/stackit:index/ServiceAccountFederatedIdentityProviderAssertion:ServiceAccountFederatedIdentityProviderAssertion" + }, + "description": "The assertions for the federated identity provider.\n" + }, + "federationId": { + "type": "string", + "description": "The unique identifier for the federated identity provider associated with the service account.\n" + }, + "issuer": { + "type": "string", + "description": "The issuer URL.\n" + }, + "name": { + "type": "string", + "description": "The name of the federated identity provider.\n" + }, + "projectId": { + "type": "string", + "description": "The STACKIT project ID associated with the service account.\n" + }, + "serviceAccountEmail": { + "type": "string", + "description": "The email address associated with the service account, used for account identification and communication.\n" + } + }, + "type": "object" + } + }, "stackit:index/serviceAccountKey:ServiceAccountKey": { "description": "Service account key schema.\n## Example Usage\n\n### Automatically rotate service account keys\n```terraform\nresource \"stackit_service_account\" \"sa\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n name = \"sa01\"\n}\n\nresource \"time_rotating\" \"rotate\" {\n rotation_days = 80\n}\n\nresource \"stackit_service_account_key\" \"sa_key\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n service_account_email = stackit_service_account.sa.email\n ttl_days = 90\n\n rotate_when_changed = {\n rotation = time_rotating.rotate.id\n }\t\n}\n\n```\n", "properties": { @@ -19625,7 +20105,7 @@ "properties": { "distributionId": { "type": "string", - "description": "STACKIT project ID associated with the distribution\n" + "description": "CDN distribution ID\n" }, "projectId": { "type": "string", @@ -19651,7 +20131,7 @@ }, "distributionId": { "type": "string", - "description": "STACKIT project ID associated with the distribution\n" + "description": "CDN distribution ID\n" }, "domains": { "type": "array", @@ -22597,6 +23077,15 @@ "type": "string", "description": "The name of the Observability instance.\n" }, + "otlpGrpcTracesUrl": { + "type": "string" + }, + "otlpHttpLogsUrl": { + "type": "string" + }, + "otlpHttpTracesUrl": { + "type": "string" + }, "otlpTracesUrl": { "type": "string" }, @@ -22656,6 +23145,9 @@ "metricsRetentionDays5mDownsampling", "metricsUrl", "name", + "otlpGrpcTracesUrl", + "otlpHttpLogsUrl", + "otlpHttpTracesUrl", "otlpTracesUrl", "parameters", "planId", @@ -24860,6 +25352,10 @@ "type": "string", "description": "The affinity group the server is assigned to.\n" }, + "agent": { + "$ref": "#/types/stackit:index/getServerAgent:getServerAgent", + "description": "STACKIT Server Agent as setup on the server\n" + }, "availabilityZone": { "type": "string", "description": "The availability zone of the server.\n" @@ -24934,6 +25430,7 @@ "type": "object", "required": [ "affinityGroup", + "agent", "availabilityZone", "bootVolume", "createdAt", @@ -25402,6 +25899,78 @@ ] } }, + "stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider": { + "description": "Service account federated identity provider schema.\n\n## Example Usage\n\n```terraform\ndata \"stackit_service_account\" \"sa\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n email = \"sa01-8565oq1@sa.stackit.cloud\"\n}\n\ndata \"stackit_service_account_federated_identity_provider\" \"provider\" {\n project_id = data.stackit_service_account.sa.project_id\n service_account_email = data.stackit_service_account.sa.email\n federation_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n}\n```\n", + "inputs": { + "description": "A collection of arguments for invoking getServiceAccountFederatedIdentityProvider.\n", + "properties": { + "federationId": { + "type": "string", + "description": "The unique identifier for the federated identity provider associated with the service account.\n" + }, + "projectId": { + "type": "string", + "description": "The STACKIT project ID associated with the service account.\n" + }, + "serviceAccountEmail": { + "type": "string", + "description": "The email address associated with the service account, used for account identification and communication.\n" + } + }, + "type": "object", + "required": [ + "federationId", + "projectId", + "serviceAccountEmail" + ] + }, + "outputs": { + "description": "A collection of values returned by getServiceAccountFederatedIdentityProvider.\n", + "properties": { + "assertions": { + "type": "array", + "items": { + "$ref": "#/types/stackit:index/getServiceAccountFederatedIdentityProviderAssertion:getServiceAccountFederatedIdentityProviderAssertion" + }, + "description": "The assertions for the federated identity provider.\n" + }, + "federationId": { + "type": "string", + "description": "The unique identifier for the federated identity provider associated with the service account.\n" + }, + "id": { + "type": "string", + "description": "Terraform's internal resource identifier. It is structured as \"\u003cspan pulumi-lang-nodejs=\"`projectId`\" pulumi-lang-dotnet=\"`ProjectId`\" pulumi-lang-go=\"`projectId`\" pulumi-lang-python=\"`project_id`\" pulumi-lang-yaml=\"`projectId`\" pulumi-lang-java=\"`projectId`\"\u003e`projectId`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`serviceAccountEmail`\" pulumi-lang-dotnet=\"`ServiceAccountEmail`\" pulumi-lang-go=\"`serviceAccountEmail`\" pulumi-lang-python=\"`service_account_email`\" pulumi-lang-yaml=\"`serviceAccountEmail`\" pulumi-lang-java=\"`serviceAccountEmail`\"\u003e`serviceAccountEmail`\u003c/span\u003e,\u003cspan pulumi-lang-nodejs=\"`federationId`\" pulumi-lang-dotnet=\"`FederationId`\" pulumi-lang-go=\"`federationId`\" pulumi-lang-python=\"`federation_id`\" pulumi-lang-yaml=\"`federationId`\" pulumi-lang-java=\"`federationId`\"\u003e`federationId`\u003c/span\u003e\".\n" + }, + "issuer": { + "type": "string", + "description": "The issuer URL.\n" + }, + "name": { + "type": "string", + "description": "The name of the federated identity provider.\n" + }, + "projectId": { + "type": "string", + "description": "The STACKIT project ID associated with the service account.\n" + }, + "serviceAccountEmail": { + "type": "string", + "description": "The email address associated with the service account, used for account identification and communication.\n" + } + }, + "type": "object", + "required": [ + "assertions", + "federationId", + "id", + "issuer", + "name", + "projectId", + "serviceAccountEmail" + ] + } + }, "stackit:index/getServiceAccounts:getServiceAccounts": { "description": "Service accounts plural data source schema. Returns a list of all service accounts in a project, optionally filtered.\n\n## Example Usage\n\n```terraform\ndata \"stackit_service_accounts\" \"all_sas\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n}\n\ndata \"stackit_service_accounts\" \"sas_default_suffix\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n email_suffix = \"@sa.stackit.cloud\"\n}\n\ndata \"stackit_service_accounts\" \"sas_default_suffix_sort_asc\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n email_suffix = \"@sa.stackit.cloud\"\n sort_ascending = true\n}\n\ndata \"stackit_service_accounts\" \"sas_ske_regex\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n email_regex = \".*@ske\\\\.sa\\\\.stackit\\\\.cloud$\"\n}\n\ndata \"stackit_service_accounts\" \"sas_ske_suffix\" {\n project_id = \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"\n email_suffix = \"@ske.sa.stackit.cloud\"\n}\n```\n", "inputs": { diff --git a/provider/go.mod b/provider/go.mod index d8bd059..804945f 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -29,7 +29,7 @@ require ( github.com/Masterminds/semver/v3 v3.4.0 // indirect github.com/Masterminds/sprig/v3 v3.2.3 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/ProtonMail/go-crypto v1.3.0 // indirect + github.com/ProtonMail/go-crypto v1.4.1 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-cidr v1.1.0 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect @@ -112,7 +112,7 @@ require ( github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-plugin v1.7.0 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect - github.com/hashicorp/go-version v1.8.0 // indirect + github.com/hashicorp/go-version v1.9.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/hcl/v2 v2.24.0 // indirect github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 // indirect @@ -125,7 +125,7 @@ require ( github.com/hashicorp/terraform-plugin-sdk v1.8.0 // indirect github.com/hashicorp/terraform-plugin-sdk/v2 v2.40.0 // indirect github.com/hashicorp/terraform-registry-address v0.4.0 // indirect - github.com/hashicorp/terraform-svchost v0.1.1 // indirect + github.com/hashicorp/terraform-svchost v0.2.1 // indirect github.com/hashicorp/yamux v0.1.2 // indirect github.com/huandu/xstrings v1.3.3 // indirect github.com/iancoleman/strcase v0.3.0 // indirect @@ -197,38 +197,38 @@ require ( github.com/spf13/pflag v1.0.10 // indirect github.com/spiffe/go-spiffe/v2 v2.6.0 // indirect github.com/stackitcloud/stackit-sdk-go/core v0.26.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/cdn v1.15.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/cdn v1.16.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/dns v0.20.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/edge v0.9.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/edge v0.11.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/git v0.12.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/iaas v1.10.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/kms v1.7.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/iaas v1.11.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/kms v1.8.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/logme v0.28.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/logs v0.8.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/mariadb v0.28.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/modelserving v0.9.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/mongodbflex v1.8.3 // indirect - github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.8.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.9.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/observability v0.21.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/opensearch v0.27.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.7.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.8.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/rabbitmq v0.29.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/redis v0.28.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.22.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/scf v0.7.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.23.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/scf v0.8.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/secretsmanager v0.18.1 // indirect github.com/stackitcloud/stackit-sdk-go/services/serverbackup v1.6.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/serverupdate v1.5.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.18.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.19.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.3 // indirect github.com/stackitcloud/stackit-sdk-go/services/sfs v0.9.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/ske v1.13.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.9.1 // indirect - github.com/stackitcloud/terraform-provider-stackit v0.94.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/ske v1.14.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.10.0 // indirect + github.com/stackitcloud/terraform-provider-stackit v0.95.0 // indirect github.com/teambition/rrule-go v1.8.2 // indirect github.com/teekennedy/goldmark-markdown v0.3.0 // indirect github.com/texttheater/golang-levenshtein v1.0.1 // indirect @@ -241,7 +241,7 @@ require ( github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect github.com/yuin/goldmark v1.7.13 // indirect - github.com/zclconf/go-cty v1.17.0 // indirect + github.com/zclconf/go-cty v1.18.1 // indirect go.opentelemetry.io/auto/sdk v1.2.1 // indirect go.opentelemetry.io/collector/featuregate v1.54.0 // indirect go.opentelemetry.io/collector/pdata v1.54.0 // indirect diff --git a/provider/go.sum b/provider/go.sum index d5dfd50..c4c450f 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -72,8 +72,8 @@ github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBa github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= -github.com/ProtonMail/go-crypto v1.3.0 h1:ILq8+Sf5If5DCpHQp4PbZdS1J7HDFRXz/+xKBiRGFrw= -github.com/ProtonMail/go-crypto v1.3.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE= +github.com/ProtonMail/go-crypto v1.4.1 h1:9RfcZHqEQUvP8RzecWEUafnZVtEvrBVL9BiF67IQOfM= +github.com/ProtonMail/go-crypto v1.4.1/go.mod h1:e1OaTyu5SYVrO9gKOEhTc+5UcXtTUa+P3uLudwcgPqo= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= @@ -360,12 +360,12 @@ github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/C github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.8.0 h1:KAkNb1HAiZd1ukkxDFGmokVZe1Xy9HG6NUp+bPle2i4= -github.com/hashicorp/go-version v1.8.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.9.0 h1:CeOIz6k+LoN3qX9Z0tyQrPtiB1DFYRPfCIBtaXPSCnA= +github.com/hashicorp/go-version v1.9.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hc-install v0.9.3 h1:1H4dgmgzxEVwT6E/d/vIL5ORGVKz9twRwDw+qA5Hyho= -github.com/hashicorp/hc-install v0.9.3/go.mod h1:FQlQ5I3I/X409N/J1U4pPeQQz1R3BoV0IysB7aiaQE0= +github.com/hashicorp/hc-install v0.9.4 h1:KKWOpUG0EqIV63Qk2GGFrZ0s275NVs5lKf9N5vjBNoc= +github.com/hashicorp/hc-install v0.9.4/go.mod h1:4LRYeEN2bMIFfIv57ldMWt9awfuZhvpbRt0vWmv51WU= github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f/go.mod h1:oZtUIOe8dh44I2q6ScRibXws4Ajl+d+nod3AaR9vL5w= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= @@ -377,8 +377,8 @@ github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93/go.mod h1:n2TSygSNws github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8/go.mod h1:p+ivJws3dpqbp1iP84+npOyAmTTOLMgCzrXd3GSdn/A= -github.com/hashicorp/terraform-exec v0.25.0 h1:Bkt6m3VkJqYh+laFMrWIpy9KHYFITpOyzRMNI35rNaY= -github.com/hashicorp/terraform-exec v0.25.0/go.mod h1:dl9IwsCfklDU6I4wq9/StFDp7dNbH/h5AnfS1RmiUl8= +github.com/hashicorp/terraform-exec v0.25.1 h1:PRutYRGM8pixV3B8812NYoBK5O+yuf3qcB/70KFKGiU= +github.com/hashicorp/terraform-exec v0.25.1/go.mod h1:+izOYrs9sKMQK4OYvGDnrSSJHY/pm4e4eXFqSL2Q5mA= github.com/hashicorp/terraform-json v0.4.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/hashicorp/terraform-json v0.27.2 h1:BwGuzM6iUPqf9JYM/Z4AF1OJ5VVJEEzoKST/tRDBJKU= github.com/hashicorp/terraform-json v0.27.2/go.mod h1:GzPLJ1PLdUG5xL6xn1OXWIjteQRT2CNT9o/6A9mi9hE= @@ -395,13 +395,13 @@ github.com/hashicorp/terraform-plugin-log v0.10.0/go.mod h1:/9RR5Cv2aAbrqcTSdNmY github.com/hashicorp/terraform-plugin-sdk v1.8.0 h1:HE1p52nzcgz88hIJmapUnkmM9noEjV3QhTOLaua5XUA= github.com/hashicorp/terraform-plugin-sdk v1.8.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= -github.com/hashicorp/terraform-plugin-testing v1.15.0 h1:/fimKyl0YgD7aAtJkuuAZjwBASXhCIwWqMbDLnKLMe4= -github.com/hashicorp/terraform-plugin-testing v1.15.0/go.mod h1:bGXMw7bE95EiZhSBV3rM2W8TiffaPTDuLS+HFI/lIYs= +github.com/hashicorp/terraform-plugin-testing v1.16.0 h1:GB97nGnJ1hESpDrCjqZig38RodSF0gdRzxlDupLXP38= +github.com/hashicorp/terraform-plugin-testing v1.16.0/go.mod h1:eQPYAy9xFMV7xtIFX8Y+wJGtUB++HBl329zCF6PBMZk= github.com/hashicorp/terraform-registry-address v0.4.0 h1:S1yCGomj30Sao4l5BMPjTGZmCNzuv7/GDTDX99E9gTk= github.com/hashicorp/terraform-registry-address v0.4.0/go.mod h1:LRS1Ay0+mAiRkUyltGT+UHWkIqTFvigGn/LbMshfflE= github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= -github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= -github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= +github.com/hashicorp/terraform-svchost v0.2.1 h1:ubvrTFw3Q7CsoEaX7V06PtCTKG3wu7GyyobAoN4eF3Q= +github.com/hashicorp/terraform-svchost v0.2.1/go.mod h1:zDMheBLvNzu7Q6o9TBvPqiZToJcSuCLXjAXxBslSky4= github.com/hashicorp/vault/api v1.12.0 h1:meCpJSesvzQyao8FCOgk2fGdoADAnbDu2WPJN1lDLJ4= github.com/hashicorp/vault/api v1.12.0/go.mod h1:si+lJCYO7oGkIoNPAN8j3azBLTn9SjMGS+jFaHd1Cck= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= @@ -646,26 +646,26 @@ github.com/stackitcloud/pulumi-stackit/provider/shim v0.0.6 h1:HxckjrBBHZ+c2SAcF github.com/stackitcloud/pulumi-stackit/provider/shim v0.0.6/go.mod h1:XfgIyIgXyLYqtYtxiIcvxxW20cCJmiPv1UDoecT9T/Q= github.com/stackitcloud/stackit-sdk-go/core v0.26.0 h1:jQEb9gkehfp6VCP6TcYk7BI10cz4l0KM2L6hqYBH2QA= github.com/stackitcloud/stackit-sdk-go/core v0.26.0/go.mod h1:WU1hhxnjXw2EV7CYa1nlEvNpMiRY6CvmIOaHuL3pOaA= -github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.1 h1:hlos/aew02XKWtq1ss9EQh1UCzV1SXArYioew+WIv2M= -github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.1/go.mod h1:yYC61OsTtLZsrcq8l/JCI6MjvxLT4E2wMQj6LXc7prA= -github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.1 h1:TtpVXxgCJ17AqSOIzooQru/H3QnC4Z2VIF7HbaeKeJs= -github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.1/go.mod h1:c9JimEdshtcIHAI2j2N388ybW+InO1fvYPvL6rxb2uY= -github.com/stackitcloud/stackit-sdk-go/services/cdn v1.15.0 h1:yn9PGMZ9kqiPwTspaB0/Ko5/NR3FtvBYaQiT36oRfDQ= -github.com/stackitcloud/stackit-sdk-go/services/cdn v1.15.0/go.mod h1:KgZkrMEC4e46GRnnAZNpXNfEFPt43dn4yCu7EtPK3rE= -github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.1 h1:ZzC6Ds40ooXZRgyAAeKCI508X+/rs7rbn0cTt7k9sKk= -github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.1/go.mod h1:b4h5WDcL6FKzbonAmmQkHCAcFhXDr9GQuxEzVlNe9Vo= +github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.2 h1:hGzfOJjlCRoFpri5eYIiwhE27qu02pKZLprKvbsTC/w= +github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.2/go.mod h1:eK6oRB5Tmpt6KbXQ4UYBGg2LgW5bPtVoncL9E8JSRww= +github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.2 h1:b7WJ/vwxlVmNNX91kI3obqGcuoPAyaCbDL5aCMQ/sNg= +github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.2/go.mod h1:T/JF25XGJ3GqER/1L2N//DgY8x5tY7gA3N+/0nvmOWY= +github.com/stackitcloud/stackit-sdk-go/services/cdn v1.16.0 h1:Wqxx0PDTL2F5gqI5jjznuJY0TdqECltjA0aa/rHY63U= +github.com/stackitcloud/stackit-sdk-go/services/cdn v1.16.0/go.mod h1:MHB1N3EQ9GuAduAQoNS+gb1MjrWJieszbpOso9TQv5s= +github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.2 h1:ERtEiDYvT1BYCHzqMk2RUdD7o/9dkpa/60s1QVol3yI= +github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.2/go.mod h1:eJpB3/pukz+KzVPVHQ4g3DVtQkxGga18VbFBhq9ugdY= github.com/stackitcloud/stackit-sdk-go/services/dns v0.20.2 h1:nMJRg1dKioOlMwXJnZZgIRwfTWYCksVA9GyfAVmib1g= github.com/stackitcloud/stackit-sdk-go/services/dns v0.20.2/go.mod h1:FiYSv3D9rzgEVzi8Mpq5oYZBosrasa5uUYqVdEIbM1U= -github.com/stackitcloud/stackit-sdk-go/services/edge v0.9.1 h1:6jFXUq9psx6gEAkowSpNxrdQ4gq6sXD6/wkzhBQZDZo= -github.com/stackitcloud/stackit-sdk-go/services/edge v0.9.1/go.mod h1:JzYuE14U8aSLDJaqMdJVjdiwzPqhbeAqJXVqcXEuE0I= +github.com/stackitcloud/stackit-sdk-go/services/edge v0.11.0 h1:/JUxaJSGmg+PRj90e4fngWkXNQkRKHOYpVykJ3zoy7w= +github.com/stackitcloud/stackit-sdk-go/services/edge v0.11.0/go.mod h1:Ylse6gqGJtsd5TVmvha+hoLd1QQHLKvhY5dO15+q5kg= github.com/stackitcloud/stackit-sdk-go/services/git v0.12.2 h1:SOqbdC5hvjJRMUWEbYyWe61xPIgUtVp9dnkzkavVmzw= github.com/stackitcloud/stackit-sdk-go/services/git v0.12.2/go.mod h1:YZEL+gaK+ELn5E9VtK8yvz5RcmCBH+JkRpf6YbNVSbM= -github.com/stackitcloud/stackit-sdk-go/services/iaas v1.10.2 h1:UXW2OtgflJPN+58W7tX27CbJdpXg03RxM39DwXSrW5s= -github.com/stackitcloud/stackit-sdk-go/services/iaas v1.10.2/go.mod h1:OgVH92wVTVQwkUSvrgFaSkmbLM1XEA2UYGP+oLEaLMA= -github.com/stackitcloud/stackit-sdk-go/services/kms v1.7.2 h1:IzEWlJ/JtAHRRdCikxABkX55s63QGC0wp3tFtwq+oCI= -github.com/stackitcloud/stackit-sdk-go/services/kms v1.7.2/go.mod h1:pVaCmb1ZHAPGVRlSlBlVOjThp9Tb2sX9+nRX0M+d1KU= -github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.1 h1:aKIKKPdYEAw09ivHlXBVJdqXJax1eWPEe0oXkd8J/Zk= -github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.1/go.mod h1:glY8R+mlF4JlUd00z7dxyv/LTgdgqrJ11TVx7yCfJyw= +github.com/stackitcloud/stackit-sdk-go/services/iaas v1.11.1 h1:HcKqjwIjv4OAW1aWI0U/JWjnzTwzSvdr6DLasH940EU= +github.com/stackitcloud/stackit-sdk-go/services/iaas v1.11.1/go.mod h1:Ts06id0KejUlQWbpR+/rm+tKng6QkTuFV1VQTPJ4dA4= +github.com/stackitcloud/stackit-sdk-go/services/kms v1.8.0 h1:w2wPPo87PPqYO/cvWCz6GGE/VYAvGh3yaK4UEOXY9Gw= +github.com/stackitcloud/stackit-sdk-go/services/kms v1.8.0/go.mod h1:pVaCmb1ZHAPGVRlSlBlVOjThp9Tb2sX9+nRX0M+d1KU= +github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.2 h1:3Xnt5lnMmqVWChvH8lYJwpRoRatoqXfHlZ12wgNwUD4= +github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.2/go.mod h1:+Ld3dn648I+YKcBV3fEkYpDSr3fel421+LurJGywSBs= github.com/stackitcloud/stackit-sdk-go/services/logme v0.28.2 h1:vpm7au3Asqn3F5NwqKZjoYq4p8lSGuxIbajvFvIZ1YU= github.com/stackitcloud/stackit-sdk-go/services/logme v0.28.2/go.mod h1:JDOOYaGgcBts2x52nKPRMFgSZe7qqOFmfz1xIXCQgRY= github.com/stackitcloud/stackit-sdk-go/services/logs v0.8.2 h1:Y1YrwN0zqBPBth/69FPnkWiWgZycg4PUdjUs8cAZ7i4= @@ -676,40 +676,40 @@ github.com/stackitcloud/stackit-sdk-go/services/modelserving v0.9.2 h1:JKQj6wvlU github.com/stackitcloud/stackit-sdk-go/services/modelserving v0.9.2/go.mod h1:u7T85YqoqncJevbPU1ODKthbmxxEh1zw+bVaAO8v0Sg= github.com/stackitcloud/stackit-sdk-go/services/mongodbflex v1.8.3 h1:QW//diMedJX1o4HQV+NSWT3we7Xlly+ReWcaQqwwG90= github.com/stackitcloud/stackit-sdk-go/services/mongodbflex v1.8.3/go.mod h1:0hHEPiOEMAA23EzEl42Rm3FlyKIzkW+LWLvDkuFTZ+Q= -github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.8.2 h1:H0ImuBpUZRpRf08Pafx9sU74wiTIdjFpiW4BiOYJx10= -github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.8.2/go.mod h1:QsPtoqAYvumyPU6ToX/5j1PbudN+VSTuvh6mp154ecM= +github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.9.0 h1:T+ll3lS0Kn18d8hTOrVAMKcQrXiab+Cuj0cTnAYHmj0= +github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.9.0/go.mod h1:QsPtoqAYvumyPU6ToX/5j1PbudN+VSTuvh6mp154ecM= github.com/stackitcloud/stackit-sdk-go/services/observability v0.21.2 h1:iHcHPaRFpVaXXio0uuVkPtbnEHwClKioFdn9W72ZmYU= github.com/stackitcloud/stackit-sdk-go/services/observability v0.21.2/go.mod h1:0fEZQHm729mBdvg4sNrAhM6KmHROHJSeS2FwCMRk46k= github.com/stackitcloud/stackit-sdk-go/services/opensearch v0.27.2 h1:2BH61+gyc2Jq4stX3L731JIb6VKK8JJcx4c1h+esPPo= github.com/stackitcloud/stackit-sdk-go/services/opensearch v0.27.2/go.mod h1:L+NlfC1hilLOqlLLukCj/UDnxlnNrc/oMikcw3Ansyw= -github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.7.2 h1:VIekoX8eCvSgO9HEr4j+z5SKApN2DgfXudSt02zU6Is= -github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.7.2/go.mod h1:yzlakB+f8ur4yAHR6lyCABO+HcEtZG3G2Faj6m5/uW8= +github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.8.0 h1:oWTviJKdlUxaaARJghTjOqBbarIK+7+nH3Kc3Wxn4rQ= +github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.8.0/go.mod h1:yzlakB+f8ur4yAHR6lyCABO+HcEtZG3G2Faj6m5/uW8= github.com/stackitcloud/stackit-sdk-go/services/rabbitmq v0.29.2 h1:p+B3NbuH27Dmi5iM88b/YHXd0fcI3Bc81AsRTOjIK6U= github.com/stackitcloud/stackit-sdk-go/services/rabbitmq v0.29.2/go.mod h1:TwfVVynB/+AKbccSOLk2qZpPL1tdK43BBAiACP6EtSg= github.com/stackitcloud/stackit-sdk-go/services/redis v0.28.2 h1:9s8yUxXEORj/ChLLf5vGdjmMC3PhDlYRIVd4v23Uavg= github.com/stackitcloud/stackit-sdk-go/services/redis v0.28.2/go.mod h1:yjej6QfYoYdRIyKXlmbVz8fZYxbuUdl+QBkvLDPgA4k= -github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.22.1 h1:J7EqPLrdfEWhEw5bH3StHbKtrSwJ6Gdjw5RwzsHXGf0= -github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.22.1/go.mod h1:hczoIYoLKu7vL+iunL1AlhQ2MqQXckPlqiozrqdZrWQ= -github.com/stackitcloud/stackit-sdk-go/services/scf v0.7.1 h1:bXorYZgdx9W6GLunvU+VPaOITp4BNRuyOuwbPVpTlVo= -github.com/stackitcloud/stackit-sdk-go/services/scf v0.7.1/go.mod h1:Q2BlJ3Y/JEndson0E/GFQN5v3b0vQak71csYFyuOzUs= +github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.23.0 h1:u2C3oHNcc41Ba5cUqSPuqviDrYSRhpaC5+ELbuHHdwM= +github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.23.0/go.mod h1:NEz3f+GV5G++BE9/MmZCsXJyCih7jtg0pZuSyG2sLEs= +github.com/stackitcloud/stackit-sdk-go/services/scf v0.8.0 h1:3m9+KZ3pqH8Bj8OejwtVjAkBduxWHWio50FBiJ5enks= +github.com/stackitcloud/stackit-sdk-go/services/scf v0.8.0/go.mod h1:w3rXz3Klz5XxpI7eXpvZTYlu8LQkZJiFxKg6DNBgenQ= github.com/stackitcloud/stackit-sdk-go/services/secretsmanager v0.18.1 h1:U5rstX5e6Am2t+Ukv5K1Sbftzxt5aFALMa9YS4jCJoo= github.com/stackitcloud/stackit-sdk-go/services/secretsmanager v0.18.1/go.mod h1:2XA8PE05Qg6BL2YXO4XgfGI9qskJ3cicLE5Qq0aqDdY= github.com/stackitcloud/stackit-sdk-go/services/serverbackup v1.6.2 h1:NCGehrXvtpFaeH85fU1DWisf3+IgqoGUERY70UfwTUU= github.com/stackitcloud/stackit-sdk-go/services/serverbackup v1.6.2/go.mod h1:BJeafbecuocdirGCAJ2Vz/rPSK/LRrB5lPBEacqd1eU= github.com/stackitcloud/stackit-sdk-go/services/serverupdate v1.5.2 h1:6C/iTPoYPCrZOc3JMmvyDNs4hm+JR5p9O3DIfFGgnbo= github.com/stackitcloud/stackit-sdk-go/services/serverupdate v1.5.2/go.mod h1:/OHYZXQb9KXDdZK5J9C2YS6DJUD2i6ednZ1rK7zpDZ0= -github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.18.1 h1:T/5murYRgKIuieEY4PvLM0WipaSD2MsyR1VuQoKt+MQ= -github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.18.1/go.mod h1:D8P9ZhWfXRE8gNQKUae9pyZGpskS949ezR7QQIGAMp8= -github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.1 h1:Q/0UVLpcYJ+Sye5FWnASMyxmkXw7mPk5i5QFc+me5UU= -github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.1/go.mod h1:DaAUnOHgpL2tX0dejQzW/1b/sFxFhbnIx4PhjY+YuyA= +github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.19.0 h1:VDGfv4VUKo+yogizhjKLzcNa5CR28q6uWDLQs5ntgO0= +github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.19.0/go.mod h1:xJNa86o89czK2o60+s46vz8+NSKDTbQduFGFaztJnsA= +github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.3 h1:LM/u2bnB5B9xhSX8S3fC5gYu3VPvWZa+xDndhpI2jc4= +github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.3/go.mod h1:fXq3TmVLb4JMSve989NFFViMFoYa83s7M3hJWgN6mdQ= github.com/stackitcloud/stackit-sdk-go/services/sfs v0.9.0 h1:JWAFnskRbNKT8x62pZcAMCC+p5hyTEkAyxqFwy39jFA= github.com/stackitcloud/stackit-sdk-go/services/sfs v0.9.0/go.mod h1:jMlBoXqrPNX5nXbo6oT7exalqilw1jiLPoIp4Cn0CdI= -github.com/stackitcloud/stackit-sdk-go/services/ske v1.13.0 h1:CSzqycERxxLsB/x6CJUPqTyqrwiQ6WG23XPlal3Szh0= -github.com/stackitcloud/stackit-sdk-go/services/ske v1.13.0/go.mod h1:Pvzgr+UTnWXlRVhiq2eigcLFIBwfgyviy8m4DLMgI0E= -github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.9.1 h1:wPqWAZX70u2VWIU0PCNhayff8OmGTpI4dZ7VkROwqco= -github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.9.1/go.mod h1:AiUoMAqQcOlMgDtkVJlqI7P/VGD5xjN3dYjERGnwN/M= -github.com/stackitcloud/terraform-provider-stackit v0.94.0 h1:zE+gTOkzz+3ozjJxMRznKk5x7NegDGJe4SC/6vqz/BU= -github.com/stackitcloud/terraform-provider-stackit v0.94.0/go.mod h1:7m8lkTFUP6PbVgCvjXT+2kr742jbJiq5DEcfT0/+w98= +github.com/stackitcloud/stackit-sdk-go/services/ske v1.14.0 h1:Zy3yxmHzW+ydu1naeESMh8psXhUglkOHZ+/F3SJMwX8= +github.com/stackitcloud/stackit-sdk-go/services/ske v1.14.0/go.mod h1:TbqmZhLMofmfl+HhVl6oHYcI3zvXTm1vRjN3A/fOkM4= +github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.10.0 h1:angvO3z0TGqZtdwTDsG/tgTw9hxB76A6leUsiUXQtME= +github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.10.0/go.mod h1:AiUoMAqQcOlMgDtkVJlqI7P/VGD5xjN3dYjERGnwN/M= +github.com/stackitcloud/terraform-provider-stackit v0.95.0 h1:lSuM/udYZjri2oR1MpKm3L910tk7J+68VJBxVXouG50= +github.com/stackitcloud/terraform-provider-stackit v0.95.0/go.mod h1:DmULztqD80XFE0uYIsaYQI3fpQnjXi6YgRxaVgkyWlw= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= @@ -760,8 +760,8 @@ github.com/yuin/goldmark v1.7.13/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Br github.com/zclconf/go-cty v1.0.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.17.0 h1:seZvECve6XX4tmnvRzWtJNHdscMtYEx5R7bnnVyd/d0= -github.com/zclconf/go-cty v1.17.0/go.mod h1:wqFzcImaLTI6A5HfsRwB0nj5n0MRZFwmey8YoFPPs3U= +github.com/zclconf/go-cty v1.18.1 h1:yEGE8M4iIZlyKQURZNb2SnEyZlZHUcBCnx6KF81KuwM= +github.com/zclconf/go-cty v1.18.1/go.mod h1:qpnV6EDNgC1sns/AleL1fvatHw72j+S+nS+MJ+T2CSg= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= github.com/zclconf/go-cty-yaml v1.0.1/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0= diff --git a/provider/shim/go.mod b/provider/shim/go.mod index fc1e253..3bc42d4 100644 --- a/provider/shim/go.mod +++ b/provider/shim/go.mod @@ -2,24 +2,24 @@ module github.com/stackitcloud/pulumi-stackit/provider/shim go 1.26.0 -require github.com/stackitcloud/terraform-provider-stackit v0.94.0 +require github.com/stackitcloud/terraform-provider-stackit v0.95.0 require ( github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/terraform-plugin-framework-timeouts v0.7.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/edge v0.9.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/kms v1.7.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/edge v0.11.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/kms v1.8.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/logs v0.8.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/scf v0.7.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/scf v0.8.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/sfs v0.9.0 // indirect + golang.org/x/tools v0.44.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 // indirect google.golang.org/grpc v1.80.0 // indirect ) require ( - github.com/agext/levenshtein v1.2.3 // indirect github.com/fatih/color v1.19.0 // indirect github.com/golang-jwt/jwt/v5 v5.3.1 // indirect github.com/google/go-cmp v0.7.0 // indirect @@ -33,33 +33,33 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/stackitcloud/stackit-sdk-go/core v0.26.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/cdn v1.15.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/cdn v1.16.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/dns v0.20.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/git v0.12.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/iaas v1.10.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/iaas v1.11.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/logme v0.28.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/mariadb v0.28.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/modelserving v0.9.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/mongodbflex v1.8.3 // indirect - github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.8.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.9.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/observability v0.21.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/opensearch v0.27.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.7.2 // indirect + github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.8.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/rabbitmq v0.29.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/redis v0.28.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.22.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.23.0 // indirect github.com/stackitcloud/stackit-sdk-go/services/secretsmanager v0.18.1 // indirect github.com/stackitcloud/stackit-sdk-go/services/serverbackup v1.6.2 // indirect github.com/stackitcloud/stackit-sdk-go/services/serverupdate v1.5.2 // indirect - github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.18.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.1 // indirect - github.com/stackitcloud/stackit-sdk-go/services/ske v1.13.0 // indirect - github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.9.1 // indirect + github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.19.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.3 // indirect + github.com/stackitcloud/stackit-sdk-go/services/ske v1.14.0 // indirect + github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.10.0 // indirect github.com/teambition/rrule-go v1.8.2 // indirect github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect golang.org/x/mod v0.35.0 // indirect - golang.org/x/sys v0.42.0 // indirect + golang.org/x/sys v0.43.0 // indirect ) diff --git a/provider/shim/go.sum b/provider/shim/go.sum index 6c93e49..e0fcd21 100644 --- a/provider/shim/go.sum +++ b/provider/shim/go.sum @@ -1,4 +1,4 @@ -github.com/ProtonMail/go-crypto v1.3.0 h1:ILq8+Sf5If5DCpHQp4PbZdS1J7HDFRXz/+xKBiRGFrw= +github.com/ProtonMail/go-crypto v1.4.1 h1:9RfcZHqEQUvP8RzecWEUafnZVtEvrBVL9BiF67IQOfM= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= @@ -33,16 +33,14 @@ github.com/hashicorp/go-plugin v1.7.0/go.mod h1:BExt6KEaIYx804z8k4gRzRLEvxKVb+kn github.com/hashicorp/go-retryablehttp v0.7.8 h1:ylXZWnqa7Lhqpk0L1P1LzDtGcCR0rPVUrx/c8Unxc48= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.8.0 h1:KAkNb1HAiZd1ukkxDFGmokVZe1Xy9HG6NUp+bPle2i4= -github.com/hashicorp/go-version v1.8.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/hc-install v0.9.3 h1:1H4dgmgzxEVwT6E/d/vIL5ORGVKz9twRwDw+qA5Hyho= +github.com/hashicorp/go-version v1.9.0 h1:CeOIz6k+LoN3qX9Z0tyQrPtiB1DFYRPfCIBtaXPSCnA= +github.com/hashicorp/hc-install v0.9.4 h1:KKWOpUG0EqIV63Qk2GGFrZ0s275NVs5lKf9N5vjBNoc= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl/v2 v2.24.0 h1:2QJdZ454DSsYGoaE6QheQZjtKZSUs9Nh2izTWiwQxvE= github.com/hashicorp/hcl/v2 v2.24.0/go.mod h1:oGoO1FIQYfn/AgyOhlg9qLC6/nOJPX3qGbkZpYAcqfM= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/terraform-exec v0.25.0 h1:Bkt6m3VkJqYh+laFMrWIpy9KHYFITpOyzRMNI35rNaY= -github.com/hashicorp/terraform-exec v0.25.0/go.mod h1:dl9IwsCfklDU6I4wq9/StFDp7dNbH/h5AnfS1RmiUl8= +github.com/hashicorp/terraform-exec v0.25.1 h1:PRutYRGM8pixV3B8812NYoBK5O+yuf3qcB/70KFKGiU= github.com/hashicorp/terraform-json v0.27.2 h1:BwGuzM6iUPqf9JYM/Z4AF1OJ5VVJEEzoKST/tRDBJKU= github.com/hashicorp/terraform-plugin-framework v1.19.0 h1:q0bwyhxAOR3vfdgbk9iplv3MlTv/dhBHTXjQOtQDoBA= github.com/hashicorp/terraform-plugin-framework v1.19.0/go.mod h1:YRXOBu0jvs7xp4AThBbX4mAzYaMJ1JgtFH//oGKxwLc= @@ -56,11 +54,11 @@ github.com/hashicorp/terraform-plugin-log v0.10.0 h1:eu2kW6/QBVdN4P3Ju2WiB2W3Obj github.com/hashicorp/terraform-plugin-log v0.10.0/go.mod h1:/9RR5Cv2aAbrqcTSdNmY1NRHP4E3ekrXRGjqORpXyB0= github.com/hashicorp/terraform-plugin-sdk/v2 v2.40.0 h1:MKS/2URqeJRwJdbOfcbdsZCq/IRrNkqJNN0GtVIsuGs= github.com/hashicorp/terraform-plugin-sdk/v2 v2.40.0/go.mod h1:PuG4P97Ju3QXW6c6vRkRadWJbvnEu2Xh+oOuqcYOqX4= -github.com/hashicorp/terraform-plugin-testing v1.15.0 h1:/fimKyl0YgD7aAtJkuuAZjwBASXhCIwWqMbDLnKLMe4= +github.com/hashicorp/terraform-plugin-testing v1.16.0 h1:GB97nGnJ1hESpDrCjqZig38RodSF0gdRzxlDupLXP38= github.com/hashicorp/terraform-registry-address v0.4.0 h1:S1yCGomj30Sao4l5BMPjTGZmCNzuv7/GDTDX99E9gTk= github.com/hashicorp/terraform-registry-address v0.4.0/go.mod h1:LRS1Ay0+mAiRkUyltGT+UHWkIqTFvigGn/LbMshfflE= -github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= -github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= +github.com/hashicorp/terraform-svchost v0.2.1 h1:ubvrTFw3Q7CsoEaX7V06PtCTKG3wu7GyyobAoN4eF3Q= +github.com/hashicorp/terraform-svchost v0.2.1/go.mod h1:zDMheBLvNzu7Q6o9TBvPqiZToJcSuCLXjAXxBslSky4= github.com/hashicorp/yamux v0.1.2 h1:XtB8kyFOyHXYVFnwT5C3+Bdo8gArse7j2AQ0DA0Uey8= github.com/hashicorp/yamux v0.1.2/go.mod h1:C+zze2n6e/7wshOZep2A70/aQU6QBRWJO/G6FT1wIns= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -87,26 +85,26 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/stackitcloud/stackit-sdk-go/core v0.26.0 h1:jQEb9gkehfp6VCP6TcYk7BI10cz4l0KM2L6hqYBH2QA= github.com/stackitcloud/stackit-sdk-go/core v0.26.0/go.mod h1:WU1hhxnjXw2EV7CYa1nlEvNpMiRY6CvmIOaHuL3pOaA= -github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.1 h1:hlos/aew02XKWtq1ss9EQh1UCzV1SXArYioew+WIv2M= -github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.1/go.mod h1:yYC61OsTtLZsrcq8l/JCI6MjvxLT4E2wMQj6LXc7prA= -github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.1 h1:TtpVXxgCJ17AqSOIzooQru/H3QnC4Z2VIF7HbaeKeJs= -github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.1/go.mod h1:c9JimEdshtcIHAI2j2N388ybW+InO1fvYPvL6rxb2uY= -github.com/stackitcloud/stackit-sdk-go/services/cdn v1.15.0 h1:yn9PGMZ9kqiPwTspaB0/Ko5/NR3FtvBYaQiT36oRfDQ= -github.com/stackitcloud/stackit-sdk-go/services/cdn v1.15.0/go.mod h1:KgZkrMEC4e46GRnnAZNpXNfEFPt43dn4yCu7EtPK3rE= -github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.1 h1:ZzC6Ds40ooXZRgyAAeKCI508X+/rs7rbn0cTt7k9sKk= -github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.1/go.mod h1:b4h5WDcL6FKzbonAmmQkHCAcFhXDr9GQuxEzVlNe9Vo= +github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.2 h1:hGzfOJjlCRoFpri5eYIiwhE27qu02pKZLprKvbsTC/w= +github.com/stackitcloud/stackit-sdk-go/services/alb v0.14.2/go.mod h1:eK6oRB5Tmpt6KbXQ4UYBGg2LgW5bPtVoncL9E8JSRww= +github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.2 h1:b7WJ/vwxlVmNNX91kI3obqGcuoPAyaCbDL5aCMQ/sNg= +github.com/stackitcloud/stackit-sdk-go/services/authorization v0.15.2/go.mod h1:T/JF25XGJ3GqER/1L2N//DgY8x5tY7gA3N+/0nvmOWY= +github.com/stackitcloud/stackit-sdk-go/services/cdn v1.16.0 h1:Wqxx0PDTL2F5gqI5jjznuJY0TdqECltjA0aa/rHY63U= +github.com/stackitcloud/stackit-sdk-go/services/cdn v1.16.0/go.mod h1:MHB1N3EQ9GuAduAQoNS+gb1MjrWJieszbpOso9TQv5s= +github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.2 h1:ERtEiDYvT1BYCHzqMk2RUdD7o/9dkpa/60s1QVol3yI= +github.com/stackitcloud/stackit-sdk-go/services/certificates v1.6.2/go.mod h1:eJpB3/pukz+KzVPVHQ4g3DVtQkxGga18VbFBhq9ugdY= github.com/stackitcloud/stackit-sdk-go/services/dns v0.20.2 h1:nMJRg1dKioOlMwXJnZZgIRwfTWYCksVA9GyfAVmib1g= github.com/stackitcloud/stackit-sdk-go/services/dns v0.20.2/go.mod h1:FiYSv3D9rzgEVzi8Mpq5oYZBosrasa5uUYqVdEIbM1U= -github.com/stackitcloud/stackit-sdk-go/services/edge v0.9.1 h1:6jFXUq9psx6gEAkowSpNxrdQ4gq6sXD6/wkzhBQZDZo= -github.com/stackitcloud/stackit-sdk-go/services/edge v0.9.1/go.mod h1:JzYuE14U8aSLDJaqMdJVjdiwzPqhbeAqJXVqcXEuE0I= +github.com/stackitcloud/stackit-sdk-go/services/edge v0.11.0 h1:/JUxaJSGmg+PRj90e4fngWkXNQkRKHOYpVykJ3zoy7w= +github.com/stackitcloud/stackit-sdk-go/services/edge v0.11.0/go.mod h1:Ylse6gqGJtsd5TVmvha+hoLd1QQHLKvhY5dO15+q5kg= github.com/stackitcloud/stackit-sdk-go/services/git v0.12.2 h1:SOqbdC5hvjJRMUWEbYyWe61xPIgUtVp9dnkzkavVmzw= github.com/stackitcloud/stackit-sdk-go/services/git v0.12.2/go.mod h1:YZEL+gaK+ELn5E9VtK8yvz5RcmCBH+JkRpf6YbNVSbM= -github.com/stackitcloud/stackit-sdk-go/services/iaas v1.10.2 h1:UXW2OtgflJPN+58W7tX27CbJdpXg03RxM39DwXSrW5s= -github.com/stackitcloud/stackit-sdk-go/services/iaas v1.10.2/go.mod h1:OgVH92wVTVQwkUSvrgFaSkmbLM1XEA2UYGP+oLEaLMA= -github.com/stackitcloud/stackit-sdk-go/services/kms v1.7.2 h1:IzEWlJ/JtAHRRdCikxABkX55s63QGC0wp3tFtwq+oCI= -github.com/stackitcloud/stackit-sdk-go/services/kms v1.7.2/go.mod h1:pVaCmb1ZHAPGVRlSlBlVOjThp9Tb2sX9+nRX0M+d1KU= -github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.1 h1:aKIKKPdYEAw09ivHlXBVJdqXJax1eWPEe0oXkd8J/Zk= -github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.1/go.mod h1:glY8R+mlF4JlUd00z7dxyv/LTgdgqrJ11TVx7yCfJyw= +github.com/stackitcloud/stackit-sdk-go/services/iaas v1.11.1 h1:HcKqjwIjv4OAW1aWI0U/JWjnzTwzSvdr6DLasH940EU= +github.com/stackitcloud/stackit-sdk-go/services/iaas v1.11.1/go.mod h1:Ts06id0KejUlQWbpR+/rm+tKng6QkTuFV1VQTPJ4dA4= +github.com/stackitcloud/stackit-sdk-go/services/kms v1.8.0 h1:w2wPPo87PPqYO/cvWCz6GGE/VYAvGh3yaK4UEOXY9Gw= +github.com/stackitcloud/stackit-sdk-go/services/kms v1.8.0/go.mod h1:pVaCmb1ZHAPGVRlSlBlVOjThp9Tb2sX9+nRX0M+d1KU= +github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.2 h1:3Xnt5lnMmqVWChvH8lYJwpRoRatoqXfHlZ12wgNwUD4= +github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.12.2/go.mod h1:+Ld3dn648I+YKcBV3fEkYpDSr3fel421+LurJGywSBs= github.com/stackitcloud/stackit-sdk-go/services/logme v0.28.2 h1:vpm7au3Asqn3F5NwqKZjoYq4p8lSGuxIbajvFvIZ1YU= github.com/stackitcloud/stackit-sdk-go/services/logme v0.28.2/go.mod h1:JDOOYaGgcBts2x52nKPRMFgSZe7qqOFmfz1xIXCQgRY= github.com/stackitcloud/stackit-sdk-go/services/logs v0.8.2 h1:Y1YrwN0zqBPBth/69FPnkWiWgZycg4PUdjUs8cAZ7i4= @@ -117,40 +115,40 @@ github.com/stackitcloud/stackit-sdk-go/services/modelserving v0.9.2 h1:JKQj6wvlU github.com/stackitcloud/stackit-sdk-go/services/modelserving v0.9.2/go.mod h1:u7T85YqoqncJevbPU1ODKthbmxxEh1zw+bVaAO8v0Sg= github.com/stackitcloud/stackit-sdk-go/services/mongodbflex v1.8.3 h1:QW//diMedJX1o4HQV+NSWT3we7Xlly+ReWcaQqwwG90= github.com/stackitcloud/stackit-sdk-go/services/mongodbflex v1.8.3/go.mod h1:0hHEPiOEMAA23EzEl42Rm3FlyKIzkW+LWLvDkuFTZ+Q= -github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.8.2 h1:H0ImuBpUZRpRf08Pafx9sU74wiTIdjFpiW4BiOYJx10= -github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.8.2/go.mod h1:QsPtoqAYvumyPU6ToX/5j1PbudN+VSTuvh6mp154ecM= +github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.9.0 h1:T+ll3lS0Kn18d8hTOrVAMKcQrXiab+Cuj0cTnAYHmj0= +github.com/stackitcloud/stackit-sdk-go/services/objectstorage v1.9.0/go.mod h1:QsPtoqAYvumyPU6ToX/5j1PbudN+VSTuvh6mp154ecM= github.com/stackitcloud/stackit-sdk-go/services/observability v0.21.2 h1:iHcHPaRFpVaXXio0uuVkPtbnEHwClKioFdn9W72ZmYU= github.com/stackitcloud/stackit-sdk-go/services/observability v0.21.2/go.mod h1:0fEZQHm729mBdvg4sNrAhM6KmHROHJSeS2FwCMRk46k= github.com/stackitcloud/stackit-sdk-go/services/opensearch v0.27.2 h1:2BH61+gyc2Jq4stX3L731JIb6VKK8JJcx4c1h+esPPo= github.com/stackitcloud/stackit-sdk-go/services/opensearch v0.27.2/go.mod h1:L+NlfC1hilLOqlLLukCj/UDnxlnNrc/oMikcw3Ansyw= -github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.7.2 h1:VIekoX8eCvSgO9HEr4j+z5SKApN2DgfXudSt02zU6Is= -github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.7.2/go.mod h1:yzlakB+f8ur4yAHR6lyCABO+HcEtZG3G2Faj6m5/uW8= +github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.8.0 h1:oWTviJKdlUxaaARJghTjOqBbarIK+7+nH3Kc3Wxn4rQ= +github.com/stackitcloud/stackit-sdk-go/services/postgresflex v1.8.0/go.mod h1:yzlakB+f8ur4yAHR6lyCABO+HcEtZG3G2Faj6m5/uW8= github.com/stackitcloud/stackit-sdk-go/services/rabbitmq v0.29.2 h1:p+B3NbuH27Dmi5iM88b/YHXd0fcI3Bc81AsRTOjIK6U= github.com/stackitcloud/stackit-sdk-go/services/rabbitmq v0.29.2/go.mod h1:TwfVVynB/+AKbccSOLk2qZpPL1tdK43BBAiACP6EtSg= github.com/stackitcloud/stackit-sdk-go/services/redis v0.28.2 h1:9s8yUxXEORj/ChLLf5vGdjmMC3PhDlYRIVd4v23Uavg= github.com/stackitcloud/stackit-sdk-go/services/redis v0.28.2/go.mod h1:yjej6QfYoYdRIyKXlmbVz8fZYxbuUdl+QBkvLDPgA4k= -github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.22.1 h1:J7EqPLrdfEWhEw5bH3StHbKtrSwJ6Gdjw5RwzsHXGf0= -github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.22.1/go.mod h1:hczoIYoLKu7vL+iunL1AlhQ2MqQXckPlqiozrqdZrWQ= -github.com/stackitcloud/stackit-sdk-go/services/scf v0.7.1 h1:bXorYZgdx9W6GLunvU+VPaOITp4BNRuyOuwbPVpTlVo= -github.com/stackitcloud/stackit-sdk-go/services/scf v0.7.1/go.mod h1:Q2BlJ3Y/JEndson0E/GFQN5v3b0vQak71csYFyuOzUs= +github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.23.0 h1:u2C3oHNcc41Ba5cUqSPuqviDrYSRhpaC5+ELbuHHdwM= +github.com/stackitcloud/stackit-sdk-go/services/resourcemanager v0.23.0/go.mod h1:NEz3f+GV5G++BE9/MmZCsXJyCih7jtg0pZuSyG2sLEs= +github.com/stackitcloud/stackit-sdk-go/services/scf v0.8.0 h1:3m9+KZ3pqH8Bj8OejwtVjAkBduxWHWio50FBiJ5enks= +github.com/stackitcloud/stackit-sdk-go/services/scf v0.8.0/go.mod h1:w3rXz3Klz5XxpI7eXpvZTYlu8LQkZJiFxKg6DNBgenQ= github.com/stackitcloud/stackit-sdk-go/services/secretsmanager v0.18.1 h1:U5rstX5e6Am2t+Ukv5K1Sbftzxt5aFALMa9YS4jCJoo= github.com/stackitcloud/stackit-sdk-go/services/secretsmanager v0.18.1/go.mod h1:2XA8PE05Qg6BL2YXO4XgfGI9qskJ3cicLE5Qq0aqDdY= github.com/stackitcloud/stackit-sdk-go/services/serverbackup v1.6.2 h1:NCGehrXvtpFaeH85fU1DWisf3+IgqoGUERY70UfwTUU= github.com/stackitcloud/stackit-sdk-go/services/serverbackup v1.6.2/go.mod h1:BJeafbecuocdirGCAJ2Vz/rPSK/LRrB5lPBEacqd1eU= github.com/stackitcloud/stackit-sdk-go/services/serverupdate v1.5.2 h1:6C/iTPoYPCrZOc3JMmvyDNs4hm+JR5p9O3DIfFGgnbo= github.com/stackitcloud/stackit-sdk-go/services/serverupdate v1.5.2/go.mod h1:/OHYZXQb9KXDdZK5J9C2YS6DJUD2i6ednZ1rK7zpDZ0= -github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.18.1 h1:T/5murYRgKIuieEY4PvLM0WipaSD2MsyR1VuQoKt+MQ= -github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.18.1/go.mod h1:D8P9ZhWfXRE8gNQKUae9pyZGpskS949ezR7QQIGAMp8= -github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.1 h1:Q/0UVLpcYJ+Sye5FWnASMyxmkXw7mPk5i5QFc+me5UU= -github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.1/go.mod h1:DaAUnOHgpL2tX0dejQzW/1b/sFxFhbnIx4PhjY+YuyA= +github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.19.0 h1:VDGfv4VUKo+yogizhjKLzcNa5CR28q6uWDLQs5ntgO0= +github.com/stackitcloud/stackit-sdk-go/services/serviceaccount v0.19.0/go.mod h1:xJNa86o89czK2o60+s46vz8+NSKDTbQduFGFaztJnsA= +github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.3 h1:LM/u2bnB5B9xhSX8S3fC5gYu3VPvWZa+xDndhpI2jc4= +github.com/stackitcloud/stackit-sdk-go/services/serviceenablement v1.5.3/go.mod h1:fXq3TmVLb4JMSve989NFFViMFoYa83s7M3hJWgN6mdQ= github.com/stackitcloud/stackit-sdk-go/services/sfs v0.9.0 h1:JWAFnskRbNKT8x62pZcAMCC+p5hyTEkAyxqFwy39jFA= github.com/stackitcloud/stackit-sdk-go/services/sfs v0.9.0/go.mod h1:jMlBoXqrPNX5nXbo6oT7exalqilw1jiLPoIp4Cn0CdI= -github.com/stackitcloud/stackit-sdk-go/services/ske v1.13.0 h1:CSzqycERxxLsB/x6CJUPqTyqrwiQ6WG23XPlal3Szh0= -github.com/stackitcloud/stackit-sdk-go/services/ske v1.13.0/go.mod h1:Pvzgr+UTnWXlRVhiq2eigcLFIBwfgyviy8m4DLMgI0E= -github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.9.1 h1:wPqWAZX70u2VWIU0PCNhayff8OmGTpI4dZ7VkROwqco= -github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.9.1/go.mod h1:AiUoMAqQcOlMgDtkVJlqI7P/VGD5xjN3dYjERGnwN/M= -github.com/stackitcloud/terraform-provider-stackit v0.94.0 h1:zE+gTOkzz+3ozjJxMRznKk5x7NegDGJe4SC/6vqz/BU= -github.com/stackitcloud/terraform-provider-stackit v0.94.0/go.mod h1:7m8lkTFUP6PbVgCvjXT+2kr742jbJiq5DEcfT0/+w98= +github.com/stackitcloud/stackit-sdk-go/services/ske v1.14.0 h1:Zy3yxmHzW+ydu1naeESMh8psXhUglkOHZ+/F3SJMwX8= +github.com/stackitcloud/stackit-sdk-go/services/ske v1.14.0/go.mod h1:TbqmZhLMofmfl+HhVl6oHYcI3zvXTm1vRjN3A/fOkM4= +github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.10.0 h1:angvO3z0TGqZtdwTDsG/tgTw9hxB76A6leUsiUXQtME= +github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex v1.10.0/go.mod h1:AiUoMAqQcOlMgDtkVJlqI7P/VGD5xjN3dYjERGnwN/M= +github.com/stackitcloud/terraform-provider-stackit v0.95.0 h1:lSuM/udYZjri2oR1MpKm3L910tk7J+68VJBxVXouG50= +github.com/stackitcloud/terraform-provider-stackit v0.95.0/go.mod h1:DmULztqD80XFE0uYIsaYQI3fpQnjXi6YgRxaVgkyWlw= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= @@ -163,14 +161,11 @@ github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IU github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= -github.com/zclconf/go-cty v1.17.0 h1:seZvECve6XX4tmnvRzWtJNHdscMtYEx5R7bnnVyd/d0= -github.com/zclconf/go-cty v1.17.0/go.mod h1:wqFzcImaLTI6A5HfsRwB0nj5n0MRZFwmey8YoFPPs3U= -golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= -golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= +github.com/zclconf/go-cty v1.18.1 h1:yEGE8M4iIZlyKQURZNb2SnEyZlZHUcBCnx6KF81KuwM= +golang.org/x/crypto v0.50.0 h1:zO47/JPrL6vsNkINmLoo/PH1gcxpls50DNogFvB5ZGI= golang.org/x/mod v0.35.0 h1:Ww1D637e6Pg+Zb2KrWfHQUnH2dQRLBQyAtpr/haaJeM= golang.org/x/mod v0.35.0/go.mod h1:+GwiRhIInF8wPm+4AoT6L0FA1QWAad3OMdTRx4tFYlU= -golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= -golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/net v0.53.0 h1:d+qAbo5L0orcWAr0a9JweQpjXF19LMXJE8Ey7hwOdUA= golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -179,12 +174,11 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= -golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= -golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= -golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= -golang.org/x/tools v0.43.0 h1:12BdW9CeB3Z+J/I/wj34VMl8X+fEXBxVR90JeMX5E7s= -golang.org/x/tools v0.43.0/go.mod h1:uHkMso649BX2cZK6+RpuIPXS3ho2hZo4FVwfoy1vIk0= +golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI= +golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/text v0.36.0 h1:JfKh3XmcRPqZPKevfXVpI1wXPTqbkE5f7JA92a55Yxg= +golang.org/x/text v0.36.0/go.mod h1:NIdBknypM8iqVmPiuco0Dh6P5Jcdk8lJL0CUebqK164= +golang.org/x/tools v0.44.0 h1:UP4ajHPIcuMjT1GqzDWRlalUEoY+uzoZKnhOjbIPD2c= google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 h1:m8qni9SQFH0tJc1X0vmnpw/0t+AImlSvp30sEupozUg= diff --git a/sdk/dotnet/GetCdnDistribution.cs b/sdk/dotnet/GetCdnDistribution.cs index 6d35b90..cfb3702 100644 --- a/sdk/dotnet/GetCdnDistribution.cs +++ b/sdk/dotnet/GetCdnDistribution.cs @@ -67,7 +67,7 @@ public static Output Invoke(GetCdnDistributionInvokeAr public sealed class GetCdnDistributionArgs : global::Pulumi.InvokeArgs { /// - /// STACKIT project ID associated with the distribution + /// CDN distribution ID /// [Input("distributionId", required: true)] public string DistributionId { get; set; } = null!; @@ -87,7 +87,7 @@ public GetCdnDistributionArgs() public sealed class GetCdnDistributionInvokeArgs : global::Pulumi.InvokeArgs { /// - /// STACKIT project ID associated with the distribution + /// CDN distribution ID /// [Input("distributionId", required: true)] public Input DistributionId { get; set; } = null!; @@ -117,7 +117,7 @@ public sealed class GetCdnDistributionResult /// public readonly string CreatedAt; /// - /// STACKIT project ID associated with the distribution + /// CDN distribution ID /// public readonly string DistributionId; /// diff --git a/sdk/dotnet/GetObservabilityInstance.cs b/sdk/dotnet/GetObservabilityInstance.cs index 480aa1b..506072a 100644 --- a/sdk/dotnet/GetObservabilityInstance.cs +++ b/sdk/dotnet/GetObservabilityInstance.cs @@ -188,6 +188,9 @@ public sealed class GetObservabilityInstanceResult /// The name of the Observability instance. /// public readonly string Name; + public readonly string OtlpGrpcTracesUrl; + public readonly string OtlpHttpLogsUrl; + public readonly string OtlpHttpTracesUrl; public readonly string OtlpTracesUrl; /// /// Additional parameters. @@ -263,6 +266,12 @@ private GetObservabilityInstanceResult( string name, + string otlpGrpcTracesUrl, + + string otlpHttpLogsUrl, + + string otlpHttpTracesUrl, + string otlpTracesUrl, ImmutableDictionary parameters, @@ -302,6 +311,9 @@ private GetObservabilityInstanceResult( MetricsRetentionDays5mDownsampling = metricsRetentionDays5mDownsampling; MetricsUrl = metricsUrl; Name = name; + OtlpGrpcTracesUrl = otlpGrpcTracesUrl; + OtlpHttpLogsUrl = otlpHttpLogsUrl; + OtlpHttpTracesUrl = otlpHttpTracesUrl; OtlpTracesUrl = otlpTracesUrl; Parameters = parameters; PlanId = planId; diff --git a/sdk/dotnet/GetServer.cs b/sdk/dotnet/GetServer.cs index 1724cc3..b3a3a55 100644 --- a/sdk/dotnet/GetServer.cs +++ b/sdk/dotnet/GetServer.cs @@ -119,6 +119,10 @@ public sealed class GetServerResult /// public readonly string AffinityGroup; /// + /// STACKIT Server Agent as setup on the server + /// + public readonly Outputs.GetServerAgentResult Agent; + /// /// The availability zone of the server. /// public readonly string AvailabilityZone; @@ -187,6 +191,8 @@ public sealed class GetServerResult private GetServerResult( string affinityGroup, + Outputs.GetServerAgentResult agent, + string availabilityZone, Outputs.GetServerBootVolumeResult bootVolume, @@ -220,6 +226,7 @@ private GetServerResult( string userData) { AffinityGroup = affinityGroup; + Agent = agent; AvailabilityZone = availabilityZone; BootVolume = bootVolume; CreatedAt = createdAt; diff --git a/sdk/dotnet/GetServiceAccountFederatedIdentityProvider.cs b/sdk/dotnet/GetServiceAccountFederatedIdentityProvider.cs new file mode 100644 index 0000000..8f0087b --- /dev/null +++ b/sdk/dotnet/GetServiceAccountFederatedIdentityProvider.cs @@ -0,0 +1,189 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit +{ + public static class GetServiceAccountFederatedIdentityProvider + { + /// + /// Service account federated identity provider schema. + /// + /// ## Example Usage + /// + /// ```terraform + /// data "stackit_service_account" "sa" { + /// project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + /// email = "sa01-8565oq1@sa.stackit.cloud" + /// } + /// + /// data "stackit_service_account_federated_identity_provider" "provider" { + /// project_id = data.stackit_service_account.sa.project_id + /// service_account_email = data.stackit_service_account.sa.email + /// federation_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + /// } + /// ``` + /// + public static Task InvokeAsync(GetServiceAccountFederatedIdentityProviderArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", args ?? new GetServiceAccountFederatedIdentityProviderArgs(), options.WithDefaults()); + + /// + /// Service account federated identity provider schema. + /// + /// ## Example Usage + /// + /// ```terraform + /// data "stackit_service_account" "sa" { + /// project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + /// email = "sa01-8565oq1@sa.stackit.cloud" + /// } + /// + /// data "stackit_service_account_federated_identity_provider" "provider" { + /// project_id = data.stackit_service_account.sa.project_id + /// service_account_email = data.stackit_service_account.sa.email + /// federation_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + /// } + /// ``` + /// + public static Output Invoke(GetServiceAccountFederatedIdentityProviderInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", args ?? new GetServiceAccountFederatedIdentityProviderInvokeArgs(), options.WithDefaults()); + + /// + /// Service account federated identity provider schema. + /// + /// ## Example Usage + /// + /// ```terraform + /// data "stackit_service_account" "sa" { + /// project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + /// email = "sa01-8565oq1@sa.stackit.cloud" + /// } + /// + /// data "stackit_service_account_federated_identity_provider" "provider" { + /// project_id = data.stackit_service_account.sa.project_id + /// service_account_email = data.stackit_service_account.sa.email + /// federation_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + /// } + /// ``` + /// + public static Output Invoke(GetServiceAccountFederatedIdentityProviderInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", args ?? new GetServiceAccountFederatedIdentityProviderInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetServiceAccountFederatedIdentityProviderArgs : global::Pulumi.InvokeArgs + { + /// + /// The unique identifier for the federated identity provider associated with the service account. + /// + [Input("federationId", required: true)] + public string FederationId { get; set; } = null!; + + /// + /// The STACKIT project ID associated with the service account. + /// + [Input("projectId", required: true)] + public string ProjectId { get; set; } = null!; + + /// + /// The email address associated with the service account, used for account identification and communication. + /// + [Input("serviceAccountEmail", required: true)] + public string ServiceAccountEmail { get; set; } = null!; + + public GetServiceAccountFederatedIdentityProviderArgs() + { + } + public static new GetServiceAccountFederatedIdentityProviderArgs Empty => new GetServiceAccountFederatedIdentityProviderArgs(); + } + + public sealed class GetServiceAccountFederatedIdentityProviderInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The unique identifier for the federated identity provider associated with the service account. + /// + [Input("federationId", required: true)] + public Input FederationId { get; set; } = null!; + + /// + /// The STACKIT project ID associated with the service account. + /// + [Input("projectId", required: true)] + public Input ProjectId { get; set; } = null!; + + /// + /// The email address associated with the service account, used for account identification and communication. + /// + [Input("serviceAccountEmail", required: true)] + public Input ServiceAccountEmail { get; set; } = null!; + + public GetServiceAccountFederatedIdentityProviderInvokeArgs() + { + } + public static new GetServiceAccountFederatedIdentityProviderInvokeArgs Empty => new GetServiceAccountFederatedIdentityProviderInvokeArgs(); + } + + + [OutputType] + public sealed class GetServiceAccountFederatedIdentityProviderResult + { + /// + /// The assertions for the federated identity provider. + /// + public readonly ImmutableArray Assertions; + /// + /// The unique identifier for the federated identity provider associated with the service account. + /// + public readonly string FederationId; + /// + /// Terraform's internal resource identifier. It is structured as "`ProjectId`,`ServiceAccountEmail`,`FederationId`". + /// + public readonly string Id; + /// + /// The issuer URL. + /// + public readonly string Issuer; + /// + /// The name of the federated identity provider. + /// + public readonly string Name; + /// + /// The STACKIT project ID associated with the service account. + /// + public readonly string ProjectId; + /// + /// The email address associated with the service account, used for account identification and communication. + /// + public readonly string ServiceAccountEmail; + + [OutputConstructor] + private GetServiceAccountFederatedIdentityProviderResult( + ImmutableArray assertions, + + string federationId, + + string id, + + string issuer, + + string name, + + string projectId, + + string serviceAccountEmail) + { + Assertions = assertions; + FederationId = federationId; + Id = id; + Issuer = issuer; + Name = name; + ProjectId = projectId; + ServiceAccountEmail = serviceAccountEmail; + } + } +} diff --git a/sdk/dotnet/Inputs/CdnDistributionConfigArgs.cs b/sdk/dotnet/Inputs/CdnDistributionConfigArgs.cs index 88bd6ba..682841a 100644 --- a/sdk/dotnet/Inputs/CdnDistributionConfigArgs.cs +++ b/sdk/dotnet/Inputs/CdnDistributionConfigArgs.cs @@ -54,6 +54,12 @@ public InputList Regions set => _regions = value; } + /// + /// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + /// + [Input("waf")] + public Input? Waf { get; set; } + public CdnDistributionConfigArgs() { } diff --git a/sdk/dotnet/Inputs/CdnDistributionConfigGetArgs.cs b/sdk/dotnet/Inputs/CdnDistributionConfigGetArgs.cs index 6f8fe23..1ef3b7a 100644 --- a/sdk/dotnet/Inputs/CdnDistributionConfigGetArgs.cs +++ b/sdk/dotnet/Inputs/CdnDistributionConfigGetArgs.cs @@ -54,6 +54,12 @@ public InputList Regions set => _regions = value; } + /// + /// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + /// + [Input("waf")] + public Input? Waf { get; set; } + public CdnDistributionConfigGetArgs() { } diff --git a/sdk/dotnet/Inputs/CdnDistributionConfigWafArgs.cs b/sdk/dotnet/Inputs/CdnDistributionConfigWafArgs.cs new file mode 100644 index 0000000..2958f22 --- /dev/null +++ b/sdk/dotnet/Inputs/CdnDistributionConfigWafArgs.cs @@ -0,0 +1,182 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Inputs +{ + + public sealed class CdnDistributionConfigWafArgs : global::Pulumi.ResourceArgs + { + [Input("allowedHttpMethods")] + private InputList? _allowedHttpMethods; + + /// + /// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + /// + public InputList AllowedHttpMethods + { + get => _allowedHttpMethods ?? (_allowedHttpMethods = new InputList()); + set => _allowedHttpMethods = value; + } + + [Input("allowedHttpVersions")] + private InputList? _allowedHttpVersions; + + /// + /// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + /// + public InputList AllowedHttpVersions + { + get => _allowedHttpVersions ?? (_allowedHttpVersions = new InputList()); + set => _allowedHttpVersions = value; + } + + [Input("allowedRequestContentTypes")] + private InputList? _allowedRequestContentTypes; + + /// + /// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + /// + public InputList AllowedRequestContentTypes + { + get => _allowedRequestContentTypes ?? (_allowedRequestContentTypes = new InputList()); + set => _allowedRequestContentTypes = value; + } + + [Input("disabledRuleCollectionIds")] + private InputList? _disabledRuleCollectionIds; + + /// + /// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList DisabledRuleCollectionIds + { + get => _disabledRuleCollectionIds ?? (_disabledRuleCollectionIds = new InputList()); + set => _disabledRuleCollectionIds = value; + } + + [Input("disabledRuleGroupIds")] + private InputList? _disabledRuleGroupIds; + + /// + /// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList DisabledRuleGroupIds + { + get => _disabledRuleGroupIds ?? (_disabledRuleGroupIds = new InputList()); + set => _disabledRuleGroupIds = value; + } + + [Input("disabledRuleIds")] + private InputList? _disabledRuleIds; + + /// + /// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList DisabledRuleIds + { + get => _disabledRuleIds ?? (_disabledRuleIds = new InputList()); + set => _disabledRuleIds = value; + } + + [Input("enabledRuleCollectionIds")] + private InputList? _enabledRuleCollectionIds; + + /// + /// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList EnabledRuleCollectionIds + { + get => _enabledRuleCollectionIds ?? (_enabledRuleCollectionIds = new InputList()); + set => _enabledRuleCollectionIds = value; + } + + [Input("enabledRuleGroupIds")] + private InputList? _enabledRuleGroupIds; + + /// + /// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList EnabledRuleGroupIds + { + get => _enabledRuleGroupIds ?? (_enabledRuleGroupIds = new InputList()); + set => _enabledRuleGroupIds = value; + } + + [Input("enabledRuleIds")] + private InputList? _enabledRuleIds; + + /// + /// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList EnabledRuleIds + { + get => _enabledRuleIds ?? (_enabledRuleIds = new InputList()); + set => _enabledRuleIds = value; + } + + [Input("logOnlyRuleCollectionIds")] + private InputList? _logOnlyRuleCollectionIds; + + /// + /// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList LogOnlyRuleCollectionIds + { + get => _logOnlyRuleCollectionIds ?? (_logOnlyRuleCollectionIds = new InputList()); + set => _logOnlyRuleCollectionIds = value; + } + + [Input("logOnlyRuleGroupIds")] + private InputList? _logOnlyRuleGroupIds; + + /// + /// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList LogOnlyRuleGroupIds + { + get => _logOnlyRuleGroupIds ?? (_logOnlyRuleGroupIds = new InputList()); + set => _logOnlyRuleGroupIds = value; + } + + [Input("logOnlyRuleIds")] + private InputList? _logOnlyRuleIds; + + /// + /// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList LogOnlyRuleIds + { + get => _logOnlyRuleIds ?? (_logOnlyRuleIds = new InputList()); + set => _logOnlyRuleIds = value; + } + + /// + /// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + /// + [Input("mode")] + public Input? Mode { get; set; } + + /// + /// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + /// + [Input("paranoiaLevel")] + public Input? ParanoiaLevel { get; set; } + + /// + /// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + /// + [Input("type")] + public Input? Type { get; set; } + + public CdnDistributionConfigWafArgs() + { + } + public static new CdnDistributionConfigWafArgs Empty => new CdnDistributionConfigWafArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CdnDistributionConfigWafGetArgs.cs b/sdk/dotnet/Inputs/CdnDistributionConfigWafGetArgs.cs new file mode 100644 index 0000000..863be25 --- /dev/null +++ b/sdk/dotnet/Inputs/CdnDistributionConfigWafGetArgs.cs @@ -0,0 +1,182 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Inputs +{ + + public sealed class CdnDistributionConfigWafGetArgs : global::Pulumi.ResourceArgs + { + [Input("allowedHttpMethods")] + private InputList? _allowedHttpMethods; + + /// + /// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + /// + public InputList AllowedHttpMethods + { + get => _allowedHttpMethods ?? (_allowedHttpMethods = new InputList()); + set => _allowedHttpMethods = value; + } + + [Input("allowedHttpVersions")] + private InputList? _allowedHttpVersions; + + /// + /// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + /// + public InputList AllowedHttpVersions + { + get => _allowedHttpVersions ?? (_allowedHttpVersions = new InputList()); + set => _allowedHttpVersions = value; + } + + [Input("allowedRequestContentTypes")] + private InputList? _allowedRequestContentTypes; + + /// + /// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + /// + public InputList AllowedRequestContentTypes + { + get => _allowedRequestContentTypes ?? (_allowedRequestContentTypes = new InputList()); + set => _allowedRequestContentTypes = value; + } + + [Input("disabledRuleCollectionIds")] + private InputList? _disabledRuleCollectionIds; + + /// + /// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList DisabledRuleCollectionIds + { + get => _disabledRuleCollectionIds ?? (_disabledRuleCollectionIds = new InputList()); + set => _disabledRuleCollectionIds = value; + } + + [Input("disabledRuleGroupIds")] + private InputList? _disabledRuleGroupIds; + + /// + /// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList DisabledRuleGroupIds + { + get => _disabledRuleGroupIds ?? (_disabledRuleGroupIds = new InputList()); + set => _disabledRuleGroupIds = value; + } + + [Input("disabledRuleIds")] + private InputList? _disabledRuleIds; + + /// + /// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList DisabledRuleIds + { + get => _disabledRuleIds ?? (_disabledRuleIds = new InputList()); + set => _disabledRuleIds = value; + } + + [Input("enabledRuleCollectionIds")] + private InputList? _enabledRuleCollectionIds; + + /// + /// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList EnabledRuleCollectionIds + { + get => _enabledRuleCollectionIds ?? (_enabledRuleCollectionIds = new InputList()); + set => _enabledRuleCollectionIds = value; + } + + [Input("enabledRuleGroupIds")] + private InputList? _enabledRuleGroupIds; + + /// + /// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList EnabledRuleGroupIds + { + get => _enabledRuleGroupIds ?? (_enabledRuleGroupIds = new InputList()); + set => _enabledRuleGroupIds = value; + } + + [Input("enabledRuleIds")] + private InputList? _enabledRuleIds; + + /// + /// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList EnabledRuleIds + { + get => _enabledRuleIds ?? (_enabledRuleIds = new InputList()); + set => _enabledRuleIds = value; + } + + [Input("logOnlyRuleCollectionIds")] + private InputList? _logOnlyRuleCollectionIds; + + /// + /// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList LogOnlyRuleCollectionIds + { + get => _logOnlyRuleCollectionIds ?? (_logOnlyRuleCollectionIds = new InputList()); + set => _logOnlyRuleCollectionIds = value; + } + + [Input("logOnlyRuleGroupIds")] + private InputList? _logOnlyRuleGroupIds; + + /// + /// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList LogOnlyRuleGroupIds + { + get => _logOnlyRuleGroupIds ?? (_logOnlyRuleGroupIds = new InputList()); + set => _logOnlyRuleGroupIds = value; + } + + [Input("logOnlyRuleIds")] + private InputList? _logOnlyRuleIds; + + /// + /// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public InputList LogOnlyRuleIds + { + get => _logOnlyRuleIds ?? (_logOnlyRuleIds = new InputList()); + set => _logOnlyRuleIds = value; + } + + /// + /// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + /// + [Input("mode")] + public Input? Mode { get; set; } + + /// + /// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + /// + [Input("paranoiaLevel")] + public Input? ParanoiaLevel { get; set; } + + /// + /// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + /// + [Input("type")] + public Input? Type { get; set; } + + public CdnDistributionConfigWafGetArgs() + { + } + public static new CdnDistributionConfigWafGetArgs Empty => new CdnDistributionConfigWafGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ServerAgentArgs.cs b/sdk/dotnet/Inputs/ServerAgentArgs.cs new file mode 100644 index 0000000..04ba2df --- /dev/null +++ b/sdk/dotnet/Inputs/ServerAgentArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Inputs +{ + + public sealed class ServerAgentArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether a STACKIT Server Agent is provisioned at the server + /// + [Input("provisioned")] + public Input? Provisioned { get; set; } + + /// + /// Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + /// + [Input("provisioningPolicy")] + public Input? ProvisioningPolicy { get; set; } + + public ServerAgentArgs() + { + } + public static new ServerAgentArgs Empty => new ServerAgentArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ServerAgentGetArgs.cs b/sdk/dotnet/Inputs/ServerAgentGetArgs.cs new file mode 100644 index 0000000..c527605 --- /dev/null +++ b/sdk/dotnet/Inputs/ServerAgentGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Inputs +{ + + public sealed class ServerAgentGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether a STACKIT Server Agent is provisioned at the server + /// + [Input("provisioned")] + public Input? Provisioned { get; set; } + + /// + /// Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + /// + [Input("provisioningPolicy")] + public Input? ProvisioningPolicy { get; set; } + + public ServerAgentGetArgs() + { + } + public static new ServerAgentGetArgs Empty => new ServerAgentGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ServiceAccountFederatedIdentityProviderAssertionArgs.cs b/sdk/dotnet/Inputs/ServiceAccountFederatedIdentityProviderAssertionArgs.cs new file mode 100644 index 0000000..ec96e3b --- /dev/null +++ b/sdk/dotnet/Inputs/ServiceAccountFederatedIdentityProviderAssertionArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Inputs +{ + + public sealed class ServiceAccountFederatedIdentityProviderAssertionArgs : global::Pulumi.ResourceArgs + { + /// + /// The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + /// + [Input("item", required: true)] + public Input Item { get; set; } = null!; + + /// + /// The assertion operator. Currently, the only supported operator is "equals". + /// + [Input("operator", required: true)] + public Input Operator { get; set; } = null!; + + /// + /// The assertion value. + /// + [Input("value", required: true)] + public Input Value { get; set; } = null!; + + public ServiceAccountFederatedIdentityProviderAssertionArgs() + { + } + public static new ServiceAccountFederatedIdentityProviderAssertionArgs Empty => new ServiceAccountFederatedIdentityProviderAssertionArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ServiceAccountFederatedIdentityProviderAssertionGetArgs.cs b/sdk/dotnet/Inputs/ServiceAccountFederatedIdentityProviderAssertionGetArgs.cs new file mode 100644 index 0000000..9613822 --- /dev/null +++ b/sdk/dotnet/Inputs/ServiceAccountFederatedIdentityProviderAssertionGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Inputs +{ + + public sealed class ServiceAccountFederatedIdentityProviderAssertionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + /// + [Input("item", required: true)] + public Input Item { get; set; } = null!; + + /// + /// The assertion operator. Currently, the only supported operator is "equals". + /// + [Input("operator", required: true)] + public Input Operator { get; set; } = null!; + + /// + /// The assertion value. + /// + [Input("value", required: true)] + public Input Value { get; set; } = null!; + + public ServiceAccountFederatedIdentityProviderAssertionGetArgs() + { + } + public static new ServiceAccountFederatedIdentityProviderAssertionGetArgs Empty => new ServiceAccountFederatedIdentityProviderAssertionGetArgs(); + } +} diff --git a/sdk/dotnet/ObservabilityInstance.cs b/sdk/dotnet/ObservabilityInstance.cs index f0b2061..79db6f5 100644 --- a/sdk/dotnet/ObservabilityInstance.cs +++ b/sdk/dotnet/ObservabilityInstance.cs @@ -143,6 +143,15 @@ public partial class ObservabilityInstance : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + [Output("otlpGrpcTracesUrl")] + public Output OtlpGrpcTracesUrl { get; private set; } = null!; + + [Output("otlpHttpLogsUrl")] + public Output OtlpHttpLogsUrl { get; private set; } = null!; + + [Output("otlpHttpTracesUrl")] + public Output OtlpHttpTracesUrl { get; private set; } = null!; + [Output("otlpTracesUrl")] public Output OtlpTracesUrl { get; private set; } = null!; @@ -471,6 +480,15 @@ public Input? GrafanaInitialAdminPassword [Input("name")] public Input? Name { get; set; } + [Input("otlpGrpcTracesUrl")] + public Input? OtlpGrpcTracesUrl { get; set; } + + [Input("otlpHttpLogsUrl")] + public Input? OtlpHttpLogsUrl { get; set; } + + [Input("otlpHttpTracesUrl")] + public Input? OtlpHttpTracesUrl { get; set; } + [Input("otlpTracesUrl")] public Input? OtlpTracesUrl { get; set; } diff --git a/sdk/dotnet/Outputs/CdnDistributionConfig.cs b/sdk/dotnet/Outputs/CdnDistributionConfig.cs index 3fad3e7..2d8977c 100644 --- a/sdk/dotnet/Outputs/CdnDistributionConfig.cs +++ b/sdk/dotnet/Outputs/CdnDistributionConfig.cs @@ -33,6 +33,10 @@ public sealed class CdnDistributionConfig /// The configured regions where content will be hosted /// public readonly ImmutableArray Regions; + /// + /// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + /// + public readonly Outputs.CdnDistributionConfigWaf? Waf; [OutputConstructor] private CdnDistributionConfig( @@ -44,13 +48,16 @@ private CdnDistributionConfig( Outputs.CdnDistributionConfigRedirects? redirects, - ImmutableArray regions) + ImmutableArray regions, + + Outputs.CdnDistributionConfigWaf? waf) { Backend = backend; BlockedCountries = blockedCountries; Optimizer = optimizer; Redirects = redirects; Regions = regions; + Waf = waf; } } } diff --git a/sdk/dotnet/Outputs/CdnDistributionConfigWaf.cs b/sdk/dotnet/Outputs/CdnDistributionConfigWaf.cs new file mode 100644 index 0000000..7def57c --- /dev/null +++ b/sdk/dotnet/Outputs/CdnDistributionConfigWaf.cs @@ -0,0 +1,126 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Outputs +{ + + [OutputType] + public sealed class CdnDistributionConfigWaf + { + /// + /// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + /// + public readonly ImmutableArray AllowedHttpMethods; + /// + /// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + /// + public readonly ImmutableArray AllowedHttpVersions; + /// + /// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + /// + public readonly ImmutableArray AllowedRequestContentTypes; + /// + /// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray DisabledRuleCollectionIds; + /// + /// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray DisabledRuleGroupIds; + /// + /// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray DisabledRuleIds; + /// + /// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray EnabledRuleCollectionIds; + /// + /// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray EnabledRuleGroupIds; + /// + /// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray EnabledRuleIds; + /// + /// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray LogOnlyRuleCollectionIds; + /// + /// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray LogOnlyRuleGroupIds; + /// + /// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray LogOnlyRuleIds; + /// + /// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + /// + public readonly string? Mode; + /// + /// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + /// + public readonly string? ParanoiaLevel; + /// + /// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + /// + public readonly string? Type; + + [OutputConstructor] + private CdnDistributionConfigWaf( + ImmutableArray allowedHttpMethods, + + ImmutableArray allowedHttpVersions, + + ImmutableArray allowedRequestContentTypes, + + ImmutableArray disabledRuleCollectionIds, + + ImmutableArray disabledRuleGroupIds, + + ImmutableArray disabledRuleIds, + + ImmutableArray enabledRuleCollectionIds, + + ImmutableArray enabledRuleGroupIds, + + ImmutableArray enabledRuleIds, + + ImmutableArray logOnlyRuleCollectionIds, + + ImmutableArray logOnlyRuleGroupIds, + + ImmutableArray logOnlyRuleIds, + + string? mode, + + string? paranoiaLevel, + + string? type) + { + AllowedHttpMethods = allowedHttpMethods; + AllowedHttpVersions = allowedHttpVersions; + AllowedRequestContentTypes = allowedRequestContentTypes; + DisabledRuleCollectionIds = disabledRuleCollectionIds; + DisabledRuleGroupIds = disabledRuleGroupIds; + DisabledRuleIds = disabledRuleIds; + EnabledRuleCollectionIds = enabledRuleCollectionIds; + EnabledRuleGroupIds = enabledRuleGroupIds; + EnabledRuleIds = enabledRuleIds; + LogOnlyRuleCollectionIds = logOnlyRuleCollectionIds; + LogOnlyRuleGroupIds = logOnlyRuleGroupIds; + LogOnlyRuleIds = logOnlyRuleIds; + Mode = mode; + ParanoiaLevel = paranoiaLevel; + Type = type; + } + } +} diff --git a/sdk/dotnet/Outputs/GetCdnDistributionConfigResult.cs b/sdk/dotnet/Outputs/GetCdnDistributionConfigResult.cs index 2f18f5f..a9ac2ef 100644 --- a/sdk/dotnet/Outputs/GetCdnDistributionConfigResult.cs +++ b/sdk/dotnet/Outputs/GetCdnDistributionConfigResult.cs @@ -33,6 +33,10 @@ public sealed class GetCdnDistributionConfigResult /// The configured regions where content will be hosted /// public readonly ImmutableArray Regions; + /// + /// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + /// + public readonly Outputs.GetCdnDistributionConfigWafResult Waf; [OutputConstructor] private GetCdnDistributionConfigResult( @@ -44,13 +48,16 @@ private GetCdnDistributionConfigResult( Outputs.GetCdnDistributionConfigRedirectsResult redirects, - ImmutableArray regions) + ImmutableArray regions, + + Outputs.GetCdnDistributionConfigWafResult waf) { Backend = backend; BlockedCountries = blockedCountries; Optimizer = optimizer; Redirects = redirects; Regions = regions; + Waf = waf; } } } diff --git a/sdk/dotnet/Outputs/GetCdnDistributionConfigWafResult.cs b/sdk/dotnet/Outputs/GetCdnDistributionConfigWafResult.cs new file mode 100644 index 0000000..ac7aac7 --- /dev/null +++ b/sdk/dotnet/Outputs/GetCdnDistributionConfigWafResult.cs @@ -0,0 +1,126 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Outputs +{ + + [OutputType] + public sealed class GetCdnDistributionConfigWafResult + { + /// + /// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + /// + public readonly ImmutableArray AllowedHttpMethods; + /// + /// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + /// + public readonly ImmutableArray AllowedHttpVersions; + /// + /// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + /// + public readonly ImmutableArray AllowedRequestContentTypes; + /// + /// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray DisabledRuleCollectionIds; + /// + /// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray DisabledRuleGroupIds; + /// + /// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray DisabledRuleIds; + /// + /// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray EnabledRuleCollectionIds; + /// + /// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray EnabledRuleGroupIds; + /// + /// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray EnabledRuleIds; + /// + /// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray LogOnlyRuleCollectionIds; + /// + /// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray LogOnlyRuleGroupIds; + /// + /// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + /// + public readonly ImmutableArray LogOnlyRuleIds; + /// + /// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + /// + public readonly string Mode; + /// + /// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + /// + public readonly string ParanoiaLevel; + /// + /// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + /// + public readonly string Type; + + [OutputConstructor] + private GetCdnDistributionConfigWafResult( + ImmutableArray allowedHttpMethods, + + ImmutableArray allowedHttpVersions, + + ImmutableArray allowedRequestContentTypes, + + ImmutableArray disabledRuleCollectionIds, + + ImmutableArray disabledRuleGroupIds, + + ImmutableArray disabledRuleIds, + + ImmutableArray enabledRuleCollectionIds, + + ImmutableArray enabledRuleGroupIds, + + ImmutableArray enabledRuleIds, + + ImmutableArray logOnlyRuleCollectionIds, + + ImmutableArray logOnlyRuleGroupIds, + + ImmutableArray logOnlyRuleIds, + + string mode, + + string paranoiaLevel, + + string type) + { + AllowedHttpMethods = allowedHttpMethods; + AllowedHttpVersions = allowedHttpVersions; + AllowedRequestContentTypes = allowedRequestContentTypes; + DisabledRuleCollectionIds = disabledRuleCollectionIds; + DisabledRuleGroupIds = disabledRuleGroupIds; + DisabledRuleIds = disabledRuleIds; + EnabledRuleCollectionIds = enabledRuleCollectionIds; + EnabledRuleGroupIds = enabledRuleGroupIds; + EnabledRuleIds = enabledRuleIds; + LogOnlyRuleCollectionIds = logOnlyRuleCollectionIds; + LogOnlyRuleGroupIds = logOnlyRuleGroupIds; + LogOnlyRuleIds = logOnlyRuleIds; + Mode = mode; + ParanoiaLevel = paranoiaLevel; + Type = type; + } + } +} diff --git a/sdk/dotnet/Outputs/GetServerAgentResult.cs b/sdk/dotnet/Outputs/GetServerAgentResult.cs new file mode 100644 index 0000000..6a24786 --- /dev/null +++ b/sdk/dotnet/Outputs/GetServerAgentResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Outputs +{ + + [OutputType] + public sealed class GetServerAgentResult + { + /// + /// Whether a STACKIT Server Agent is provisioned at the server + /// + public readonly bool Provisioned; + + [OutputConstructor] + private GetServerAgentResult(bool provisioned) + { + Provisioned = provisioned; + } + } +} diff --git a/sdk/dotnet/Outputs/GetServiceAccountFederatedIdentityProviderAssertionResult.cs b/sdk/dotnet/Outputs/GetServiceAccountFederatedIdentityProviderAssertionResult.cs new file mode 100644 index 0000000..e1020db --- /dev/null +++ b/sdk/dotnet/Outputs/GetServiceAccountFederatedIdentityProviderAssertionResult.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Outputs +{ + + [OutputType] + public sealed class GetServiceAccountFederatedIdentityProviderAssertionResult + { + /// + /// The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + /// + public readonly string Item; + /// + /// The assertion operator. Currently, the only supported operator is "equals". + /// + public readonly string Operator; + /// + /// The assertion value. + /// + public readonly string Value; + + [OutputConstructor] + private GetServiceAccountFederatedIdentityProviderAssertionResult( + string item, + + string @operator, + + string value) + { + Item = item; + Operator = @operator; + Value = value; + } + } +} diff --git a/sdk/dotnet/Outputs/ServerAgent.cs b/sdk/dotnet/Outputs/ServerAgent.cs new file mode 100644 index 0000000..b25ac97 --- /dev/null +++ b/sdk/dotnet/Outputs/ServerAgent.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Outputs +{ + + [OutputType] + public sealed class ServerAgent + { + /// + /// Whether a STACKIT Server Agent is provisioned at the server + /// + public readonly bool? Provisioned; + /// + /// Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + /// + public readonly string? ProvisioningPolicy; + + [OutputConstructor] + private ServerAgent( + bool? provisioned, + + string? provisioningPolicy) + { + Provisioned = provisioned; + ProvisioningPolicy = provisioningPolicy; + } + } +} diff --git a/sdk/dotnet/Outputs/ServiceAccountFederatedIdentityProviderAssertion.cs b/sdk/dotnet/Outputs/ServiceAccountFederatedIdentityProviderAssertion.cs new file mode 100644 index 0000000..c16388c --- /dev/null +++ b/sdk/dotnet/Outputs/ServiceAccountFederatedIdentityProviderAssertion.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit.Outputs +{ + + [OutputType] + public sealed class ServiceAccountFederatedIdentityProviderAssertion + { + /// + /// The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + /// + public readonly string Item; + /// + /// The assertion operator. Currently, the only supported operator is "equals". + /// + public readonly string Operator; + /// + /// The assertion value. + /// + public readonly string Value; + + [OutputConstructor] + private ServiceAccountFederatedIdentityProviderAssertion( + string item, + + string @operator, + + string value) + { + Item = item; + Operator = @operator; + Value = value; + } + } +} diff --git a/sdk/dotnet/Server.cs b/sdk/dotnet/Server.cs index b0e0a55..e293d6c 100644 --- a/sdk/dotnet/Server.cs +++ b/sdk/dotnet/Server.cs @@ -37,6 +37,12 @@ public partial class Server : global::Pulumi.CustomResource [Output("affinityGroup")] public Output AffinityGroup { get; private set; } = null!; + /// + /// The STACKIT Server Agent configured for the server + /// + [Output("agent")] + public Output Agent { get; private set; } = null!; + /// /// The availability zone of the server. /// @@ -186,6 +192,12 @@ public sealed class ServerArgs : global::Pulumi.ResourceArgs [Input("affinityGroup")] public Input? AffinityGroup { get; set; } + /// + /// The STACKIT Server Agent configured for the server + /// + [Input("agent")] + public Input? Agent { get; set; } + /// /// The availability zone of the server. /// @@ -284,6 +296,12 @@ public sealed class ServerState : global::Pulumi.ResourceArgs [Input("affinityGroup")] public Input? AffinityGroup { get; set; } + /// + /// The STACKIT Server Agent configured for the server + /// + [Input("agent")] + public Input? Agent { get; set; } + /// /// The availability zone of the server. /// diff --git a/sdk/dotnet/ServiceAccountFederatedIdentityProvider.cs b/sdk/dotnet/ServiceAccountFederatedIdentityProvider.cs new file mode 100644 index 0000000..306bf41 --- /dev/null +++ b/sdk/dotnet/ServiceAccountFederatedIdentityProvider.cs @@ -0,0 +1,197 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Stackit +{ + /// + /// Service account federated identity provider schema. + /// ## Example Usage + /// + /// ### Create a federated identity provider + /// + /// ### Additional Examples + /// + [StackitResourceType("stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider")] + public partial class ServiceAccountFederatedIdentityProvider : global::Pulumi.CustomResource + { + /// + /// The assertions for the federated identity provider. + /// + [Output("assertions")] + public Output> Assertions { get; private set; } = null!; + + /// + /// The unique identifier for the federated identity provider associated with the service account. + /// + [Output("federationId")] + public Output FederationId { get; private set; } = null!; + + /// + /// The issuer URL. + /// + [Output("issuer")] + public Output Issuer { get; private set; } = null!; + + /// + /// The name of the federated identity provider. + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The STACKIT project ID associated with the service account. + /// + [Output("projectId")] + public Output ProjectId { get; private set; } = null!; + + /// + /// The email address associated with the service account, used for account identification and communication. + /// + [Output("serviceAccountEmail")] + public Output ServiceAccountEmail { get; private set; } = null!; + + + /// + /// Create a ServiceAccountFederatedIdentityProvider resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ServiceAccountFederatedIdentityProvider(string name, ServiceAccountFederatedIdentityProviderArgs args, CustomResourceOptions? options = null) + : base("stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider", name, args ?? new ServiceAccountFederatedIdentityProviderArgs(), MakeResourceOptions(options, "")) + { + } + + private ServiceAccountFederatedIdentityProvider(string name, Input id, ServiceAccountFederatedIdentityProviderState? state = null, CustomResourceOptions? options = null) + : base("stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + PluginDownloadURL = "github://api.github.com/stackitcloud/pulumi-stackit", + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ServiceAccountFederatedIdentityProvider resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static ServiceAccountFederatedIdentityProvider Get(string name, Input id, ServiceAccountFederatedIdentityProviderState? state = null, CustomResourceOptions? options = null) + { + return new ServiceAccountFederatedIdentityProvider(name, id, state, options); + } + } + + public sealed class ServiceAccountFederatedIdentityProviderArgs : global::Pulumi.ResourceArgs + { + [Input("assertions", required: true)] + private InputList? _assertions; + + /// + /// The assertions for the federated identity provider. + /// + public InputList Assertions + { + get => _assertions ?? (_assertions = new InputList()); + set => _assertions = value; + } + + /// + /// The issuer URL. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// The name of the federated identity provider. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The STACKIT project ID associated with the service account. + /// + [Input("projectId", required: true)] + public Input ProjectId { get; set; } = null!; + + /// + /// The email address associated with the service account, used for account identification and communication. + /// + [Input("serviceAccountEmail", required: true)] + public Input ServiceAccountEmail { get; set; } = null!; + + public ServiceAccountFederatedIdentityProviderArgs() + { + } + public static new ServiceAccountFederatedIdentityProviderArgs Empty => new ServiceAccountFederatedIdentityProviderArgs(); + } + + public sealed class ServiceAccountFederatedIdentityProviderState : global::Pulumi.ResourceArgs + { + [Input("assertions")] + private InputList? _assertions; + + /// + /// The assertions for the federated identity provider. + /// + public InputList Assertions + { + get => _assertions ?? (_assertions = new InputList()); + set => _assertions = value; + } + + /// + /// The unique identifier for the federated identity provider associated with the service account. + /// + [Input("federationId")] + public Input? FederationId { get; set; } + + /// + /// The issuer URL. + /// + [Input("issuer")] + public Input? Issuer { get; set; } + + /// + /// The name of the federated identity provider. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The STACKIT project ID associated with the service account. + /// + [Input("projectId")] + public Input? ProjectId { get; set; } + + /// + /// The email address associated with the service account, used for account identification and communication. + /// + [Input("serviceAccountEmail")] + public Input? ServiceAccountEmail { get; set; } + + public ServiceAccountFederatedIdentityProviderState() + { + } + public static new ServiceAccountFederatedIdentityProviderState Empty => new ServiceAccountFederatedIdentityProviderState(); + } +} diff --git a/sdk/go/stackit/getCdnDistribution.go b/sdk/go/stackit/getCdnDistribution.go index e151354..f050fdf 100644 --- a/sdk/go/stackit/getCdnDistribution.go +++ b/sdk/go/stackit/getCdnDistribution.go @@ -28,7 +28,7 @@ func LookupCdnDistribution(ctx *pulumi.Context, args *LookupCdnDistributionArgs, // A collection of arguments for invoking getCdnDistribution. type LookupCdnDistributionArgs struct { - // STACKIT project ID associated with the distribution + // CDN distribution ID DistributionId string `pulumi:"distributionId"` // STACKIT project ID associated with the distribution ProjectId string `pulumi:"projectId"` @@ -40,7 +40,7 @@ type LookupCdnDistributionResult struct { Config GetCdnDistributionConfig `pulumi:"config"` // Time when the distribution was created CreatedAt string `pulumi:"createdAt"` - // STACKIT project ID associated with the distribution + // CDN distribution ID DistributionId string `pulumi:"distributionId"` // List of configured domains for the distribution Domains []GetCdnDistributionDomain `pulumi:"domains"` @@ -67,7 +67,7 @@ func LookupCdnDistributionOutput(ctx *pulumi.Context, args LookupCdnDistribution // A collection of arguments for invoking getCdnDistribution. type LookupCdnDistributionOutputArgs struct { - // STACKIT project ID associated with the distribution + // CDN distribution ID DistributionId pulumi.StringInput `pulumi:"distributionId"` // STACKIT project ID associated with the distribution ProjectId pulumi.StringInput `pulumi:"projectId"` @@ -102,7 +102,7 @@ func (o LookupCdnDistributionResultOutput) CreatedAt() pulumi.StringOutput { return o.ApplyT(func(v LookupCdnDistributionResult) string { return v.CreatedAt }).(pulumi.StringOutput) } -// STACKIT project ID associated with the distribution +// CDN distribution ID func (o LookupCdnDistributionResultOutput) DistributionId() pulumi.StringOutput { return o.ApplyT(func(v LookupCdnDistributionResult) string { return v.DistributionId }).(pulumi.StringOutput) } diff --git a/sdk/go/stackit/getObservabilityInstance.go b/sdk/go/stackit/getObservabilityInstance.go index 475fcad..7f92eeb 100644 --- a/sdk/go/stackit/getObservabilityInstance.go +++ b/sdk/go/stackit/getObservabilityInstance.go @@ -81,8 +81,11 @@ type LookupObservabilityInstanceResult struct { // Specifies metrics URL. MetricsUrl string `pulumi:"metricsUrl"` // The name of the Observability instance. - Name string `pulumi:"name"` - OtlpTracesUrl string `pulumi:"otlpTracesUrl"` + Name string `pulumi:"name"` + OtlpGrpcTracesUrl string `pulumi:"otlpGrpcTracesUrl"` + OtlpHttpLogsUrl string `pulumi:"otlpHttpLogsUrl"` + OtlpHttpTracesUrl string `pulumi:"otlpHttpTracesUrl"` + OtlpTracesUrl string `pulumi:"otlpTracesUrl"` // Additional parameters. Parameters map[string]string `pulumi:"parameters"` // The Observability plan ID. @@ -251,6 +254,18 @@ func (o LookupObservabilityInstanceResultOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v LookupObservabilityInstanceResult) string { return v.Name }).(pulumi.StringOutput) } +func (o LookupObservabilityInstanceResultOutput) OtlpGrpcTracesUrl() pulumi.StringOutput { + return o.ApplyT(func(v LookupObservabilityInstanceResult) string { return v.OtlpGrpcTracesUrl }).(pulumi.StringOutput) +} + +func (o LookupObservabilityInstanceResultOutput) OtlpHttpLogsUrl() pulumi.StringOutput { + return o.ApplyT(func(v LookupObservabilityInstanceResult) string { return v.OtlpHttpLogsUrl }).(pulumi.StringOutput) +} + +func (o LookupObservabilityInstanceResultOutput) OtlpHttpTracesUrl() pulumi.StringOutput { + return o.ApplyT(func(v LookupObservabilityInstanceResult) string { return v.OtlpHttpTracesUrl }).(pulumi.StringOutput) +} + func (o LookupObservabilityInstanceResultOutput) OtlpTracesUrl() pulumi.StringOutput { return o.ApplyT(func(v LookupObservabilityInstanceResult) string { return v.OtlpTracesUrl }).(pulumi.StringOutput) } diff --git a/sdk/go/stackit/getServer.go b/sdk/go/stackit/getServer.go index e99889a..7e54c36 100644 --- a/sdk/go/stackit/getServer.go +++ b/sdk/go/stackit/getServer.go @@ -38,6 +38,8 @@ type LookupServerArgs struct { type LookupServerResult struct { // The affinity group the server is assigned to. AffinityGroup string `pulumi:"affinityGroup"` + // STACKIT Server Agent as setup on the server + Agent GetServerAgent `pulumi:"agent"` // The availability zone of the server. AvailabilityZone string `pulumi:"availabilityZone"` // The boot volume for the server @@ -115,6 +117,11 @@ func (o LookupServerResultOutput) AffinityGroup() pulumi.StringOutput { return o.ApplyT(func(v LookupServerResult) string { return v.AffinityGroup }).(pulumi.StringOutput) } +// STACKIT Server Agent as setup on the server +func (o LookupServerResultOutput) Agent() GetServerAgentOutput { + return o.ApplyT(func(v LookupServerResult) GetServerAgent { return v.Agent }).(GetServerAgentOutput) +} + // The availability zone of the server. func (o LookupServerResultOutput) AvailabilityZone() pulumi.StringOutput { return o.ApplyT(func(v LookupServerResult) string { return v.AvailabilityZone }).(pulumi.StringOutput) diff --git a/sdk/go/stackit/getServiceAccountFederatedIdentityProvider.go b/sdk/go/stackit/getServiceAccountFederatedIdentityProvider.go new file mode 100644 index 0000000..513510c --- /dev/null +++ b/sdk/go/stackit/getServiceAccountFederatedIdentityProvider.go @@ -0,0 +1,132 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package stackit + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/stackitcloud/pulumi-stackit/sdk/go/stackit/internal" +) + +// Service account federated identity provider schema. +// +// ## Example Usage +func LookupServiceAccountFederatedIdentityProvider(ctx *pulumi.Context, args *LookupServiceAccountFederatedIdentityProviderArgs, opts ...pulumi.InvokeOption) (*LookupServiceAccountFederatedIdentityProviderResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupServiceAccountFederatedIdentityProviderResult + err := ctx.Invoke("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getServiceAccountFederatedIdentityProvider. +type LookupServiceAccountFederatedIdentityProviderArgs struct { + // The unique identifier for the federated identity provider associated with the service account. + FederationId string `pulumi:"federationId"` + // The STACKIT project ID associated with the service account. + ProjectId string `pulumi:"projectId"` + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail string `pulumi:"serviceAccountEmail"` +} + +// A collection of values returned by getServiceAccountFederatedIdentityProvider. +type LookupServiceAccountFederatedIdentityProviderResult struct { + // The assertions for the federated identity provider. + Assertions []GetServiceAccountFederatedIdentityProviderAssertion `pulumi:"assertions"` + // The unique identifier for the federated identity provider associated with the service account. + FederationId string `pulumi:"federationId"` + // Terraform's internal resource identifier. It is structured as "`projectId`,`serviceAccountEmail`,`federationId`". + Id string `pulumi:"id"` + // The issuer URL. + Issuer string `pulumi:"issuer"` + // The name of the federated identity provider. + Name string `pulumi:"name"` + // The STACKIT project ID associated with the service account. + ProjectId string `pulumi:"projectId"` + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail string `pulumi:"serviceAccountEmail"` +} + +func LookupServiceAccountFederatedIdentityProviderOutput(ctx *pulumi.Context, args LookupServiceAccountFederatedIdentityProviderOutputArgs, opts ...pulumi.InvokeOption) LookupServiceAccountFederatedIdentityProviderResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupServiceAccountFederatedIdentityProviderResultOutput, error) { + args := v.(LookupServiceAccountFederatedIdentityProviderArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", args, LookupServiceAccountFederatedIdentityProviderResultOutput{}, options).(LookupServiceAccountFederatedIdentityProviderResultOutput), nil + }).(LookupServiceAccountFederatedIdentityProviderResultOutput) +} + +// A collection of arguments for invoking getServiceAccountFederatedIdentityProvider. +type LookupServiceAccountFederatedIdentityProviderOutputArgs struct { + // The unique identifier for the federated identity provider associated with the service account. + FederationId pulumi.StringInput `pulumi:"federationId"` + // The STACKIT project ID associated with the service account. + ProjectId pulumi.StringInput `pulumi:"projectId"` + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail pulumi.StringInput `pulumi:"serviceAccountEmail"` +} + +func (LookupServiceAccountFederatedIdentityProviderOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupServiceAccountFederatedIdentityProviderArgs)(nil)).Elem() +} + +// A collection of values returned by getServiceAccountFederatedIdentityProvider. +type LookupServiceAccountFederatedIdentityProviderResultOutput struct{ *pulumi.OutputState } + +func (LookupServiceAccountFederatedIdentityProviderResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupServiceAccountFederatedIdentityProviderResult)(nil)).Elem() +} + +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) ToLookupServiceAccountFederatedIdentityProviderResultOutput() LookupServiceAccountFederatedIdentityProviderResultOutput { + return o +} + +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) ToLookupServiceAccountFederatedIdentityProviderResultOutputWithContext(ctx context.Context) LookupServiceAccountFederatedIdentityProviderResultOutput { + return o +} + +// The assertions for the federated identity provider. +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) Assertions() GetServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) []GetServiceAccountFederatedIdentityProviderAssertion { + return v.Assertions + }).(GetServiceAccountFederatedIdentityProviderAssertionArrayOutput) +} + +// The unique identifier for the federated identity provider associated with the service account. +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) FederationId() pulumi.StringOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) string { return v.FederationId }).(pulumi.StringOutput) +} + +// Terraform's internal resource identifier. It is structured as "`projectId`,`serviceAccountEmail`,`federationId`". +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) string { return v.Id }).(pulumi.StringOutput) +} + +// The issuer URL. +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) string { return v.Issuer }).(pulumi.StringOutput) +} + +// The name of the federated identity provider. +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) string { return v.Name }).(pulumi.StringOutput) +} + +// The STACKIT project ID associated with the service account. +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) ProjectId() pulumi.StringOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) string { return v.ProjectId }).(pulumi.StringOutput) +} + +// The email address associated with the service account, used for account identification and communication. +func (o LookupServiceAccountFederatedIdentityProviderResultOutput) ServiceAccountEmail() pulumi.StringOutput { + return o.ApplyT(func(v LookupServiceAccountFederatedIdentityProviderResult) string { return v.ServiceAccountEmail }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupServiceAccountFederatedIdentityProviderResultOutput{}) +} diff --git a/sdk/go/stackit/init.go b/sdk/go/stackit/init.go index 100978b..e9ae971 100644 --- a/sdk/go/stackit/init.go +++ b/sdk/go/stackit/init.go @@ -181,6 +181,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &ServerVolumeAttach{} case "stackit:index/serviceAccount:ServiceAccount": r = &ServiceAccount{} + case "stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider": + r = &ServiceAccountFederatedIdentityProvider{} case "stackit:index/serviceAccountKey:ServiceAccountKey": r = &ServiceAccountKey{} case "stackit:index/sfsExportPolicy:SfsExportPolicy": @@ -632,6 +634,11 @@ func init() { "index/serviceAccount", &module{version}, ) + pulumi.RegisterResourceModule( + "stackit", + "index/serviceAccountFederatedIdentityProvider", + &module{version}, + ) pulumi.RegisterResourceModule( "stackit", "index/serviceAccountKey", diff --git a/sdk/go/stackit/observabilityInstance.go b/sdk/go/stackit/observabilityInstance.go index f14e7fe..aae632b 100644 --- a/sdk/go/stackit/observabilityInstance.go +++ b/sdk/go/stackit/observabilityInstance.go @@ -63,8 +63,11 @@ type ObservabilityInstance struct { // Specifies metrics URL. MetricsUrl pulumi.StringOutput `pulumi:"metricsUrl"` // The name of the Observability instance. - Name pulumi.StringOutput `pulumi:"name"` - OtlpTracesUrl pulumi.StringOutput `pulumi:"otlpTracesUrl"` + Name pulumi.StringOutput `pulumi:"name"` + OtlpGrpcTracesUrl pulumi.StringOutput `pulumi:"otlpGrpcTracesUrl"` + OtlpHttpLogsUrl pulumi.StringOutput `pulumi:"otlpHttpLogsUrl"` + OtlpHttpTracesUrl pulumi.StringOutput `pulumi:"otlpHttpTracesUrl"` + OtlpTracesUrl pulumi.StringOutput `pulumi:"otlpTracesUrl"` // Additional parameters. Parameters pulumi.StringMapOutput `pulumi:"parameters"` // The Observability plan ID. @@ -165,8 +168,11 @@ type observabilityInstanceState struct { // Specifies metrics URL. MetricsUrl *string `pulumi:"metricsUrl"` // The name of the Observability instance. - Name *string `pulumi:"name"` - OtlpTracesUrl *string `pulumi:"otlpTracesUrl"` + Name *string `pulumi:"name"` + OtlpGrpcTracesUrl *string `pulumi:"otlpGrpcTracesUrl"` + OtlpHttpLogsUrl *string `pulumi:"otlpHttpLogsUrl"` + OtlpHttpTracesUrl *string `pulumi:"otlpHttpTracesUrl"` + OtlpTracesUrl *string `pulumi:"otlpTracesUrl"` // Additional parameters. Parameters map[string]string `pulumi:"parameters"` // The Observability plan ID. @@ -228,8 +234,11 @@ type ObservabilityInstanceState struct { // Specifies metrics URL. MetricsUrl pulumi.StringPtrInput // The name of the Observability instance. - Name pulumi.StringPtrInput - OtlpTracesUrl pulumi.StringPtrInput + Name pulumi.StringPtrInput + OtlpGrpcTracesUrl pulumi.StringPtrInput + OtlpHttpLogsUrl pulumi.StringPtrInput + OtlpHttpTracesUrl pulumi.StringPtrInput + OtlpTracesUrl pulumi.StringPtrInput // Additional parameters. Parameters pulumi.StringMapInput // The Observability plan ID. @@ -503,6 +512,18 @@ func (o ObservabilityInstanceOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *ObservabilityInstance) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +func (o ObservabilityInstanceOutput) OtlpGrpcTracesUrl() pulumi.StringOutput { + return o.ApplyT(func(v *ObservabilityInstance) pulumi.StringOutput { return v.OtlpGrpcTracesUrl }).(pulumi.StringOutput) +} + +func (o ObservabilityInstanceOutput) OtlpHttpLogsUrl() pulumi.StringOutput { + return o.ApplyT(func(v *ObservabilityInstance) pulumi.StringOutput { return v.OtlpHttpLogsUrl }).(pulumi.StringOutput) +} + +func (o ObservabilityInstanceOutput) OtlpHttpTracesUrl() pulumi.StringOutput { + return o.ApplyT(func(v *ObservabilityInstance) pulumi.StringOutput { return v.OtlpHttpTracesUrl }).(pulumi.StringOutput) +} + func (o ObservabilityInstanceOutput) OtlpTracesUrl() pulumi.StringOutput { return o.ApplyT(func(v *ObservabilityInstance) pulumi.StringOutput { return v.OtlpTracesUrl }).(pulumi.StringOutput) } diff --git a/sdk/go/stackit/pulumiTypes.go b/sdk/go/stackit/pulumiTypes.go index b9ebc5f..2b1138c 100644 --- a/sdk/go/stackit/pulumiTypes.go +++ b/sdk/go/stackit/pulumiTypes.go @@ -3589,6 +3589,8 @@ type CdnDistributionConfig struct { Redirects *CdnDistributionConfigRedirects `pulumi:"redirects"` // The configured regions where content will be hosted Regions []string `pulumi:"regions"` + // Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + Waf *CdnDistributionConfigWaf `pulumi:"waf"` } // CdnDistributionConfigInput is an input type that accepts CdnDistributionConfigArgs and CdnDistributionConfigOutput values. @@ -3613,6 +3615,8 @@ type CdnDistributionConfigArgs struct { Redirects CdnDistributionConfigRedirectsPtrInput `pulumi:"redirects"` // The configured regions where content will be hosted Regions pulumi.StringArrayInput `pulumi:"regions"` + // Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + Waf CdnDistributionConfigWafPtrInput `pulumi:"waf"` } func (CdnDistributionConfigArgs) ElementType() reflect.Type { @@ -3717,6 +3721,11 @@ func (o CdnDistributionConfigOutput) Regions() pulumi.StringArrayOutput { return o.ApplyT(func(v CdnDistributionConfig) []string { return v.Regions }).(pulumi.StringArrayOutput) } +// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. +func (o CdnDistributionConfigOutput) Waf() CdnDistributionConfigWafPtrOutput { + return o.ApplyT(func(v CdnDistributionConfig) *CdnDistributionConfigWaf { return v.Waf }).(CdnDistributionConfigWafPtrOutput) +} + type CdnDistributionConfigPtrOutput struct{ *pulumi.OutputState } func (CdnDistributionConfigPtrOutput) ElementType() reflect.Type { @@ -3791,6 +3800,16 @@ func (o CdnDistributionConfigPtrOutput) Regions() pulumi.StringArrayOutput { }).(pulumi.StringArrayOutput) } +// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. +func (o CdnDistributionConfigPtrOutput) Waf() CdnDistributionConfigWafPtrOutput { + return o.ApplyT(func(v *CdnDistributionConfig) *CdnDistributionConfigWaf { + if v == nil { + return nil + } + return v.Waf + }).(CdnDistributionConfigWafPtrOutput) +} + type CdnDistributionConfigBackend struct { // The URL of the bucket (e.g. https://s3.example.com). Required if type is 'bucket'. BucketUrl *string `pulumi:"bucketUrl"` @@ -4718,6 +4737,409 @@ func (o CdnDistributionConfigRedirectsRuleMatcherArrayOutput) Index(i pulumi.Int }).(CdnDistributionConfigRedirectsRuleMatcherOutput) } +type CdnDistributionConfigWaf struct { + // Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + AllowedHttpMethods []string `pulumi:"allowedHttpMethods"` + // Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + AllowedHttpVersions []string `pulumi:"allowedHttpVersions"` + // Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + AllowedRequestContentTypes []string `pulumi:"allowedRequestContentTypes"` + // Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleCollectionIds []string `pulumi:"disabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleGroupIds []string `pulumi:"disabledRuleGroupIds"` + // Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleIds []string `pulumi:"disabledRuleIds"` + // Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleCollectionIds []string `pulumi:"enabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleGroupIds []string `pulumi:"enabledRuleGroupIds"` + // Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleIds []string `pulumi:"enabledRuleIds"` + // Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleCollectionIds []string `pulumi:"logOnlyRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleGroupIds []string `pulumi:"logOnlyRuleGroupIds"` + // Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleIds []string `pulumi:"logOnlyRuleIds"` + // The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + Mode *string `pulumi:"mode"` + // Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + ParanoiaLevel *string `pulumi:"paranoiaLevel"` + // The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + Type *string `pulumi:"type"` +} + +// CdnDistributionConfigWafInput is an input type that accepts CdnDistributionConfigWafArgs and CdnDistributionConfigWafOutput values. +// You can construct a concrete instance of `CdnDistributionConfigWafInput` via: +// +// CdnDistributionConfigWafArgs{...} +type CdnDistributionConfigWafInput interface { + pulumi.Input + + ToCdnDistributionConfigWafOutput() CdnDistributionConfigWafOutput + ToCdnDistributionConfigWafOutputWithContext(context.Context) CdnDistributionConfigWafOutput +} + +type CdnDistributionConfigWafArgs struct { + // Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + AllowedHttpMethods pulumi.StringArrayInput `pulumi:"allowedHttpMethods"` + // Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + AllowedHttpVersions pulumi.StringArrayInput `pulumi:"allowedHttpVersions"` + // Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + AllowedRequestContentTypes pulumi.StringArrayInput `pulumi:"allowedRequestContentTypes"` + // Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleCollectionIds pulumi.StringArrayInput `pulumi:"disabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleGroupIds pulumi.StringArrayInput `pulumi:"disabledRuleGroupIds"` + // Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleIds pulumi.StringArrayInput `pulumi:"disabledRuleIds"` + // Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleCollectionIds pulumi.StringArrayInput `pulumi:"enabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleGroupIds pulumi.StringArrayInput `pulumi:"enabledRuleGroupIds"` + // Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleIds pulumi.StringArrayInput `pulumi:"enabledRuleIds"` + // Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleCollectionIds pulumi.StringArrayInput `pulumi:"logOnlyRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleGroupIds pulumi.StringArrayInput `pulumi:"logOnlyRuleGroupIds"` + // Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleIds pulumi.StringArrayInput `pulumi:"logOnlyRuleIds"` + // The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + Mode pulumi.StringPtrInput `pulumi:"mode"` + // Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + ParanoiaLevel pulumi.StringPtrInput `pulumi:"paranoiaLevel"` + // The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + Type pulumi.StringPtrInput `pulumi:"type"` +} + +func (CdnDistributionConfigWafArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CdnDistributionConfigWaf)(nil)).Elem() +} + +func (i CdnDistributionConfigWafArgs) ToCdnDistributionConfigWafOutput() CdnDistributionConfigWafOutput { + return i.ToCdnDistributionConfigWafOutputWithContext(context.Background()) +} + +func (i CdnDistributionConfigWafArgs) ToCdnDistributionConfigWafOutputWithContext(ctx context.Context) CdnDistributionConfigWafOutput { + return pulumi.ToOutputWithContext(ctx, i).(CdnDistributionConfigWafOutput) +} + +func (i CdnDistributionConfigWafArgs) ToCdnDistributionConfigWafPtrOutput() CdnDistributionConfigWafPtrOutput { + return i.ToCdnDistributionConfigWafPtrOutputWithContext(context.Background()) +} + +func (i CdnDistributionConfigWafArgs) ToCdnDistributionConfigWafPtrOutputWithContext(ctx context.Context) CdnDistributionConfigWafPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CdnDistributionConfigWafOutput).ToCdnDistributionConfigWafPtrOutputWithContext(ctx) +} + +// CdnDistributionConfigWafPtrInput is an input type that accepts CdnDistributionConfigWafArgs, CdnDistributionConfigWafPtr and CdnDistributionConfigWafPtrOutput values. +// You can construct a concrete instance of `CdnDistributionConfigWafPtrInput` via: +// +// CdnDistributionConfigWafArgs{...} +// +// or: +// +// nil +type CdnDistributionConfigWafPtrInput interface { + pulumi.Input + + ToCdnDistributionConfigWafPtrOutput() CdnDistributionConfigWafPtrOutput + ToCdnDistributionConfigWafPtrOutputWithContext(context.Context) CdnDistributionConfigWafPtrOutput +} + +type cdnDistributionConfigWafPtrType CdnDistributionConfigWafArgs + +func CdnDistributionConfigWafPtr(v *CdnDistributionConfigWafArgs) CdnDistributionConfigWafPtrInput { + return (*cdnDistributionConfigWafPtrType)(v) +} + +func (*cdnDistributionConfigWafPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**CdnDistributionConfigWaf)(nil)).Elem() +} + +func (i *cdnDistributionConfigWafPtrType) ToCdnDistributionConfigWafPtrOutput() CdnDistributionConfigWafPtrOutput { + return i.ToCdnDistributionConfigWafPtrOutputWithContext(context.Background()) +} + +func (i *cdnDistributionConfigWafPtrType) ToCdnDistributionConfigWafPtrOutputWithContext(ctx context.Context) CdnDistributionConfigWafPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CdnDistributionConfigWafPtrOutput) +} + +type CdnDistributionConfigWafOutput struct{ *pulumi.OutputState } + +func (CdnDistributionConfigWafOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CdnDistributionConfigWaf)(nil)).Elem() +} + +func (o CdnDistributionConfigWafOutput) ToCdnDistributionConfigWafOutput() CdnDistributionConfigWafOutput { + return o +} + +func (o CdnDistributionConfigWafOutput) ToCdnDistributionConfigWafOutputWithContext(ctx context.Context) CdnDistributionConfigWafOutput { + return o +} + +func (o CdnDistributionConfigWafOutput) ToCdnDistributionConfigWafPtrOutput() CdnDistributionConfigWafPtrOutput { + return o.ToCdnDistributionConfigWafPtrOutputWithContext(context.Background()) +} + +func (o CdnDistributionConfigWafOutput) ToCdnDistributionConfigWafPtrOutputWithContext(ctx context.Context) CdnDistributionConfigWafPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v CdnDistributionConfigWaf) *CdnDistributionConfigWaf { + return &v + }).(CdnDistributionConfigWafPtrOutput) +} + +// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. +func (o CdnDistributionConfigWafOutput) AllowedHttpMethods() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.AllowedHttpMethods }).(pulumi.StringArrayOutput) +} + +// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. +func (o CdnDistributionConfigWafOutput) AllowedHttpVersions() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.AllowedHttpVersions }).(pulumi.StringArrayOutput) +} + +// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. +func (o CdnDistributionConfigWafOutput) AllowedRequestContentTypes() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.AllowedRequestContentTypes }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) DisabledRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.DisabledRuleCollectionIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) DisabledRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.DisabledRuleGroupIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) DisabledRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.DisabledRuleIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) EnabledRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.EnabledRuleCollectionIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) EnabledRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.EnabledRuleGroupIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) EnabledRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.EnabledRuleIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) LogOnlyRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.LogOnlyRuleCollectionIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) LogOnlyRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.LogOnlyRuleGroupIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafOutput) LogOnlyRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) []string { return v.LogOnlyRuleIds }).(pulumi.StringArrayOutput) +} + +// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. +func (o CdnDistributionConfigWafOutput) Mode() pulumi.StringPtrOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) *string { return v.Mode }).(pulumi.StringPtrOutput) +} + +// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. +func (o CdnDistributionConfigWafOutput) ParanoiaLevel() pulumi.StringPtrOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) *string { return v.ParanoiaLevel }).(pulumi.StringPtrOutput) +} + +// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. +func (o CdnDistributionConfigWafOutput) Type() pulumi.StringPtrOutput { + return o.ApplyT(func(v CdnDistributionConfigWaf) *string { return v.Type }).(pulumi.StringPtrOutput) +} + +type CdnDistributionConfigWafPtrOutput struct{ *pulumi.OutputState } + +func (CdnDistributionConfigWafPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CdnDistributionConfigWaf)(nil)).Elem() +} + +func (o CdnDistributionConfigWafPtrOutput) ToCdnDistributionConfigWafPtrOutput() CdnDistributionConfigWafPtrOutput { + return o +} + +func (o CdnDistributionConfigWafPtrOutput) ToCdnDistributionConfigWafPtrOutputWithContext(ctx context.Context) CdnDistributionConfigWafPtrOutput { + return o +} + +func (o CdnDistributionConfigWafPtrOutput) Elem() CdnDistributionConfigWafOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) CdnDistributionConfigWaf { + if v != nil { + return *v + } + var ret CdnDistributionConfigWaf + return ret + }).(CdnDistributionConfigWafOutput) +} + +// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. +func (o CdnDistributionConfigWafPtrOutput) AllowedHttpMethods() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.AllowedHttpMethods + }).(pulumi.StringArrayOutput) +} + +// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. +func (o CdnDistributionConfigWafPtrOutput) AllowedHttpVersions() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.AllowedHttpVersions + }).(pulumi.StringArrayOutput) +} + +// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. +func (o CdnDistributionConfigWafPtrOutput) AllowedRequestContentTypes() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.AllowedRequestContentTypes + }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) DisabledRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.DisabledRuleCollectionIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) DisabledRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.DisabledRuleGroupIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) DisabledRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.DisabledRuleIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) EnabledRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.EnabledRuleCollectionIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) EnabledRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.EnabledRuleGroupIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) EnabledRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.EnabledRuleIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) LogOnlyRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.LogOnlyRuleCollectionIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) LogOnlyRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.LogOnlyRuleGroupIds + }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o CdnDistributionConfigWafPtrOutput) LogOnlyRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) []string { + if v == nil { + return nil + } + return v.LogOnlyRuleIds + }).(pulumi.StringArrayOutput) +} + +// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. +func (o CdnDistributionConfigWafPtrOutput) Mode() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) *string { + if v == nil { + return nil + } + return v.Mode + }).(pulumi.StringPtrOutput) +} + +// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. +func (o CdnDistributionConfigWafPtrOutput) ParanoiaLevel() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) *string { + if v == nil { + return nil + } + return v.ParanoiaLevel + }).(pulumi.StringPtrOutput) +} + +// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. +func (o CdnDistributionConfigWafPtrOutput) Type() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CdnDistributionConfigWaf) *string { + if v == nil { + return nil + } + return v.Type + }).(pulumi.StringPtrOutput) +} + type CdnDistributionDomain struct { // List of domain errors Errors []string `pulumi:"errors"` @@ -14372,6 +14794,162 @@ func (o SecurityGroupRuleProtocolPtrOutput) Number() pulumi.IntPtrOutput { }).(pulumi.IntPtrOutput) } +type ServerAgent struct { + // Whether a STACKIT Server Agent is provisioned at the server + Provisioned *bool `pulumi:"provisioned"` + // Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + ProvisioningPolicy *string `pulumi:"provisioningPolicy"` +} + +// ServerAgentInput is an input type that accepts ServerAgentArgs and ServerAgentOutput values. +// You can construct a concrete instance of `ServerAgentInput` via: +// +// ServerAgentArgs{...} +type ServerAgentInput interface { + pulumi.Input + + ToServerAgentOutput() ServerAgentOutput + ToServerAgentOutputWithContext(context.Context) ServerAgentOutput +} + +type ServerAgentArgs struct { + // Whether a STACKIT Server Agent is provisioned at the server + Provisioned pulumi.BoolPtrInput `pulumi:"provisioned"` + // Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + ProvisioningPolicy pulumi.StringPtrInput `pulumi:"provisioningPolicy"` +} + +func (ServerAgentArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ServerAgent)(nil)).Elem() +} + +func (i ServerAgentArgs) ToServerAgentOutput() ServerAgentOutput { + return i.ToServerAgentOutputWithContext(context.Background()) +} + +func (i ServerAgentArgs) ToServerAgentOutputWithContext(ctx context.Context) ServerAgentOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServerAgentOutput) +} + +func (i ServerAgentArgs) ToServerAgentPtrOutput() ServerAgentPtrOutput { + return i.ToServerAgentPtrOutputWithContext(context.Background()) +} + +func (i ServerAgentArgs) ToServerAgentPtrOutputWithContext(ctx context.Context) ServerAgentPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServerAgentOutput).ToServerAgentPtrOutputWithContext(ctx) +} + +// ServerAgentPtrInput is an input type that accepts ServerAgentArgs, ServerAgentPtr and ServerAgentPtrOutput values. +// You can construct a concrete instance of `ServerAgentPtrInput` via: +// +// ServerAgentArgs{...} +// +// or: +// +// nil +type ServerAgentPtrInput interface { + pulumi.Input + + ToServerAgentPtrOutput() ServerAgentPtrOutput + ToServerAgentPtrOutputWithContext(context.Context) ServerAgentPtrOutput +} + +type serverAgentPtrType ServerAgentArgs + +func ServerAgentPtr(v *ServerAgentArgs) ServerAgentPtrInput { + return (*serverAgentPtrType)(v) +} + +func (*serverAgentPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ServerAgent)(nil)).Elem() +} + +func (i *serverAgentPtrType) ToServerAgentPtrOutput() ServerAgentPtrOutput { + return i.ToServerAgentPtrOutputWithContext(context.Background()) +} + +func (i *serverAgentPtrType) ToServerAgentPtrOutputWithContext(ctx context.Context) ServerAgentPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServerAgentPtrOutput) +} + +type ServerAgentOutput struct{ *pulumi.OutputState } + +func (ServerAgentOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ServerAgent)(nil)).Elem() +} + +func (o ServerAgentOutput) ToServerAgentOutput() ServerAgentOutput { + return o +} + +func (o ServerAgentOutput) ToServerAgentOutputWithContext(ctx context.Context) ServerAgentOutput { + return o +} + +func (o ServerAgentOutput) ToServerAgentPtrOutput() ServerAgentPtrOutput { + return o.ToServerAgentPtrOutputWithContext(context.Background()) +} + +func (o ServerAgentOutput) ToServerAgentPtrOutputWithContext(ctx context.Context) ServerAgentPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ServerAgent) *ServerAgent { + return &v + }).(ServerAgentPtrOutput) +} + +// Whether a STACKIT Server Agent is provisioned at the server +func (o ServerAgentOutput) Provisioned() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ServerAgent) *bool { return v.Provisioned }).(pulumi.BoolPtrOutput) +} + +// Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. +func (o ServerAgentOutput) ProvisioningPolicy() pulumi.StringPtrOutput { + return o.ApplyT(func(v ServerAgent) *string { return v.ProvisioningPolicy }).(pulumi.StringPtrOutput) +} + +type ServerAgentPtrOutput struct{ *pulumi.OutputState } + +func (ServerAgentPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ServerAgent)(nil)).Elem() +} + +func (o ServerAgentPtrOutput) ToServerAgentPtrOutput() ServerAgentPtrOutput { + return o +} + +func (o ServerAgentPtrOutput) ToServerAgentPtrOutputWithContext(ctx context.Context) ServerAgentPtrOutput { + return o +} + +func (o ServerAgentPtrOutput) Elem() ServerAgentOutput { + return o.ApplyT(func(v *ServerAgent) ServerAgent { + if v != nil { + return *v + } + var ret ServerAgent + return ret + }).(ServerAgentOutput) +} + +// Whether a STACKIT Server Agent is provisioned at the server +func (o ServerAgentPtrOutput) Provisioned() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ServerAgent) *bool { + if v == nil { + return nil + } + return v.Provisioned + }).(pulumi.BoolPtrOutput) +} + +// Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. +func (o ServerAgentPtrOutput) ProvisioningPolicy() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServerAgent) *string { + if v == nil { + return nil + } + return v.ProvisioningPolicy + }).(pulumi.StringPtrOutput) +} + type ServerBackupScheduleBackupProperties struct { Name string `pulumi:"name"` RetentionPeriod int `pulumi:"retentionPeriod"` @@ -14767,6 +15345,121 @@ func (o ServerBootVolumePtrOutput) SourceType() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +type ServiceAccountFederatedIdentityProviderAssertion struct { + // The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + Item string `pulumi:"item"` + // The assertion operator. Currently, the only supported operator is "equals". + Operator string `pulumi:"operator"` + // The assertion value. + Value string `pulumi:"value"` +} + +// ServiceAccountFederatedIdentityProviderAssertionInput is an input type that accepts ServiceAccountFederatedIdentityProviderAssertionArgs and ServiceAccountFederatedIdentityProviderAssertionOutput values. +// You can construct a concrete instance of `ServiceAccountFederatedIdentityProviderAssertionInput` via: +// +// ServiceAccountFederatedIdentityProviderAssertionArgs{...} +type ServiceAccountFederatedIdentityProviderAssertionInput interface { + pulumi.Input + + ToServiceAccountFederatedIdentityProviderAssertionOutput() ServiceAccountFederatedIdentityProviderAssertionOutput + ToServiceAccountFederatedIdentityProviderAssertionOutputWithContext(context.Context) ServiceAccountFederatedIdentityProviderAssertionOutput +} + +type ServiceAccountFederatedIdentityProviderAssertionArgs struct { + // The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + Item pulumi.StringInput `pulumi:"item"` + // The assertion operator. Currently, the only supported operator is "equals". + Operator pulumi.StringInput `pulumi:"operator"` + // The assertion value. + Value pulumi.StringInput `pulumi:"value"` +} + +func (ServiceAccountFederatedIdentityProviderAssertionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (i ServiceAccountFederatedIdentityProviderAssertionArgs) ToServiceAccountFederatedIdentityProviderAssertionOutput() ServiceAccountFederatedIdentityProviderAssertionOutput { + return i.ToServiceAccountFederatedIdentityProviderAssertionOutputWithContext(context.Background()) +} + +func (i ServiceAccountFederatedIdentityProviderAssertionArgs) ToServiceAccountFederatedIdentityProviderAssertionOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderAssertionOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceAccountFederatedIdentityProviderAssertionOutput) +} + +// ServiceAccountFederatedIdentityProviderAssertionArrayInput is an input type that accepts ServiceAccountFederatedIdentityProviderAssertionArray and ServiceAccountFederatedIdentityProviderAssertionArrayOutput values. +// You can construct a concrete instance of `ServiceAccountFederatedIdentityProviderAssertionArrayInput` via: +// +// ServiceAccountFederatedIdentityProviderAssertionArray{ ServiceAccountFederatedIdentityProviderAssertionArgs{...} } +type ServiceAccountFederatedIdentityProviderAssertionArrayInput interface { + pulumi.Input + + ToServiceAccountFederatedIdentityProviderAssertionArrayOutput() ServiceAccountFederatedIdentityProviderAssertionArrayOutput + ToServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(context.Context) ServiceAccountFederatedIdentityProviderAssertionArrayOutput +} + +type ServiceAccountFederatedIdentityProviderAssertionArray []ServiceAccountFederatedIdentityProviderAssertionInput + +func (ServiceAccountFederatedIdentityProviderAssertionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (i ServiceAccountFederatedIdentityProviderAssertionArray) ToServiceAccountFederatedIdentityProviderAssertionArrayOutput() ServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return i.ToServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(context.Background()) +} + +func (i ServiceAccountFederatedIdentityProviderAssertionArray) ToServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceAccountFederatedIdentityProviderAssertionArrayOutput) +} + +type ServiceAccountFederatedIdentityProviderAssertionOutput struct{ *pulumi.OutputState } + +func (ServiceAccountFederatedIdentityProviderAssertionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (o ServiceAccountFederatedIdentityProviderAssertionOutput) ToServiceAccountFederatedIdentityProviderAssertionOutput() ServiceAccountFederatedIdentityProviderAssertionOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderAssertionOutput) ToServiceAccountFederatedIdentityProviderAssertionOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderAssertionOutput { + return o +} + +// The assertion claim. At least one assertion with the claim "aud" is required for security reasons. +func (o ServiceAccountFederatedIdentityProviderAssertionOutput) Item() pulumi.StringOutput { + return o.ApplyT(func(v ServiceAccountFederatedIdentityProviderAssertion) string { return v.Item }).(pulumi.StringOutput) +} + +// The assertion operator. Currently, the only supported operator is "equals". +func (o ServiceAccountFederatedIdentityProviderAssertionOutput) Operator() pulumi.StringOutput { + return o.ApplyT(func(v ServiceAccountFederatedIdentityProviderAssertion) string { return v.Operator }).(pulumi.StringOutput) +} + +// The assertion value. +func (o ServiceAccountFederatedIdentityProviderAssertionOutput) Value() pulumi.StringOutput { + return o.ApplyT(func(v ServiceAccountFederatedIdentityProviderAssertion) string { return v.Value }).(pulumi.StringOutput) +} + +type ServiceAccountFederatedIdentityProviderAssertionArrayOutput struct{ *pulumi.OutputState } + +func (ServiceAccountFederatedIdentityProviderAssertionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (o ServiceAccountFederatedIdentityProviderAssertionArrayOutput) ToServiceAccountFederatedIdentityProviderAssertionArrayOutput() ServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderAssertionArrayOutput) ToServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderAssertionArrayOutput) Index(i pulumi.IntInput) ServiceAccountFederatedIdentityProviderAssertionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ServiceAccountFederatedIdentityProviderAssertion { + return vs[0].([]ServiceAccountFederatedIdentityProviderAssertion)[vs[1].(int)] + }).(ServiceAccountFederatedIdentityProviderAssertionOutput) +} + type SfsExportPolicyRule struct { // Description of the Rule Description *string `pulumi:"description"` @@ -19756,6 +20449,8 @@ type GetCdnDistributionConfig struct { Redirects GetCdnDistributionConfigRedirects `pulumi:"redirects"` // The configured regions where content will be hosted Regions []string `pulumi:"regions"` + // Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + Waf GetCdnDistributionConfigWaf `pulumi:"waf"` } // GetCdnDistributionConfigInput is an input type that accepts GetCdnDistributionConfigArgs and GetCdnDistributionConfigOutput values. @@ -19780,6 +20475,8 @@ type GetCdnDistributionConfigArgs struct { Redirects GetCdnDistributionConfigRedirectsInput `pulumi:"redirects"` // The configured regions where content will be hosted Regions pulumi.StringArrayInput `pulumi:"regions"` + // Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + Waf GetCdnDistributionConfigWafInput `pulumi:"waf"` } func (GetCdnDistributionConfigArgs) ElementType() reflect.Type { @@ -19833,6 +20530,11 @@ func (o GetCdnDistributionConfigOutput) Regions() pulumi.StringArrayOutput { return o.ApplyT(func(v GetCdnDistributionConfig) []string { return v.Regions }).(pulumi.StringArrayOutput) } +// Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. +func (o GetCdnDistributionConfigOutput) Waf() GetCdnDistributionConfigWafOutput { + return o.ApplyT(func(v GetCdnDistributionConfig) GetCdnDistributionConfigWaf { return v.Waf }).(GetCdnDistributionConfigWafOutput) +} + type GetCdnDistributionConfigBackend struct { // The URL of the bucket (e.g. https://s3.example.com). Required if type is 'bucket'. BucketUrl string `pulumi:"bucketUrl"` @@ -20281,6 +20983,184 @@ func (o GetCdnDistributionConfigRedirectsRuleMatcherArrayOutput) Index(i pulumi. }).(GetCdnDistributionConfigRedirectsRuleMatcherOutput) } +type GetCdnDistributionConfigWaf struct { + // Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + AllowedHttpMethods []string `pulumi:"allowedHttpMethods"` + // Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + AllowedHttpVersions []string `pulumi:"allowedHttpVersions"` + // Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + AllowedRequestContentTypes []string `pulumi:"allowedRequestContentTypes"` + // Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleCollectionIds []string `pulumi:"disabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleGroupIds []string `pulumi:"disabledRuleGroupIds"` + // Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleIds []string `pulumi:"disabledRuleIds"` + // Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleCollectionIds []string `pulumi:"enabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleGroupIds []string `pulumi:"enabledRuleGroupIds"` + // Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleIds []string `pulumi:"enabledRuleIds"` + // Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleCollectionIds []string `pulumi:"logOnlyRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleGroupIds []string `pulumi:"logOnlyRuleGroupIds"` + // Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleIds []string `pulumi:"logOnlyRuleIds"` + // The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + Mode string `pulumi:"mode"` + // Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + ParanoiaLevel string `pulumi:"paranoiaLevel"` + // The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + Type string `pulumi:"type"` +} + +// GetCdnDistributionConfigWafInput is an input type that accepts GetCdnDistributionConfigWafArgs and GetCdnDistributionConfigWafOutput values. +// You can construct a concrete instance of `GetCdnDistributionConfigWafInput` via: +// +// GetCdnDistributionConfigWafArgs{...} +type GetCdnDistributionConfigWafInput interface { + pulumi.Input + + ToGetCdnDistributionConfigWafOutput() GetCdnDistributionConfigWafOutput + ToGetCdnDistributionConfigWafOutputWithContext(context.Context) GetCdnDistributionConfigWafOutput +} + +type GetCdnDistributionConfigWafArgs struct { + // Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + AllowedHttpMethods pulumi.StringArrayInput `pulumi:"allowedHttpMethods"` + // Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + AllowedHttpVersions pulumi.StringArrayInput `pulumi:"allowedHttpVersions"` + // Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + AllowedRequestContentTypes pulumi.StringArrayInput `pulumi:"allowedRequestContentTypes"` + // Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleCollectionIds pulumi.StringArrayInput `pulumi:"disabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleGroupIds pulumi.StringArrayInput `pulumi:"disabledRuleGroupIds"` + // Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + DisabledRuleIds pulumi.StringArrayInput `pulumi:"disabledRuleIds"` + // Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleCollectionIds pulumi.StringArrayInput `pulumi:"enabledRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleGroupIds pulumi.StringArrayInput `pulumi:"enabledRuleGroupIds"` + // Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + EnabledRuleIds pulumi.StringArrayInput `pulumi:"enabledRuleIds"` + // Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleCollectionIds pulumi.StringArrayInput `pulumi:"logOnlyRuleCollectionIds"` + // Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleGroupIds pulumi.StringArrayInput `pulumi:"logOnlyRuleGroupIds"` + // Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + LogOnlyRuleIds pulumi.StringArrayInput `pulumi:"logOnlyRuleIds"` + // The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + Mode pulumi.StringInput `pulumi:"mode"` + // Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + ParanoiaLevel pulumi.StringInput `pulumi:"paranoiaLevel"` + // The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + Type pulumi.StringInput `pulumi:"type"` +} + +func (GetCdnDistributionConfigWafArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetCdnDistributionConfigWaf)(nil)).Elem() +} + +func (i GetCdnDistributionConfigWafArgs) ToGetCdnDistributionConfigWafOutput() GetCdnDistributionConfigWafOutput { + return i.ToGetCdnDistributionConfigWafOutputWithContext(context.Background()) +} + +func (i GetCdnDistributionConfigWafArgs) ToGetCdnDistributionConfigWafOutputWithContext(ctx context.Context) GetCdnDistributionConfigWafOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetCdnDistributionConfigWafOutput) +} + +type GetCdnDistributionConfigWafOutput struct{ *pulumi.OutputState } + +func (GetCdnDistributionConfigWafOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetCdnDistributionConfigWaf)(nil)).Elem() +} + +func (o GetCdnDistributionConfigWafOutput) ToGetCdnDistributionConfigWafOutput() GetCdnDistributionConfigWafOutput { + return o +} + +func (o GetCdnDistributionConfigWafOutput) ToGetCdnDistributionConfigWafOutputWithContext(ctx context.Context) GetCdnDistributionConfigWafOutput { + return o +} + +// Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. +func (o GetCdnDistributionConfigWafOutput) AllowedHttpMethods() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.AllowedHttpMethods }).(pulumi.StringArrayOutput) +} + +// Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. +func (o GetCdnDistributionConfigWafOutput) AllowedHttpVersions() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.AllowedHttpVersions }).(pulumi.StringArrayOutput) +} + +// Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. +func (o GetCdnDistributionConfigWafOutput) AllowedRequestContentTypes() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.AllowedRequestContentTypes }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) DisabledRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.DisabledRuleCollectionIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) DisabledRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.DisabledRuleGroupIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) DisabledRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.DisabledRuleIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) EnabledRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.EnabledRuleCollectionIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) EnabledRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.EnabledRuleGroupIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) EnabledRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.EnabledRuleIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) LogOnlyRuleCollectionIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.LogOnlyRuleCollectionIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) LogOnlyRuleGroupIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.LogOnlyRuleGroupIds }).(pulumi.StringArrayOutput) +} + +// Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections +func (o GetCdnDistributionConfigWafOutput) LogOnlyRuleIds() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) []string { return v.LogOnlyRuleIds }).(pulumi.StringArrayOutput) +} + +// The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. +func (o GetCdnDistributionConfigWafOutput) Mode() pulumi.StringOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) string { return v.Mode }).(pulumi.StringOutput) +} + +// Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. +func (o GetCdnDistributionConfigWafOutput) ParanoiaLevel() pulumi.StringOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) string { return v.ParanoiaLevel }).(pulumi.StringOutput) +} + +// The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. +func (o GetCdnDistributionConfigWafOutput) Type() pulumi.StringOutput { + return o.ApplyT(func(v GetCdnDistributionConfigWaf) string { return v.Type }).(pulumi.StringOutput) +} + type GetCdnDistributionDomain struct { // List of domain errors Errors []string `pulumi:"errors"` @@ -27015,6 +27895,58 @@ func (o GetSecurityGroupRuleProtocolOutput) Number() pulumi.IntOutput { return o.ApplyT(func(v GetSecurityGroupRuleProtocol) int { return v.Number }).(pulumi.IntOutput) } +type GetServerAgent struct { + // Whether a STACKIT Server Agent is provisioned at the server + Provisioned bool `pulumi:"provisioned"` +} + +// GetServerAgentInput is an input type that accepts GetServerAgentArgs and GetServerAgentOutput values. +// You can construct a concrete instance of `GetServerAgentInput` via: +// +// GetServerAgentArgs{...} +type GetServerAgentInput interface { + pulumi.Input + + ToGetServerAgentOutput() GetServerAgentOutput + ToGetServerAgentOutputWithContext(context.Context) GetServerAgentOutput +} + +type GetServerAgentArgs struct { + // Whether a STACKIT Server Agent is provisioned at the server + Provisioned pulumi.BoolInput `pulumi:"provisioned"` +} + +func (GetServerAgentArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetServerAgent)(nil)).Elem() +} + +func (i GetServerAgentArgs) ToGetServerAgentOutput() GetServerAgentOutput { + return i.ToGetServerAgentOutputWithContext(context.Background()) +} + +func (i GetServerAgentArgs) ToGetServerAgentOutputWithContext(ctx context.Context) GetServerAgentOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServerAgentOutput) +} + +type GetServerAgentOutput struct{ *pulumi.OutputState } + +func (GetServerAgentOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetServerAgent)(nil)).Elem() +} + +func (o GetServerAgentOutput) ToGetServerAgentOutput() GetServerAgentOutput { + return o +} + +func (o GetServerAgentOutput) ToGetServerAgentOutputWithContext(ctx context.Context) GetServerAgentOutput { + return o +} + +// Whether a STACKIT Server Agent is provisioned at the server +func (o GetServerAgentOutput) Provisioned() pulumi.BoolOutput { + return o.ApplyT(func(v GetServerAgent) bool { return v.Provisioned }).(pulumi.BoolOutput) +} + type GetServerBackupScheduleBackupProperties struct { Name string `pulumi:"name"` RetentionPeriod int `pulumi:"retentionPeriod"` @@ -27460,6 +28392,121 @@ func (o GetServerUpdateSchedulesItemArrayOutput) Index(i pulumi.IntInput) GetSer }).(GetServerUpdateSchedulesItemOutput) } +type GetServiceAccountFederatedIdentityProviderAssertion struct { + // The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + Item string `pulumi:"item"` + // The assertion operator. Currently, the only supported operator is "equals". + Operator string `pulumi:"operator"` + // The assertion value. + Value string `pulumi:"value"` +} + +// GetServiceAccountFederatedIdentityProviderAssertionInput is an input type that accepts GetServiceAccountFederatedIdentityProviderAssertionArgs and GetServiceAccountFederatedIdentityProviderAssertionOutput values. +// You can construct a concrete instance of `GetServiceAccountFederatedIdentityProviderAssertionInput` via: +// +// GetServiceAccountFederatedIdentityProviderAssertionArgs{...} +type GetServiceAccountFederatedIdentityProviderAssertionInput interface { + pulumi.Input + + ToGetServiceAccountFederatedIdentityProviderAssertionOutput() GetServiceAccountFederatedIdentityProviderAssertionOutput + ToGetServiceAccountFederatedIdentityProviderAssertionOutputWithContext(context.Context) GetServiceAccountFederatedIdentityProviderAssertionOutput +} + +type GetServiceAccountFederatedIdentityProviderAssertionArgs struct { + // The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + Item pulumi.StringInput `pulumi:"item"` + // The assertion operator. Currently, the only supported operator is "equals". + Operator pulumi.StringInput `pulumi:"operator"` + // The assertion value. + Value pulumi.StringInput `pulumi:"value"` +} + +func (GetServiceAccountFederatedIdentityProviderAssertionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (i GetServiceAccountFederatedIdentityProviderAssertionArgs) ToGetServiceAccountFederatedIdentityProviderAssertionOutput() GetServiceAccountFederatedIdentityProviderAssertionOutput { + return i.ToGetServiceAccountFederatedIdentityProviderAssertionOutputWithContext(context.Background()) +} + +func (i GetServiceAccountFederatedIdentityProviderAssertionArgs) ToGetServiceAccountFederatedIdentityProviderAssertionOutputWithContext(ctx context.Context) GetServiceAccountFederatedIdentityProviderAssertionOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServiceAccountFederatedIdentityProviderAssertionOutput) +} + +// GetServiceAccountFederatedIdentityProviderAssertionArrayInput is an input type that accepts GetServiceAccountFederatedIdentityProviderAssertionArray and GetServiceAccountFederatedIdentityProviderAssertionArrayOutput values. +// You can construct a concrete instance of `GetServiceAccountFederatedIdentityProviderAssertionArrayInput` via: +// +// GetServiceAccountFederatedIdentityProviderAssertionArray{ GetServiceAccountFederatedIdentityProviderAssertionArgs{...} } +type GetServiceAccountFederatedIdentityProviderAssertionArrayInput interface { + pulumi.Input + + ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutput() GetServiceAccountFederatedIdentityProviderAssertionArrayOutput + ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(context.Context) GetServiceAccountFederatedIdentityProviderAssertionArrayOutput +} + +type GetServiceAccountFederatedIdentityProviderAssertionArray []GetServiceAccountFederatedIdentityProviderAssertionInput + +func (GetServiceAccountFederatedIdentityProviderAssertionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (i GetServiceAccountFederatedIdentityProviderAssertionArray) ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutput() GetServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return i.ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(context.Background()) +} + +func (i GetServiceAccountFederatedIdentityProviderAssertionArray) ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(ctx context.Context) GetServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServiceAccountFederatedIdentityProviderAssertionArrayOutput) +} + +type GetServiceAccountFederatedIdentityProviderAssertionOutput struct{ *pulumi.OutputState } + +func (GetServiceAccountFederatedIdentityProviderAssertionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (o GetServiceAccountFederatedIdentityProviderAssertionOutput) ToGetServiceAccountFederatedIdentityProviderAssertionOutput() GetServiceAccountFederatedIdentityProviderAssertionOutput { + return o +} + +func (o GetServiceAccountFederatedIdentityProviderAssertionOutput) ToGetServiceAccountFederatedIdentityProviderAssertionOutputWithContext(ctx context.Context) GetServiceAccountFederatedIdentityProviderAssertionOutput { + return o +} + +// The assertion claim. At least one assertion with the claim "aud" is required for security reasons. +func (o GetServiceAccountFederatedIdentityProviderAssertionOutput) Item() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceAccountFederatedIdentityProviderAssertion) string { return v.Item }).(pulumi.StringOutput) +} + +// The assertion operator. Currently, the only supported operator is "equals". +func (o GetServiceAccountFederatedIdentityProviderAssertionOutput) Operator() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceAccountFederatedIdentityProviderAssertion) string { return v.Operator }).(pulumi.StringOutput) +} + +// The assertion value. +func (o GetServiceAccountFederatedIdentityProviderAssertionOutput) Value() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceAccountFederatedIdentityProviderAssertion) string { return v.Value }).(pulumi.StringOutput) +} + +type GetServiceAccountFederatedIdentityProviderAssertionArrayOutput struct{ *pulumi.OutputState } + +func (GetServiceAccountFederatedIdentityProviderAssertionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetServiceAccountFederatedIdentityProviderAssertion)(nil)).Elem() +} + +func (o GetServiceAccountFederatedIdentityProviderAssertionArrayOutput) ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutput() GetServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return o +} + +func (o GetServiceAccountFederatedIdentityProviderAssertionArrayOutput) ToGetServiceAccountFederatedIdentityProviderAssertionArrayOutputWithContext(ctx context.Context) GetServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return o +} + +func (o GetServiceAccountFederatedIdentityProviderAssertionArrayOutput) Index(i pulumi.IntInput) GetServiceAccountFederatedIdentityProviderAssertionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetServiceAccountFederatedIdentityProviderAssertion { + return vs[0].([]GetServiceAccountFederatedIdentityProviderAssertion)[vs[1].(int)] + }).(GetServiceAccountFederatedIdentityProviderAssertionOutput) +} + type GetServiceAccountsItem struct { // Email of the service account. Email string `pulumi:"email"` @@ -29509,6 +30556,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionConfigRedirectsRuleArrayInput)(nil)).Elem(), CdnDistributionConfigRedirectsRuleArray{}) pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionConfigRedirectsRuleMatcherInput)(nil)).Elem(), CdnDistributionConfigRedirectsRuleMatcherArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionConfigRedirectsRuleMatcherArrayInput)(nil)).Elem(), CdnDistributionConfigRedirectsRuleMatcherArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionConfigWafInput)(nil)).Elem(), CdnDistributionConfigWafArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionConfigWafPtrInput)(nil)).Elem(), CdnDistributionConfigWafArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionDomainInput)(nil)).Elem(), CdnDistributionDomainArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*CdnDistributionDomainArrayInput)(nil)).Elem(), CdnDistributionDomainArray{}) pulumi.RegisterInputType(reflect.TypeOf((*DnsRecordSetTimeoutsInput)(nil)).Elem(), DnsRecordSetTimeoutsArgs{}) @@ -29613,10 +30662,14 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*SecurityGroupRulePortRangePtrInput)(nil)).Elem(), SecurityGroupRulePortRangeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityGroupRuleProtocolInput)(nil)).Elem(), SecurityGroupRuleProtocolArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SecurityGroupRuleProtocolPtrInput)(nil)).Elem(), SecurityGroupRuleProtocolArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServerAgentInput)(nil)).Elem(), ServerAgentArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServerAgentPtrInput)(nil)).Elem(), ServerAgentArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServerBackupScheduleBackupPropertiesInput)(nil)).Elem(), ServerBackupScheduleBackupPropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServerBackupScheduleBackupPropertiesPtrInput)(nil)).Elem(), ServerBackupScheduleBackupPropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServerBootVolumeInput)(nil)).Elem(), ServerBootVolumeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServerBootVolumePtrInput)(nil)).Elem(), ServerBootVolumeArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceAccountFederatedIdentityProviderAssertionInput)(nil)).Elem(), ServiceAccountFederatedIdentityProviderAssertionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceAccountFederatedIdentityProviderAssertionArrayInput)(nil)).Elem(), ServiceAccountFederatedIdentityProviderAssertionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*SfsExportPolicyRuleInput)(nil)).Elem(), SfsExportPolicyRuleArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SfsExportPolicyRuleArrayInput)(nil)).Elem(), SfsExportPolicyRuleArray{}) pulumi.RegisterInputType(reflect.TypeOf((*SkeClusterExtensionsInput)(nil)).Elem(), SkeClusterExtensionsArgs{}) @@ -29694,6 +30747,7 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetCdnDistributionConfigRedirectsRuleArrayInput)(nil)).Elem(), GetCdnDistributionConfigRedirectsRuleArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetCdnDistributionConfigRedirectsRuleMatcherInput)(nil)).Elem(), GetCdnDistributionConfigRedirectsRuleMatcherArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetCdnDistributionConfigRedirectsRuleMatcherArrayInput)(nil)).Elem(), GetCdnDistributionConfigRedirectsRuleMatcherArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetCdnDistributionConfigWafInput)(nil)).Elem(), GetCdnDistributionConfigWafArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetCdnDistributionDomainInput)(nil)).Elem(), GetCdnDistributionDomainArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetCdnDistributionDomainArrayInput)(nil)).Elem(), GetCdnDistributionDomainArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetDnsRecordSetTimeoutsInput)(nil)).Elem(), GetDnsRecordSetTimeoutsArgs{}) @@ -29784,6 +30838,7 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetSecurityGroupRuleIcmpParametersInput)(nil)).Elem(), GetSecurityGroupRuleIcmpParametersArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSecurityGroupRulePortRangeInput)(nil)).Elem(), GetSecurityGroupRulePortRangeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSecurityGroupRuleProtocolInput)(nil)).Elem(), GetSecurityGroupRuleProtocolArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServerAgentInput)(nil)).Elem(), GetServerAgentArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServerBackupScheduleBackupPropertiesInput)(nil)).Elem(), GetServerBackupScheduleBackupPropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServerBackupSchedulesItemInput)(nil)).Elem(), GetServerBackupSchedulesItemArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServerBackupSchedulesItemArrayInput)(nil)).Elem(), GetServerBackupSchedulesItemArray{}) @@ -29791,6 +30846,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetServerBootVolumeInput)(nil)).Elem(), GetServerBootVolumeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServerUpdateSchedulesItemInput)(nil)).Elem(), GetServerUpdateSchedulesItemArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServerUpdateSchedulesItemArrayInput)(nil)).Elem(), GetServerUpdateSchedulesItemArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServiceAccountFederatedIdentityProviderAssertionInput)(nil)).Elem(), GetServiceAccountFederatedIdentityProviderAssertionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServiceAccountFederatedIdentityProviderAssertionArrayInput)(nil)).Elem(), GetServiceAccountFederatedIdentityProviderAssertionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceAccountsItemInput)(nil)).Elem(), GetServiceAccountsItemArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceAccountsItemArrayInput)(nil)).Elem(), GetServiceAccountsItemArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSfsExportPolicyRuleInput)(nil)).Elem(), GetSfsExportPolicyRuleArgs{}) @@ -29884,6 +30941,8 @@ func init() { pulumi.RegisterOutputType(CdnDistributionConfigRedirectsRuleArrayOutput{}) pulumi.RegisterOutputType(CdnDistributionConfigRedirectsRuleMatcherOutput{}) pulumi.RegisterOutputType(CdnDistributionConfigRedirectsRuleMatcherArrayOutput{}) + pulumi.RegisterOutputType(CdnDistributionConfigWafOutput{}) + pulumi.RegisterOutputType(CdnDistributionConfigWafPtrOutput{}) pulumi.RegisterOutputType(CdnDistributionDomainOutput{}) pulumi.RegisterOutputType(CdnDistributionDomainArrayOutput{}) pulumi.RegisterOutputType(DnsRecordSetTimeoutsOutput{}) @@ -29988,10 +31047,14 @@ func init() { pulumi.RegisterOutputType(SecurityGroupRulePortRangePtrOutput{}) pulumi.RegisterOutputType(SecurityGroupRuleProtocolOutput{}) pulumi.RegisterOutputType(SecurityGroupRuleProtocolPtrOutput{}) + pulumi.RegisterOutputType(ServerAgentOutput{}) + pulumi.RegisterOutputType(ServerAgentPtrOutput{}) pulumi.RegisterOutputType(ServerBackupScheduleBackupPropertiesOutput{}) pulumi.RegisterOutputType(ServerBackupScheduleBackupPropertiesPtrOutput{}) pulumi.RegisterOutputType(ServerBootVolumeOutput{}) pulumi.RegisterOutputType(ServerBootVolumePtrOutput{}) + pulumi.RegisterOutputType(ServiceAccountFederatedIdentityProviderAssertionOutput{}) + pulumi.RegisterOutputType(ServiceAccountFederatedIdentityProviderAssertionArrayOutput{}) pulumi.RegisterOutputType(SfsExportPolicyRuleOutput{}) pulumi.RegisterOutputType(SfsExportPolicyRuleArrayOutput{}) pulumi.RegisterOutputType(SkeClusterExtensionsOutput{}) @@ -30069,6 +31132,7 @@ func init() { pulumi.RegisterOutputType(GetCdnDistributionConfigRedirectsRuleArrayOutput{}) pulumi.RegisterOutputType(GetCdnDistributionConfigRedirectsRuleMatcherOutput{}) pulumi.RegisterOutputType(GetCdnDistributionConfigRedirectsRuleMatcherArrayOutput{}) + pulumi.RegisterOutputType(GetCdnDistributionConfigWafOutput{}) pulumi.RegisterOutputType(GetCdnDistributionDomainOutput{}) pulumi.RegisterOutputType(GetCdnDistributionDomainArrayOutput{}) pulumi.RegisterOutputType(GetDnsRecordSetTimeoutsOutput{}) @@ -30159,6 +31223,7 @@ func init() { pulumi.RegisterOutputType(GetSecurityGroupRuleIcmpParametersOutput{}) pulumi.RegisterOutputType(GetSecurityGroupRulePortRangeOutput{}) pulumi.RegisterOutputType(GetSecurityGroupRuleProtocolOutput{}) + pulumi.RegisterOutputType(GetServerAgentOutput{}) pulumi.RegisterOutputType(GetServerBackupScheduleBackupPropertiesOutput{}) pulumi.RegisterOutputType(GetServerBackupSchedulesItemOutput{}) pulumi.RegisterOutputType(GetServerBackupSchedulesItemArrayOutput{}) @@ -30166,6 +31231,8 @@ func init() { pulumi.RegisterOutputType(GetServerBootVolumeOutput{}) pulumi.RegisterOutputType(GetServerUpdateSchedulesItemOutput{}) pulumi.RegisterOutputType(GetServerUpdateSchedulesItemArrayOutput{}) + pulumi.RegisterOutputType(GetServiceAccountFederatedIdentityProviderAssertionOutput{}) + pulumi.RegisterOutputType(GetServiceAccountFederatedIdentityProviderAssertionArrayOutput{}) pulumi.RegisterOutputType(GetServiceAccountsItemOutput{}) pulumi.RegisterOutputType(GetServiceAccountsItemArrayOutput{}) pulumi.RegisterOutputType(GetSfsExportPolicyRuleOutput{}) diff --git a/sdk/go/stackit/server.go b/sdk/go/stackit/server.go index 71d27b8..10ae5ab 100644 --- a/sdk/go/stackit/server.go +++ b/sdk/go/stackit/server.go @@ -34,6 +34,8 @@ type Server struct { // The affinity group the server is assigned to. AffinityGroup pulumi.StringPtrOutput `pulumi:"affinityGroup"` + // The STACKIT Server Agent configured for the server + Agent ServerAgentOutput `pulumi:"agent"` // The availability zone of the server. AvailabilityZone pulumi.StringOutput `pulumi:"availabilityZone"` // The boot volume for the server @@ -106,6 +108,8 @@ func GetServer(ctx *pulumi.Context, type serverState struct { // The affinity group the server is assigned to. AffinityGroup *string `pulumi:"affinityGroup"` + // The STACKIT Server Agent configured for the server + Agent *ServerAgent `pulumi:"agent"` // The availability zone of the server. AvailabilityZone *string `pulumi:"availabilityZone"` // The boot volume for the server @@ -143,6 +147,8 @@ type serverState struct { type ServerState struct { // The affinity group the server is assigned to. AffinityGroup pulumi.StringPtrInput + // The STACKIT Server Agent configured for the server + Agent ServerAgentPtrInput // The availability zone of the server. AvailabilityZone pulumi.StringPtrInput // The boot volume for the server @@ -184,6 +190,8 @@ func (ServerState) ElementType() reflect.Type { type serverArgs struct { // The affinity group the server is assigned to. AffinityGroup *string `pulumi:"affinityGroup"` + // The STACKIT Server Agent configured for the server + Agent *ServerAgent `pulumi:"agent"` // The availability zone of the server. AvailabilityZone *string `pulumi:"availabilityZone"` // The boot volume for the server @@ -214,6 +222,8 @@ type serverArgs struct { type ServerArgs struct { // The affinity group the server is assigned to. AffinityGroup pulumi.StringPtrInput + // The STACKIT Server Agent configured for the server + Agent ServerAgentPtrInput // The availability zone of the server. AvailabilityZone pulumi.StringPtrInput // The boot volume for the server @@ -332,6 +342,11 @@ func (o ServerOutput) AffinityGroup() pulumi.StringPtrOutput { return o.ApplyT(func(v *Server) pulumi.StringPtrOutput { return v.AffinityGroup }).(pulumi.StringPtrOutput) } +// The STACKIT Server Agent configured for the server +func (o ServerOutput) Agent() ServerAgentOutput { + return o.ApplyT(func(v *Server) ServerAgentOutput { return v.Agent }).(ServerAgentOutput) +} + // The availability zone of the server. func (o ServerOutput) AvailabilityZone() pulumi.StringOutput { return o.ApplyT(func(v *Server) pulumi.StringOutput { return v.AvailabilityZone }).(pulumi.StringOutput) diff --git a/sdk/go/stackit/serviceAccountFederatedIdentityProvider.go b/sdk/go/stackit/serviceAccountFederatedIdentityProvider.go new file mode 100644 index 0000000..86a1af8 --- /dev/null +++ b/sdk/go/stackit/serviceAccountFederatedIdentityProvider.go @@ -0,0 +1,306 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package stackit + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" + "github.com/stackitcloud/pulumi-stackit/sdk/go/stackit/internal" +) + +// Service account federated identity provider schema. +// ## Example Usage +// +// ### Create a federated identity provider +// +// ### Additional Examples +type ServiceAccountFederatedIdentityProvider struct { + pulumi.CustomResourceState + + // The assertions for the federated identity provider. + Assertions ServiceAccountFederatedIdentityProviderAssertionArrayOutput `pulumi:"assertions"` + // The unique identifier for the federated identity provider associated with the service account. + FederationId pulumi.StringOutput `pulumi:"federationId"` + // The issuer URL. + Issuer pulumi.StringOutput `pulumi:"issuer"` + // The name of the federated identity provider. + Name pulumi.StringOutput `pulumi:"name"` + // The STACKIT project ID associated with the service account. + ProjectId pulumi.StringOutput `pulumi:"projectId"` + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail pulumi.StringOutput `pulumi:"serviceAccountEmail"` +} + +// NewServiceAccountFederatedIdentityProvider registers a new resource with the given unique name, arguments, and options. +func NewServiceAccountFederatedIdentityProvider(ctx *pulumi.Context, + name string, args *ServiceAccountFederatedIdentityProviderArgs, opts ...pulumi.ResourceOption) (*ServiceAccountFederatedIdentityProvider, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Assertions == nil { + return nil, errors.New("invalid value for required argument 'Assertions'") + } + if args.Issuer == nil { + return nil, errors.New("invalid value for required argument 'Issuer'") + } + if args.ProjectId == nil { + return nil, errors.New("invalid value for required argument 'ProjectId'") + } + if args.ServiceAccountEmail == nil { + return nil, errors.New("invalid value for required argument 'ServiceAccountEmail'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource ServiceAccountFederatedIdentityProvider + err := ctx.RegisterResource("stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetServiceAccountFederatedIdentityProvider gets an existing ServiceAccountFederatedIdentityProvider resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetServiceAccountFederatedIdentityProvider(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ServiceAccountFederatedIdentityProviderState, opts ...pulumi.ResourceOption) (*ServiceAccountFederatedIdentityProvider, error) { + var resource ServiceAccountFederatedIdentityProvider + err := ctx.ReadResource("stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ServiceAccountFederatedIdentityProvider resources. +type serviceAccountFederatedIdentityProviderState struct { + // The assertions for the federated identity provider. + Assertions []ServiceAccountFederatedIdentityProviderAssertion `pulumi:"assertions"` + // The unique identifier for the federated identity provider associated with the service account. + FederationId *string `pulumi:"federationId"` + // The issuer URL. + Issuer *string `pulumi:"issuer"` + // The name of the federated identity provider. + Name *string `pulumi:"name"` + // The STACKIT project ID associated with the service account. + ProjectId *string `pulumi:"projectId"` + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail *string `pulumi:"serviceAccountEmail"` +} + +type ServiceAccountFederatedIdentityProviderState struct { + // The assertions for the federated identity provider. + Assertions ServiceAccountFederatedIdentityProviderAssertionArrayInput + // The unique identifier for the federated identity provider associated with the service account. + FederationId pulumi.StringPtrInput + // The issuer URL. + Issuer pulumi.StringPtrInput + // The name of the federated identity provider. + Name pulumi.StringPtrInput + // The STACKIT project ID associated with the service account. + ProjectId pulumi.StringPtrInput + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail pulumi.StringPtrInput +} + +func (ServiceAccountFederatedIdentityProviderState) ElementType() reflect.Type { + return reflect.TypeOf((*serviceAccountFederatedIdentityProviderState)(nil)).Elem() +} + +type serviceAccountFederatedIdentityProviderArgs struct { + // The assertions for the federated identity provider. + Assertions []ServiceAccountFederatedIdentityProviderAssertion `pulumi:"assertions"` + // The issuer URL. + Issuer string `pulumi:"issuer"` + // The name of the federated identity provider. + Name *string `pulumi:"name"` + // The STACKIT project ID associated with the service account. + ProjectId string `pulumi:"projectId"` + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail string `pulumi:"serviceAccountEmail"` +} + +// The set of arguments for constructing a ServiceAccountFederatedIdentityProvider resource. +type ServiceAccountFederatedIdentityProviderArgs struct { + // The assertions for the federated identity provider. + Assertions ServiceAccountFederatedIdentityProviderAssertionArrayInput + // The issuer URL. + Issuer pulumi.StringInput + // The name of the federated identity provider. + Name pulumi.StringPtrInput + // The STACKIT project ID associated with the service account. + ProjectId pulumi.StringInput + // The email address associated with the service account, used for account identification and communication. + ServiceAccountEmail pulumi.StringInput +} + +func (ServiceAccountFederatedIdentityProviderArgs) ElementType() reflect.Type { + return reflect.TypeOf((*serviceAccountFederatedIdentityProviderArgs)(nil)).Elem() +} + +type ServiceAccountFederatedIdentityProviderInput interface { + pulumi.Input + + ToServiceAccountFederatedIdentityProviderOutput() ServiceAccountFederatedIdentityProviderOutput + ToServiceAccountFederatedIdentityProviderOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderOutput +} + +func (*ServiceAccountFederatedIdentityProvider) ElementType() reflect.Type { + return reflect.TypeOf((**ServiceAccountFederatedIdentityProvider)(nil)).Elem() +} + +func (i *ServiceAccountFederatedIdentityProvider) ToServiceAccountFederatedIdentityProviderOutput() ServiceAccountFederatedIdentityProviderOutput { + return i.ToServiceAccountFederatedIdentityProviderOutputWithContext(context.Background()) +} + +func (i *ServiceAccountFederatedIdentityProvider) ToServiceAccountFederatedIdentityProviderOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceAccountFederatedIdentityProviderOutput) +} + +// ServiceAccountFederatedIdentityProviderArrayInput is an input type that accepts ServiceAccountFederatedIdentityProviderArray and ServiceAccountFederatedIdentityProviderArrayOutput values. +// You can construct a concrete instance of `ServiceAccountFederatedIdentityProviderArrayInput` via: +// +// ServiceAccountFederatedIdentityProviderArray{ ServiceAccountFederatedIdentityProviderArgs{...} } +type ServiceAccountFederatedIdentityProviderArrayInput interface { + pulumi.Input + + ToServiceAccountFederatedIdentityProviderArrayOutput() ServiceAccountFederatedIdentityProviderArrayOutput + ToServiceAccountFederatedIdentityProviderArrayOutputWithContext(context.Context) ServiceAccountFederatedIdentityProviderArrayOutput +} + +type ServiceAccountFederatedIdentityProviderArray []ServiceAccountFederatedIdentityProviderInput + +func (ServiceAccountFederatedIdentityProviderArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ServiceAccountFederatedIdentityProvider)(nil)).Elem() +} + +func (i ServiceAccountFederatedIdentityProviderArray) ToServiceAccountFederatedIdentityProviderArrayOutput() ServiceAccountFederatedIdentityProviderArrayOutput { + return i.ToServiceAccountFederatedIdentityProviderArrayOutputWithContext(context.Background()) +} + +func (i ServiceAccountFederatedIdentityProviderArray) ToServiceAccountFederatedIdentityProviderArrayOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceAccountFederatedIdentityProviderArrayOutput) +} + +// ServiceAccountFederatedIdentityProviderMapInput is an input type that accepts ServiceAccountFederatedIdentityProviderMap and ServiceAccountFederatedIdentityProviderMapOutput values. +// You can construct a concrete instance of `ServiceAccountFederatedIdentityProviderMapInput` via: +// +// ServiceAccountFederatedIdentityProviderMap{ "key": ServiceAccountFederatedIdentityProviderArgs{...} } +type ServiceAccountFederatedIdentityProviderMapInput interface { + pulumi.Input + + ToServiceAccountFederatedIdentityProviderMapOutput() ServiceAccountFederatedIdentityProviderMapOutput + ToServiceAccountFederatedIdentityProviderMapOutputWithContext(context.Context) ServiceAccountFederatedIdentityProviderMapOutput +} + +type ServiceAccountFederatedIdentityProviderMap map[string]ServiceAccountFederatedIdentityProviderInput + +func (ServiceAccountFederatedIdentityProviderMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ServiceAccountFederatedIdentityProvider)(nil)).Elem() +} + +func (i ServiceAccountFederatedIdentityProviderMap) ToServiceAccountFederatedIdentityProviderMapOutput() ServiceAccountFederatedIdentityProviderMapOutput { + return i.ToServiceAccountFederatedIdentityProviderMapOutputWithContext(context.Background()) +} + +func (i ServiceAccountFederatedIdentityProviderMap) ToServiceAccountFederatedIdentityProviderMapOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceAccountFederatedIdentityProviderMapOutput) +} + +type ServiceAccountFederatedIdentityProviderOutput struct{ *pulumi.OutputState } + +func (ServiceAccountFederatedIdentityProviderOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ServiceAccountFederatedIdentityProvider)(nil)).Elem() +} + +func (o ServiceAccountFederatedIdentityProviderOutput) ToServiceAccountFederatedIdentityProviderOutput() ServiceAccountFederatedIdentityProviderOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderOutput) ToServiceAccountFederatedIdentityProviderOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderOutput { + return o +} + +// The assertions for the federated identity provider. +func (o ServiceAccountFederatedIdentityProviderOutput) Assertions() ServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return o.ApplyT(func(v *ServiceAccountFederatedIdentityProvider) ServiceAccountFederatedIdentityProviderAssertionArrayOutput { + return v.Assertions + }).(ServiceAccountFederatedIdentityProviderAssertionArrayOutput) +} + +// The unique identifier for the federated identity provider associated with the service account. +func (o ServiceAccountFederatedIdentityProviderOutput) FederationId() pulumi.StringOutput { + return o.ApplyT(func(v *ServiceAccountFederatedIdentityProvider) pulumi.StringOutput { return v.FederationId }).(pulumi.StringOutput) +} + +// The issuer URL. +func (o ServiceAccountFederatedIdentityProviderOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v *ServiceAccountFederatedIdentityProvider) pulumi.StringOutput { return v.Issuer }).(pulumi.StringOutput) +} + +// The name of the federated identity provider. +func (o ServiceAccountFederatedIdentityProviderOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *ServiceAccountFederatedIdentityProvider) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The STACKIT project ID associated with the service account. +func (o ServiceAccountFederatedIdentityProviderOutput) ProjectId() pulumi.StringOutput { + return o.ApplyT(func(v *ServiceAccountFederatedIdentityProvider) pulumi.StringOutput { return v.ProjectId }).(pulumi.StringOutput) +} + +// The email address associated with the service account, used for account identification and communication. +func (o ServiceAccountFederatedIdentityProviderOutput) ServiceAccountEmail() pulumi.StringOutput { + return o.ApplyT(func(v *ServiceAccountFederatedIdentityProvider) pulumi.StringOutput { return v.ServiceAccountEmail }).(pulumi.StringOutput) +} + +type ServiceAccountFederatedIdentityProviderArrayOutput struct{ *pulumi.OutputState } + +func (ServiceAccountFederatedIdentityProviderArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ServiceAccountFederatedIdentityProvider)(nil)).Elem() +} + +func (o ServiceAccountFederatedIdentityProviderArrayOutput) ToServiceAccountFederatedIdentityProviderArrayOutput() ServiceAccountFederatedIdentityProviderArrayOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderArrayOutput) ToServiceAccountFederatedIdentityProviderArrayOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderArrayOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderArrayOutput) Index(i pulumi.IntInput) ServiceAccountFederatedIdentityProviderOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *ServiceAccountFederatedIdentityProvider { + return vs[0].([]*ServiceAccountFederatedIdentityProvider)[vs[1].(int)] + }).(ServiceAccountFederatedIdentityProviderOutput) +} + +type ServiceAccountFederatedIdentityProviderMapOutput struct{ *pulumi.OutputState } + +func (ServiceAccountFederatedIdentityProviderMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ServiceAccountFederatedIdentityProvider)(nil)).Elem() +} + +func (o ServiceAccountFederatedIdentityProviderMapOutput) ToServiceAccountFederatedIdentityProviderMapOutput() ServiceAccountFederatedIdentityProviderMapOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderMapOutput) ToServiceAccountFederatedIdentityProviderMapOutputWithContext(ctx context.Context) ServiceAccountFederatedIdentityProviderMapOutput { + return o +} + +func (o ServiceAccountFederatedIdentityProviderMapOutput) MapIndex(k pulumi.StringInput) ServiceAccountFederatedIdentityProviderOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *ServiceAccountFederatedIdentityProvider { + return vs[0].(map[string]*ServiceAccountFederatedIdentityProvider)[vs[1].(string)] + }).(ServiceAccountFederatedIdentityProviderOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ServiceAccountFederatedIdentityProviderInput)(nil)).Elem(), &ServiceAccountFederatedIdentityProvider{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceAccountFederatedIdentityProviderArrayInput)(nil)).Elem(), ServiceAccountFederatedIdentityProviderArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceAccountFederatedIdentityProviderMapInput)(nil)).Elem(), ServiceAccountFederatedIdentityProviderMap{}) + pulumi.RegisterOutputType(ServiceAccountFederatedIdentityProviderOutput{}) + pulumi.RegisterOutputType(ServiceAccountFederatedIdentityProviderArrayOutput{}) + pulumi.RegisterOutputType(ServiceAccountFederatedIdentityProviderMapOutput{}) +} diff --git a/sdk/nodejs/getCdnDistribution.ts b/sdk/nodejs/getCdnDistribution.ts index a40871c..92cefa0 100644 --- a/sdk/nodejs/getCdnDistribution.ts +++ b/sdk/nodejs/getCdnDistribution.ts @@ -26,7 +26,7 @@ export function getCdnDistribution(args: GetCdnDistributionArgs, opts?: pulumi.I */ export interface GetCdnDistributionArgs { /** - * STACKIT project ID associated with the distribution + * CDN distribution ID */ distributionId: string; /** @@ -48,7 +48,7 @@ export interface GetCdnDistributionResult { */ readonly createdAt: string; /** - * STACKIT project ID associated with the distribution + * CDN distribution ID */ readonly distributionId: string; /** @@ -96,7 +96,7 @@ export function getCdnDistributionOutput(args: GetCdnDistributionOutputArgs, opt */ export interface GetCdnDistributionOutputArgs { /** - * STACKIT project ID associated with the distribution + * CDN distribution ID */ distributionId: pulumi.Input; /** diff --git a/sdk/nodejs/getObservabilityInstance.ts b/sdk/nodejs/getObservabilityInstance.ts index a5afdf1..9bef4a1 100644 --- a/sdk/nodejs/getObservabilityInstance.ts +++ b/sdk/nodejs/getObservabilityInstance.ts @@ -127,6 +127,9 @@ export interface GetObservabilityInstanceResult { * The name of the Observability instance. */ readonly name: string; + readonly otlpGrpcTracesUrl: string; + readonly otlpHttpLogsUrl: string; + readonly otlpHttpTracesUrl: string; readonly otlpTracesUrl: string; /** * Additional parameters. diff --git a/sdk/nodejs/getServer.ts b/sdk/nodejs/getServer.ts index 67c372e..5472019 100644 --- a/sdk/nodejs/getServer.ts +++ b/sdk/nodejs/getServer.ts @@ -46,6 +46,10 @@ export interface GetServerResult { * The affinity group the server is assigned to. */ readonly affinityGroup: string; + /** + * STACKIT Server Agent as setup on the server + */ + readonly agent: outputs.GetServerAgent; /** * The availability zone of the server. */ diff --git a/sdk/nodejs/getServiceAccountFederatedIdentityProvider.ts b/sdk/nodejs/getServiceAccountFederatedIdentityProvider.ts new file mode 100644 index 0000000..5d24dfb --- /dev/null +++ b/sdk/nodejs/getServiceAccountFederatedIdentityProvider.ts @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-language-nodejs. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "./types/input"; +import * as outputs from "./types/output"; +import * as utilities from "./utilities"; + +/** + * Service account federated identity provider schema. + * + * ## Example Usage + */ +export function getServiceAccountFederatedIdentityProvider(args: GetServiceAccountFederatedIdentityProviderArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", { + "federationId": args.federationId, + "projectId": args.projectId, + "serviceAccountEmail": args.serviceAccountEmail, + }, opts); +} + +/** + * A collection of arguments for invoking getServiceAccountFederatedIdentityProvider. + */ +export interface GetServiceAccountFederatedIdentityProviderArgs { + /** + * The unique identifier for the federated identity provider associated with the service account. + */ + federationId: string; + /** + * The STACKIT project ID associated with the service account. + */ + projectId: string; + /** + * The email address associated with the service account, used for account identification and communication. + */ + serviceAccountEmail: string; +} + +/** + * A collection of values returned by getServiceAccountFederatedIdentityProvider. + */ +export interface GetServiceAccountFederatedIdentityProviderResult { + /** + * The assertions for the federated identity provider. + */ + readonly assertions: outputs.GetServiceAccountFederatedIdentityProviderAssertion[]; + /** + * The unique identifier for the federated identity provider associated with the service account. + */ + readonly federationId: string; + /** + * Terraform's internal resource identifier. It is structured as "`projectId`,`serviceAccountEmail`,`federationId`". + */ + readonly id: string; + /** + * The issuer URL. + */ + readonly issuer: string; + /** + * The name of the federated identity provider. + */ + readonly name: string; + /** + * The STACKIT project ID associated with the service account. + */ + readonly projectId: string; + /** + * The email address associated with the service account, used for account identification and communication. + */ + readonly serviceAccountEmail: string; +} +/** + * Service account federated identity provider schema. + * + * ## Example Usage + */ +export function getServiceAccountFederatedIdentityProviderOutput(args: GetServiceAccountFederatedIdentityProviderOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider", { + "federationId": args.federationId, + "projectId": args.projectId, + "serviceAccountEmail": args.serviceAccountEmail, + }, opts); +} + +/** + * A collection of arguments for invoking getServiceAccountFederatedIdentityProvider. + */ +export interface GetServiceAccountFederatedIdentityProviderOutputArgs { + /** + * The unique identifier for the federated identity provider associated with the service account. + */ + federationId: pulumi.Input; + /** + * The STACKIT project ID associated with the service account. + */ + projectId: pulumi.Input; + /** + * The email address associated with the service account, used for account identification and communication. + */ + serviceAccountEmail: pulumi.Input; +} diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index 519f384..d69e537 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -475,6 +475,11 @@ export const getServiceAccount: typeof import("./getServiceAccount").getServiceA export const getServiceAccountOutput: typeof import("./getServiceAccount").getServiceAccountOutput = null as any; utilities.lazyLoad(exports, ["getServiceAccount","getServiceAccountOutput"], () => require("./getServiceAccount")); +export { GetServiceAccountFederatedIdentityProviderArgs, GetServiceAccountFederatedIdentityProviderResult, GetServiceAccountFederatedIdentityProviderOutputArgs } from "./getServiceAccountFederatedIdentityProvider"; +export const getServiceAccountFederatedIdentityProvider: typeof import("./getServiceAccountFederatedIdentityProvider").getServiceAccountFederatedIdentityProvider = null as any; +export const getServiceAccountFederatedIdentityProviderOutput: typeof import("./getServiceAccountFederatedIdentityProvider").getServiceAccountFederatedIdentityProviderOutput = null as any; +utilities.lazyLoad(exports, ["getServiceAccountFederatedIdentityProvider","getServiceAccountFederatedIdentityProviderOutput"], () => require("./getServiceAccountFederatedIdentityProvider")); + export { GetServiceAccountsArgs, GetServiceAccountsResult, GetServiceAccountsOutputArgs } from "./getServiceAccounts"; export const getServiceAccounts: typeof import("./getServiceAccounts").getServiceAccounts = null as any; export const getServiceAccountsOutput: typeof import("./getServiceAccounts").getServiceAccountsOutput = null as any; @@ -853,6 +858,11 @@ export type ServiceAccount = import("./serviceAccount").ServiceAccount; export const ServiceAccount: typeof import("./serviceAccount").ServiceAccount = null as any; utilities.lazyLoad(exports, ["ServiceAccount"], () => require("./serviceAccount")); +export { ServiceAccountFederatedIdentityProviderArgs, ServiceAccountFederatedIdentityProviderState } from "./serviceAccountFederatedIdentityProvider"; +export type ServiceAccountFederatedIdentityProvider = import("./serviceAccountFederatedIdentityProvider").ServiceAccountFederatedIdentityProvider; +export const ServiceAccountFederatedIdentityProvider: typeof import("./serviceAccountFederatedIdentityProvider").ServiceAccountFederatedIdentityProvider = null as any; +utilities.lazyLoad(exports, ["ServiceAccountFederatedIdentityProvider"], () => require("./serviceAccountFederatedIdentityProvider")); + export { ServiceAccountKeyArgs, ServiceAccountKeyState } from "./serviceAccountKey"; export type ServiceAccountKey = import("./serviceAccountKey").ServiceAccountKey; export const ServiceAccountKey: typeof import("./serviceAccountKey").ServiceAccountKey = null as any; @@ -1077,6 +1087,8 @@ const _module = { return new ServerVolumeAttach(name, undefined, { urn }) case "stackit:index/serviceAccount:ServiceAccount": return new ServiceAccount(name, undefined, { urn }) + case "stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider": + return new ServiceAccountFederatedIdentityProvider(name, undefined, { urn }) case "stackit:index/serviceAccountKey:ServiceAccountKey": return new ServiceAccountKey(name, undefined, { urn }) case "stackit:index/sfsExportPolicy:SfsExportPolicy": @@ -1182,6 +1194,7 @@ pulumi.runtime.registerResourceModule("stackit", "index/serverUpdateEnable", _mo pulumi.runtime.registerResourceModule("stackit", "index/serverUpdateSchedule", _module) pulumi.runtime.registerResourceModule("stackit", "index/serverVolumeAttach", _module) pulumi.runtime.registerResourceModule("stackit", "index/serviceAccount", _module) +pulumi.runtime.registerResourceModule("stackit", "index/serviceAccountFederatedIdentityProvider", _module) pulumi.runtime.registerResourceModule("stackit", "index/serviceAccountKey", _module) pulumi.runtime.registerResourceModule("stackit", "index/sfsExportPolicy", _module) pulumi.runtime.registerResourceModule("stackit", "index/sfsProjectLock", _module) diff --git a/sdk/nodejs/observabilityInstance.ts b/sdk/nodejs/observabilityInstance.ts index a8bd602..a194b81 100644 --- a/sdk/nodejs/observabilityInstance.ts +++ b/sdk/nodejs/observabilityInstance.ts @@ -125,6 +125,9 @@ export class ObservabilityInstance extends pulumi.CustomResource { * The name of the Observability instance. */ declare public readonly name: pulumi.Output; + declare public /*out*/ readonly otlpGrpcTracesUrl: pulumi.Output; + declare public /*out*/ readonly otlpHttpLogsUrl: pulumi.Output; + declare public /*out*/ readonly otlpHttpTracesUrl: pulumi.Output; declare public /*out*/ readonly otlpTracesUrl: pulumi.Output; /** * Additional parameters. @@ -187,6 +190,9 @@ export class ObservabilityInstance extends pulumi.CustomResource { resourceInputs["metricsRetentionDays5mDownsampling"] = state?.metricsRetentionDays5mDownsampling; resourceInputs["metricsUrl"] = state?.metricsUrl; resourceInputs["name"] = state?.name; + resourceInputs["otlpGrpcTracesUrl"] = state?.otlpGrpcTracesUrl; + resourceInputs["otlpHttpLogsUrl"] = state?.otlpHttpLogsUrl; + resourceInputs["otlpHttpTracesUrl"] = state?.otlpHttpTracesUrl; resourceInputs["otlpTracesUrl"] = state?.otlpTracesUrl; resourceInputs["parameters"] = state?.parameters; resourceInputs["planId"] = state?.planId; @@ -229,6 +235,9 @@ export class ObservabilityInstance extends pulumi.CustomResource { resourceInputs["logsUrl"] = undefined /*out*/; resourceInputs["metricsPushUrl"] = undefined /*out*/; resourceInputs["metricsUrl"] = undefined /*out*/; + resourceInputs["otlpGrpcTracesUrl"] = undefined /*out*/; + resourceInputs["otlpHttpLogsUrl"] = undefined /*out*/; + resourceInputs["otlpHttpTracesUrl"] = undefined /*out*/; resourceInputs["otlpTracesUrl"] = undefined /*out*/; resourceInputs["planId"] = undefined /*out*/; resourceInputs["targetsUrl"] = undefined /*out*/; @@ -331,6 +340,9 @@ export interface ObservabilityInstanceState { * The name of the Observability instance. */ name?: pulumi.Input; + otlpGrpcTracesUrl?: pulumi.Input; + otlpHttpLogsUrl?: pulumi.Input; + otlpHttpTracesUrl?: pulumi.Input; otlpTracesUrl?: pulumi.Input; /** * Additional parameters. diff --git a/sdk/nodejs/server.ts b/sdk/nodejs/server.ts index 8042641..66a4e88 100644 --- a/sdk/nodejs/server.ts +++ b/sdk/nodejs/server.ts @@ -57,6 +57,10 @@ export class Server extends pulumi.CustomResource { * The affinity group the server is assigned to. */ declare public readonly affinityGroup: pulumi.Output; + /** + * The STACKIT Server Agent configured for the server + */ + declare public readonly agent: pulumi.Output; /** * The availability zone of the server. */ @@ -136,6 +140,7 @@ export class Server extends pulumi.CustomResource { if (opts.id) { const state = argsOrState as ServerState | undefined; resourceInputs["affinityGroup"] = state?.affinityGroup; + resourceInputs["agent"] = state?.agent; resourceInputs["availabilityZone"] = state?.availabilityZone; resourceInputs["bootVolume"] = state?.bootVolume; resourceInputs["createdAt"] = state?.createdAt; @@ -161,6 +166,7 @@ export class Server extends pulumi.CustomResource { throw new Error("Missing required property 'projectId'"); } resourceInputs["affinityGroup"] = args?.affinityGroup; + resourceInputs["agent"] = args?.agent; resourceInputs["availabilityZone"] = args?.availabilityZone; resourceInputs["bootVolume"] = args?.bootVolume; resourceInputs["desiredStatus"] = args?.desiredStatus; @@ -191,6 +197,10 @@ export interface ServerState { * The affinity group the server is assigned to. */ affinityGroup?: pulumi.Input; + /** + * The STACKIT Server Agent configured for the server + */ + agent?: pulumi.Input; /** * The availability zone of the server. */ @@ -265,6 +275,10 @@ export interface ServerArgs { * The affinity group the server is assigned to. */ affinityGroup?: pulumi.Input; + /** + * The STACKIT Server Agent configured for the server + */ + agent?: pulumi.Input; /** * The availability zone of the server. */ diff --git a/sdk/nodejs/serviceAccountFederatedIdentityProvider.ts b/sdk/nodejs/serviceAccountFederatedIdentityProvider.ts new file mode 100644 index 0000000..416a8dc --- /dev/null +++ b/sdk/nodejs/serviceAccountFederatedIdentityProvider.ts @@ -0,0 +1,169 @@ +// *** WARNING: this file was generated by pulumi-language-nodejs. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "./types/input"; +import * as outputs from "./types/output"; +import * as utilities from "./utilities"; + +/** + * Service account federated identity provider schema. + * ## Example Usage + * + * ### Create a federated identity provider + * + * ### Additional Examples + */ +export class ServiceAccountFederatedIdentityProvider extends pulumi.CustomResource { + /** + * Get an existing ServiceAccountFederatedIdentityProvider resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: ServiceAccountFederatedIdentityProviderState, opts?: pulumi.CustomResourceOptions): ServiceAccountFederatedIdentityProvider { + return new ServiceAccountFederatedIdentityProvider(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider'; + + /** + * Returns true if the given object is an instance of ServiceAccountFederatedIdentityProvider. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ServiceAccountFederatedIdentityProvider { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ServiceAccountFederatedIdentityProvider.__pulumiType; + } + + /** + * The assertions for the federated identity provider. + */ + declare public readonly assertions: pulumi.Output; + /** + * The unique identifier for the federated identity provider associated with the service account. + */ + declare public /*out*/ readonly federationId: pulumi.Output; + /** + * The issuer URL. + */ + declare public readonly issuer: pulumi.Output; + /** + * The name of the federated identity provider. + */ + declare public readonly name: pulumi.Output; + /** + * The STACKIT project ID associated with the service account. + */ + declare public readonly projectId: pulumi.Output; + /** + * The email address associated with the service account, used for account identification and communication. + */ + declare public readonly serviceAccountEmail: pulumi.Output; + + /** + * Create a ServiceAccountFederatedIdentityProvider resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ServiceAccountFederatedIdentityProviderArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: ServiceAccountFederatedIdentityProviderArgs | ServiceAccountFederatedIdentityProviderState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as ServiceAccountFederatedIdentityProviderState | undefined; + resourceInputs["assertions"] = state?.assertions; + resourceInputs["federationId"] = state?.federationId; + resourceInputs["issuer"] = state?.issuer; + resourceInputs["name"] = state?.name; + resourceInputs["projectId"] = state?.projectId; + resourceInputs["serviceAccountEmail"] = state?.serviceAccountEmail; + } else { + const args = argsOrState as ServiceAccountFederatedIdentityProviderArgs | undefined; + if (args?.assertions === undefined && !opts.urn) { + throw new Error("Missing required property 'assertions'"); + } + if (args?.issuer === undefined && !opts.urn) { + throw new Error("Missing required property 'issuer'"); + } + if (args?.projectId === undefined && !opts.urn) { + throw new Error("Missing required property 'projectId'"); + } + if (args?.serviceAccountEmail === undefined && !opts.urn) { + throw new Error("Missing required property 'serviceAccountEmail'"); + } + resourceInputs["assertions"] = args?.assertions; + resourceInputs["issuer"] = args?.issuer; + resourceInputs["name"] = args?.name; + resourceInputs["projectId"] = args?.projectId; + resourceInputs["serviceAccountEmail"] = args?.serviceAccountEmail; + resourceInputs["federationId"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(ServiceAccountFederatedIdentityProvider.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering ServiceAccountFederatedIdentityProvider resources. + */ +export interface ServiceAccountFederatedIdentityProviderState { + /** + * The assertions for the federated identity provider. + */ + assertions?: pulumi.Input[]>; + /** + * The unique identifier for the federated identity provider associated with the service account. + */ + federationId?: pulumi.Input; + /** + * The issuer URL. + */ + issuer?: pulumi.Input; + /** + * The name of the federated identity provider. + */ + name?: pulumi.Input; + /** + * The STACKIT project ID associated with the service account. + */ + projectId?: pulumi.Input; + /** + * The email address associated with the service account, used for account identification and communication. + */ + serviceAccountEmail?: pulumi.Input; +} + +/** + * The set of arguments for constructing a ServiceAccountFederatedIdentityProvider resource. + */ +export interface ServiceAccountFederatedIdentityProviderArgs { + /** + * The assertions for the federated identity provider. + */ + assertions: pulumi.Input[]>; + /** + * The issuer URL. + */ + issuer: pulumi.Input; + /** + * The name of the federated identity provider. + */ + name?: pulumi.Input; + /** + * The STACKIT project ID associated with the service account. + */ + projectId: pulumi.Input; + /** + * The email address associated with the service account, used for account identification and communication. + */ + serviceAccountEmail: pulumi.Input; +} diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index 248dd3a..05f7102 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -115,6 +115,7 @@ "getServerUpdateSchedule.ts", "getServerUpdateSchedules.ts", "getServiceAccount.ts", + "getServiceAccountFederatedIdentityProvider.ts", "getServiceAccounts.ts", "getSfsExportPolicy.ts", "getSfsProjectLock.ts", @@ -192,6 +193,7 @@ "serverUpdateSchedule.ts", "serverVolumeAttach.ts", "serviceAccount.ts", + "serviceAccountFederatedIdentityProvider.ts", "serviceAccountKey.ts", "sfsExportPolicy.ts", "sfsProjectLock.ts", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 83ac32e..484db3a 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -358,6 +358,10 @@ export interface CdnDistributionConfig { * The configured regions where content will be hosted */ regions: pulumi.Input[]>; + /** + * Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + */ + waf?: pulumi.Input; } export interface CdnDistributionConfigBackend { @@ -451,6 +455,69 @@ export interface CdnDistributionConfigRedirectsRuleMatcher { values: pulumi.Input[]>; } +export interface CdnDistributionConfigWaf { + /** + * Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + */ + allowedHttpMethods?: pulumi.Input[]>; + /** + * Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + */ + allowedHttpVersions?: pulumi.Input[]>; + /** + * Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + */ + allowedRequestContentTypes?: pulumi.Input[]>; + /** + * Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleCollectionIds?: pulumi.Input[]>; + /** + * Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleGroupIds?: pulumi.Input[]>; + /** + * Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleIds?: pulumi.Input[]>; + /** + * Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleCollectionIds?: pulumi.Input[]>; + /** + * Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleGroupIds?: pulumi.Input[]>; + /** + * Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleIds?: pulumi.Input[]>; + /** + * Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleCollectionIds?: pulumi.Input[]>; + /** + * Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleGroupIds?: pulumi.Input[]>; + /** + * Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleIds?: pulumi.Input[]>; + /** + * The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + */ + mode?: pulumi.Input; + /** + * Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + */ + paranoiaLevel?: pulumi.Input; + /** + * The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + */ + type?: pulumi.Input; +} + export interface CdnDistributionDomain { /** * List of domain errors @@ -1624,6 +1691,17 @@ export interface SecurityGroupRuleProtocol { number?: pulumi.Input; } +export interface ServerAgent { + /** + * Whether a STACKIT Server Agent is provisioned at the server + */ + provisioned?: pulumi.Input; + /** + * Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + */ + provisioningPolicy?: pulumi.Input; +} + export interface ServerBackupScheduleBackupProperties { name: pulumi.Input; retentionPeriod: pulumi.Input; @@ -1657,6 +1735,21 @@ export interface ServerBootVolume { sourceType: pulumi.Input; } +export interface ServiceAccountFederatedIdentityProviderAssertion { + /** + * The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + */ + item: pulumi.Input; + /** + * The assertion operator. Currently, the only supported operator is "equals". + */ + operator: pulumi.Input; + /** + * The assertion value. + */ + value: pulumi.Input; +} + export interface SfsExportPolicyRule { /** * Description of the Rule diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 22f8758..8fb3c53 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -358,6 +358,10 @@ export interface CdnDistributionConfig { * The configured regions where content will be hosted */ regions: string[]; + /** + * Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + */ + waf: outputs.CdnDistributionConfigWaf; } export interface CdnDistributionConfigBackend { @@ -451,6 +455,69 @@ export interface CdnDistributionConfigRedirectsRuleMatcher { values: string[]; } +export interface CdnDistributionConfigWaf { + /** + * Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + */ + allowedHttpMethods: string[]; + /** + * Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + */ + allowedHttpVersions: string[]; + /** + * Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + */ + allowedRequestContentTypes: string[]; + /** + * Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleCollectionIds: string[]; + /** + * Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleGroupIds: string[]; + /** + * Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleIds: string[]; + /** + * Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleCollectionIds: string[]; + /** + * Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleGroupIds: string[]; + /** + * Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleIds: string[]; + /** + * Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleCollectionIds: string[]; + /** + * Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleGroupIds: string[]; + /** + * Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleIds: string[]; + /** + * The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + */ + mode: string; + /** + * Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + */ + paranoiaLevel: string; + /** + * The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + */ + type: string; +} + export interface CdnDistributionDomain { /** * List of domain errors @@ -853,6 +920,10 @@ export interface GetCdnDistributionConfig { * The configured regions where content will be hosted */ regions: string[]; + /** + * Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + */ + waf: outputs.GetCdnDistributionConfigWaf; } export interface GetCdnDistributionConfigBackend { @@ -931,6 +1002,69 @@ export interface GetCdnDistributionConfigRedirectsRuleMatcher { values: string[]; } +export interface GetCdnDistributionConfigWaf { + /** + * Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + */ + allowedHttpMethods: string[]; + /** + * Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + */ + allowedHttpVersions: string[]; + /** + * Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + */ + allowedRequestContentTypes: string[]; + /** + * Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleCollectionIds: string[]; + /** + * Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleGroupIds: string[]; + /** + * Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + disabledRuleIds: string[]; + /** + * Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleCollectionIds: string[]; + /** + * Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleGroupIds: string[]; + /** + * Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + enabledRuleIds: string[]; + /** + * Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleCollectionIds: string[]; + /** + * Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleGroupIds: string[]; + /** + * Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + */ + logOnlyRuleIds: string[]; + /** + * The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + */ + mode: string; + /** + * Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + */ + paranoiaLevel: string; + /** + * The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + */ + type: string; +} + export interface GetCdnDistributionDomain { /** * List of domain errors @@ -2245,6 +2379,13 @@ export interface GetSecurityGroupRuleProtocol { number: number; } +export interface GetServerAgent { + /** + * Whether a STACKIT Server Agent is provisioned at the server + */ + provisioned: boolean; +} + export interface GetServerBackupScheduleBackupProperties { name: string; retentionPeriod: number; @@ -2308,6 +2449,21 @@ export interface GetServerUpdateSchedulesItem { updateScheduleId: number; } +export interface GetServiceAccountFederatedIdentityProviderAssertion { + /** + * The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + */ + item: string; + /** + * The assertion operator. Currently, the only supported operator is "equals". + */ + operator: string; + /** + * The assertion value. + */ + value: string; +} + export interface GetServiceAccountsItem { /** * Email of the service account. @@ -3685,6 +3841,17 @@ export interface SecurityGroupRuleProtocol { number: number; } +export interface ServerAgent { + /** + * Whether a STACKIT Server Agent is provisioned at the server + */ + provisioned: boolean; + /** + * Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + */ + provisioningPolicy: string; +} + export interface ServerBackupScheduleBackupProperties { name: string; retentionPeriod: number; @@ -3718,6 +3885,21 @@ export interface ServerBootVolume { sourceType: string; } +export interface ServiceAccountFederatedIdentityProviderAssertion { + /** + * The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + */ + item: string; + /** + * The assertion operator. Currently, the only supported operator is "equals". + */ + operator: string; + /** + * The assertion value. + */ + value: string; +} + export interface SfsExportPolicyRule { /** * Description of the Rule diff --git a/sdk/python/README.md b/sdk/python/README.md index b5b4f39..140117b 100644 --- a/sdk/python/README.md +++ b/sdk/python/README.md @@ -53,3 +53,8 @@ A detailed authentication guide, information on how to use beta and experimental ## Reference For detailed reference documentation, please visit [the Pulumi registry](https://www.pulumi.com/registry/packages/stackit/api-docs/). + +## Contribute + +Your contribution is welcome! For more details on how to contribute, refer to our [Contribution Guide](./CONTRIBUTING.md). + diff --git a/sdk/python/pulumi_stackit/__init__.py b/sdk/python/pulumi_stackit/__init__.py index 09998e4..2dbc7a2 100644 --- a/sdk/python/pulumi_stackit/__init__.py +++ b/sdk/python/pulumi_stackit/__init__.py @@ -100,6 +100,7 @@ from .get_server_update_schedule import * from .get_server_update_schedules import * from .get_service_account import * +from .get_service_account_federated_identity_provider import * from .get_service_accounts import * from .get_sfs_export_policy import * from .get_sfs_project_lock import * @@ -176,6 +177,7 @@ from .server_update_schedule import * from .server_volume_attach import * from .service_account import * +from .service_account_federated_identity_provider import * from .service_account_key import * from .sfs_export_policy import * from .sfs_project_lock import * @@ -839,6 +841,14 @@ "stackit:index/serviceAccount:ServiceAccount": "ServiceAccount" } }, + { + "pkg": "stackit", + "mod": "index/serviceAccountFederatedIdentityProvider", + "fqn": "pulumi_stackit", + "classes": { + "stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider": "ServiceAccountFederatedIdentityProvider" + } + }, { "pkg": "stackit", "mod": "index/serviceAccountKey", diff --git a/sdk/python/pulumi_stackit/_inputs.py b/sdk/python/pulumi_stackit/_inputs.py index 5c3d0e1..973a9fd 100644 --- a/sdk/python/pulumi_stackit/_inputs.py +++ b/sdk/python/pulumi_stackit/_inputs.py @@ -79,6 +79,8 @@ 'CdnDistributionConfigRedirectsRuleArgsDict', 'CdnDistributionConfigRedirectsRuleMatcherArgs', 'CdnDistributionConfigRedirectsRuleMatcherArgsDict', + 'CdnDistributionConfigWafArgs', + 'CdnDistributionConfigWafArgsDict', 'CdnDistributionDomainArgs', 'CdnDistributionDomainArgsDict', 'DnsRecordSetTimeoutsArgs', @@ -183,10 +185,14 @@ 'SecurityGroupRulePortRangeArgsDict', 'SecurityGroupRuleProtocolArgs', 'SecurityGroupRuleProtocolArgsDict', + 'ServerAgentArgs', + 'ServerAgentArgsDict', 'ServerBackupScheduleBackupPropertiesArgs', 'ServerBackupScheduleBackupPropertiesArgsDict', 'ServerBootVolumeArgs', 'ServerBootVolumeArgsDict', + 'ServiceAccountFederatedIdentityProviderAssertionArgs', + 'ServiceAccountFederatedIdentityProviderAssertionArgsDict', 'SfsExportPolicyRuleArgs', 'SfsExportPolicyRuleArgsDict', 'SkeClusterExtensionsArgs', @@ -1738,6 +1744,10 @@ class CdnDistributionConfigArgsDict(TypedDict): """ A wrapper for a list of redirect rules that allows for redirect settings on a distribution """ + waf: NotRequired[pulumi.Input['CdnDistributionConfigWafArgsDict']] + """ + Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + """ @pulumi.input_type class CdnDistributionConfigArgs: @@ -1746,13 +1756,15 @@ def __init__(__self__, *, regions: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]], blocked_countries: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, optimizer: Optional[pulumi.Input['CdnDistributionConfigOptimizerArgs']] = None, - redirects: Optional[pulumi.Input['CdnDistributionConfigRedirectsArgs']] = None): + redirects: Optional[pulumi.Input['CdnDistributionConfigRedirectsArgs']] = None, + waf: Optional[pulumi.Input['CdnDistributionConfigWafArgs']] = None): """ :param pulumi.Input['CdnDistributionConfigBackendArgs'] backend: The configured backend for the distribution :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] regions: The configured regions where content will be hosted :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_countries: The configured countries where distribution of content is blocked :param pulumi.Input['CdnDistributionConfigOptimizerArgs'] optimizer: Configuration for the Image Optimizer. This is a paid feature that automatically optimizes images to reduce their file size for faster delivery, leading to improved website performance and a better user experience. :param pulumi.Input['CdnDistributionConfigRedirectsArgs'] redirects: A wrapper for a list of redirect rules that allows for redirect settings on a distribution + :param pulumi.Input['CdnDistributionConfigWafArgs'] waf: Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. """ pulumi.set(__self__, "backend", backend) pulumi.set(__self__, "regions", regions) @@ -1762,6 +1774,8 @@ def __init__(__self__, *, pulumi.set(__self__, "optimizer", optimizer) if redirects is not None: pulumi.set(__self__, "redirects", redirects) + if waf is not None: + pulumi.set(__self__, "waf", waf) @_builtins.property @pulumi.getter @@ -1823,6 +1837,18 @@ def redirects(self) -> Optional[pulumi.Input['CdnDistributionConfigRedirectsArgs def redirects(self, value: Optional[pulumi.Input['CdnDistributionConfigRedirectsArgs']]): pulumi.set(self, "redirects", value) + @_builtins.property + @pulumi.getter + def waf(self) -> Optional[pulumi.Input['CdnDistributionConfigWafArgs']]: + """ + Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + """ + return pulumi.get(self, "waf") + + @waf.setter + def waf(self, value: Optional[pulumi.Input['CdnDistributionConfigWafArgs']]): + pulumi.set(self, "waf", value) + class CdnDistributionConfigBackendArgsDict(TypedDict): type: pulumi.Input[_builtins.str] @@ -2241,6 +2267,315 @@ def value_match_condition(self, value: Optional[pulumi.Input[_builtins.str]]): pulumi.set(self, "value_match_condition", value) +class CdnDistributionConfigWafArgsDict(TypedDict): + allowed_http_methods: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + """ + allowed_http_versions: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + """ + allowed_request_content_types: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + """ + disabled_rule_collection_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + disabled_rule_group_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + disabled_rule_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + enabled_rule_collection_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + enabled_rule_group_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + enabled_rule_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + log_only_rule_collection_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + log_only_rule_group_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + log_only_rule_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] + """ + Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + mode: NotRequired[pulumi.Input[_builtins.str]] + """ + The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + """ + paranoia_level: NotRequired[pulumi.Input[_builtins.str]] + """ + Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + """ + type: NotRequired[pulumi.Input[_builtins.str]] + """ + The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + +@pulumi.input_type +class CdnDistributionConfigWafArgs: + def __init__(__self__, *, + allowed_http_methods: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + allowed_http_versions: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + allowed_request_content_types: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + disabled_rule_collection_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + disabled_rule_group_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + disabled_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + enabled_rule_collection_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + enabled_rule_group_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + enabled_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + log_only_rule_collection_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + log_only_rule_group_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + log_only_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None, + mode: Optional[pulumi.Input[_builtins.str]] = None, + paranoia_level: Optional[pulumi.Input[_builtins.str]] = None, + type: Optional[pulumi.Input[_builtins.str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_http_methods: Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_http_versions: Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] allowed_request_content_types: Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disabled_rule_collection_ids: Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disabled_rule_group_ids: Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] disabled_rule_ids: Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_rule_collection_ids: Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_rule_group_ids: Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_rule_ids: Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] log_only_rule_collection_ids: Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] log_only_rule_group_ids: Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] log_only_rule_ids: Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param pulumi.Input[_builtins.str] mode: The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + :param pulumi.Input[_builtins.str] paranoia_level: Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + :param pulumi.Input[_builtins.str] type: The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + if allowed_http_methods is not None: + pulumi.set(__self__, "allowed_http_methods", allowed_http_methods) + if allowed_http_versions is not None: + pulumi.set(__self__, "allowed_http_versions", allowed_http_versions) + if allowed_request_content_types is not None: + pulumi.set(__self__, "allowed_request_content_types", allowed_request_content_types) + if disabled_rule_collection_ids is not None: + pulumi.set(__self__, "disabled_rule_collection_ids", disabled_rule_collection_ids) + if disabled_rule_group_ids is not None: + pulumi.set(__self__, "disabled_rule_group_ids", disabled_rule_group_ids) + if disabled_rule_ids is not None: + pulumi.set(__self__, "disabled_rule_ids", disabled_rule_ids) + if enabled_rule_collection_ids is not None: + pulumi.set(__self__, "enabled_rule_collection_ids", enabled_rule_collection_ids) + if enabled_rule_group_ids is not None: + pulumi.set(__self__, "enabled_rule_group_ids", enabled_rule_group_ids) + if enabled_rule_ids is not None: + pulumi.set(__self__, "enabled_rule_ids", enabled_rule_ids) + if log_only_rule_collection_ids is not None: + pulumi.set(__self__, "log_only_rule_collection_ids", log_only_rule_collection_ids) + if log_only_rule_group_ids is not None: + pulumi.set(__self__, "log_only_rule_group_ids", log_only_rule_group_ids) + if log_only_rule_ids is not None: + pulumi.set(__self__, "log_only_rule_ids", log_only_rule_ids) + if mode is not None: + pulumi.set(__self__, "mode", mode) + if paranoia_level is not None: + pulumi.set(__self__, "paranoia_level", paranoia_level) + if type is not None: + pulumi.set(__self__, "type", type) + + @_builtins.property + @pulumi.getter(name="allowedHttpMethods") + def allowed_http_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + """ + return pulumi.get(self, "allowed_http_methods") + + @allowed_http_methods.setter + def allowed_http_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "allowed_http_methods", value) + + @_builtins.property + @pulumi.getter(name="allowedHttpVersions") + def allowed_http_versions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + """ + return pulumi.get(self, "allowed_http_versions") + + @allowed_http_versions.setter + def allowed_http_versions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "allowed_http_versions", value) + + @_builtins.property + @pulumi.getter(name="allowedRequestContentTypes") + def allowed_request_content_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + """ + return pulumi.get(self, "allowed_request_content_types") + + @allowed_request_content_types.setter + def allowed_request_content_types(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "allowed_request_content_types", value) + + @_builtins.property + @pulumi.getter(name="disabledRuleCollectionIds") + def disabled_rule_collection_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_collection_ids") + + @disabled_rule_collection_ids.setter + def disabled_rule_collection_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "disabled_rule_collection_ids", value) + + @_builtins.property + @pulumi.getter(name="disabledRuleGroupIds") + def disabled_rule_group_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_group_ids") + + @disabled_rule_group_ids.setter + def disabled_rule_group_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "disabled_rule_group_ids", value) + + @_builtins.property + @pulumi.getter(name="disabledRuleIds") + def disabled_rule_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_ids") + + @disabled_rule_ids.setter + def disabled_rule_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "disabled_rule_ids", value) + + @_builtins.property + @pulumi.getter(name="enabledRuleCollectionIds") + def enabled_rule_collection_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_collection_ids") + + @enabled_rule_collection_ids.setter + def enabled_rule_collection_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "enabled_rule_collection_ids", value) + + @_builtins.property + @pulumi.getter(name="enabledRuleGroupIds") + def enabled_rule_group_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_group_ids") + + @enabled_rule_group_ids.setter + def enabled_rule_group_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "enabled_rule_group_ids", value) + + @_builtins.property + @pulumi.getter(name="enabledRuleIds") + def enabled_rule_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_ids") + + @enabled_rule_ids.setter + def enabled_rule_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "enabled_rule_ids", value) + + @_builtins.property + @pulumi.getter(name="logOnlyRuleCollectionIds") + def log_only_rule_collection_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_collection_ids") + + @log_only_rule_collection_ids.setter + def log_only_rule_collection_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "log_only_rule_collection_ids", value) + + @_builtins.property + @pulumi.getter(name="logOnlyRuleGroupIds") + def log_only_rule_group_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_group_ids") + + @log_only_rule_group_ids.setter + def log_only_rule_group_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "log_only_rule_group_ids", value) + + @_builtins.property + @pulumi.getter(name="logOnlyRuleIds") + def log_only_rule_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]: + """ + Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_ids") + + @log_only_rule_ids.setter + def log_only_rule_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]): + pulumi.set(self, "log_only_rule_ids", value) + + @_builtins.property + @pulumi.getter + def mode(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + """ + return pulumi.get(self, "mode") + + @mode.setter + def mode(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "mode", value) + + @_builtins.property + @pulumi.getter(name="paranoiaLevel") + def paranoia_level(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + """ + return pulumi.get(self, "paranoia_level") + + @paranoia_level.setter + def paranoia_level(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "paranoia_level", value) + + @_builtins.property + @pulumi.getter + def type(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + return pulumi.get(self, "type") + + @type.setter + def type(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "type", value) + + class CdnDistributionDomainArgsDict(TypedDict): errors: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] """ @@ -7470,6 +7805,55 @@ def number(self, value: Optional[pulumi.Input[_builtins.int]]): pulumi.set(self, "number", value) +class ServerAgentArgsDict(TypedDict): + provisioned: NotRequired[pulumi.Input[_builtins.bool]] + """ + Whether a STACKIT Server Agent is provisioned at the server + """ + provisioning_policy: NotRequired[pulumi.Input[_builtins.str]] + """ + Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + """ + +@pulumi.input_type +class ServerAgentArgs: + def __init__(__self__, *, + provisioned: Optional[pulumi.Input[_builtins.bool]] = None, + provisioning_policy: Optional[pulumi.Input[_builtins.str]] = None): + """ + :param pulumi.Input[_builtins.bool] provisioned: Whether a STACKIT Server Agent is provisioned at the server + :param pulumi.Input[_builtins.str] provisioning_policy: Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + """ + if provisioned is not None: + pulumi.set(__self__, "provisioned", provisioned) + if provisioning_policy is not None: + pulumi.set(__self__, "provisioning_policy", provisioning_policy) + + @_builtins.property + @pulumi.getter + def provisioned(self) -> Optional[pulumi.Input[_builtins.bool]]: + """ + Whether a STACKIT Server Agent is provisioned at the server + """ + return pulumi.get(self, "provisioned") + + @provisioned.setter + def provisioned(self, value: Optional[pulumi.Input[_builtins.bool]]): + pulumi.set(self, "provisioned", value) + + @_builtins.property + @pulumi.getter(name="provisioningPolicy") + def provisioning_policy(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + """ + return pulumi.get(self, "provisioning_policy") + + @provisioning_policy.setter + def provisioning_policy(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "provisioning_policy", value) + + class ServerBackupScheduleBackupPropertiesArgsDict(TypedDict): name: pulumi.Input[_builtins.str] retention_period: pulumi.Input[_builtins.int] @@ -7641,6 +8025,72 @@ def size(self, value: Optional[pulumi.Input[_builtins.int]]): pulumi.set(self, "size", value) +class ServiceAccountFederatedIdentityProviderAssertionArgsDict(TypedDict): + item: pulumi.Input[_builtins.str] + """ + The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + """ + operator: pulumi.Input[_builtins.str] + """ + The assertion operator. Currently, the only supported operator is "equals". + """ + value: pulumi.Input[_builtins.str] + """ + The assertion value. + """ + +@pulumi.input_type +class ServiceAccountFederatedIdentityProviderAssertionArgs: + def __init__(__self__, *, + item: pulumi.Input[_builtins.str], + operator: pulumi.Input[_builtins.str], + value: pulumi.Input[_builtins.str]): + """ + :param pulumi.Input[_builtins.str] item: The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + :param pulumi.Input[_builtins.str] operator: The assertion operator. Currently, the only supported operator is "equals". + :param pulumi.Input[_builtins.str] value: The assertion value. + """ + pulumi.set(__self__, "item", item) + pulumi.set(__self__, "operator", operator) + pulumi.set(__self__, "value", value) + + @_builtins.property + @pulumi.getter + def item(self) -> pulumi.Input[_builtins.str]: + """ + The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + """ + return pulumi.get(self, "item") + + @item.setter + def item(self, value: pulumi.Input[_builtins.str]): + pulumi.set(self, "item", value) + + @_builtins.property + @pulumi.getter + def operator(self) -> pulumi.Input[_builtins.str]: + """ + The assertion operator. Currently, the only supported operator is "equals". + """ + return pulumi.get(self, "operator") + + @operator.setter + def operator(self, value: pulumi.Input[_builtins.str]): + pulumi.set(self, "operator", value) + + @_builtins.property + @pulumi.getter + def value(self) -> pulumi.Input[_builtins.str]: + """ + The assertion value. + """ + return pulumi.get(self, "value") + + @value.setter + def value(self, value: pulumi.Input[_builtins.str]): + pulumi.set(self, "value", value) + + class SfsExportPolicyRuleArgsDict(TypedDict): ip_acls: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] """ diff --git a/sdk/python/pulumi_stackit/get_cdn_distribution.py b/sdk/python/pulumi_stackit/get_cdn_distribution.py index f480414..b0f663a 100644 --- a/sdk/python/pulumi_stackit/get_cdn_distribution.py +++ b/sdk/python/pulumi_stackit/get_cdn_distribution.py @@ -76,7 +76,7 @@ def created_at(self) -> _builtins.str: @pulumi.getter(name="distributionId") def distribution_id(self) -> _builtins.str: """ - STACKIT project ID associated with the distribution + CDN distribution ID """ return pulumi.get(self, "distribution_id") @@ -157,7 +157,7 @@ def get_cdn_distribution(distribution_id: Optional[_builtins.str] = None, ## Example Usage - :param _builtins.str distribution_id: STACKIT project ID associated with the distribution + :param _builtins.str distribution_id: CDN distribution ID :param _builtins.str project_id: STACKIT project ID associated with the distribution """ __args__ = dict() @@ -187,7 +187,7 @@ def get_cdn_distribution_output(distribution_id: Optional[pulumi.Input[_builtins ## Example Usage - :param _builtins.str distribution_id: STACKIT project ID associated with the distribution + :param _builtins.str distribution_id: CDN distribution ID :param _builtins.str project_id: STACKIT project ID associated with the distribution """ __args__ = dict() diff --git a/sdk/python/pulumi_stackit/get_observability_instance.py b/sdk/python/pulumi_stackit/get_observability_instance.py index 0ab942d..82d0745 100644 --- a/sdk/python/pulumi_stackit/get_observability_instance.py +++ b/sdk/python/pulumi_stackit/get_observability_instance.py @@ -27,7 +27,7 @@ class GetObservabilityInstanceResult: """ A collection of values returned by getObservabilityInstance. """ - def __init__(__self__, acls=None, alert_config=None, alerting_url=None, dashboard_url=None, grafana_admin_enabled=None, grafana_initial_admin_password=None, grafana_initial_admin_user=None, grafana_public_read_access=None, grafana_url=None, id=None, instance_id=None, is_updatable=None, jaeger_traces_url=None, jaeger_ui_url=None, logs_push_url=None, logs_retention_days=None, logs_url=None, metrics_push_url=None, metrics_retention_days=None, metrics_retention_days1h_downsampling=None, metrics_retention_days5m_downsampling=None, metrics_url=None, name=None, otlp_traces_url=None, parameters=None, plan_id=None, plan_name=None, project_id=None, targets_url=None, traces_retention_days=None, zipkin_spans_url=None): + def __init__(__self__, acls=None, alert_config=None, alerting_url=None, dashboard_url=None, grafana_admin_enabled=None, grafana_initial_admin_password=None, grafana_initial_admin_user=None, grafana_public_read_access=None, grafana_url=None, id=None, instance_id=None, is_updatable=None, jaeger_traces_url=None, jaeger_ui_url=None, logs_push_url=None, logs_retention_days=None, logs_url=None, metrics_push_url=None, metrics_retention_days=None, metrics_retention_days1h_downsampling=None, metrics_retention_days5m_downsampling=None, metrics_url=None, name=None, otlp_grpc_traces_url=None, otlp_http_logs_url=None, otlp_http_traces_url=None, otlp_traces_url=None, parameters=None, plan_id=None, plan_name=None, project_id=None, targets_url=None, traces_retention_days=None, zipkin_spans_url=None): if acls and not isinstance(acls, list): raise TypeError("Expected argument 'acls' to be a list") pulumi.set(__self__, "acls", acls) @@ -97,6 +97,15 @@ def __init__(__self__, acls=None, alert_config=None, alerting_url=None, dashboar if name and not isinstance(name, str): raise TypeError("Expected argument 'name' to be a str") pulumi.set(__self__, "name", name) + if otlp_grpc_traces_url and not isinstance(otlp_grpc_traces_url, str): + raise TypeError("Expected argument 'otlp_grpc_traces_url' to be a str") + pulumi.set(__self__, "otlp_grpc_traces_url", otlp_grpc_traces_url) + if otlp_http_logs_url and not isinstance(otlp_http_logs_url, str): + raise TypeError("Expected argument 'otlp_http_logs_url' to be a str") + pulumi.set(__self__, "otlp_http_logs_url", otlp_http_logs_url) + if otlp_http_traces_url and not isinstance(otlp_http_traces_url, str): + raise TypeError("Expected argument 'otlp_http_traces_url' to be a str") + pulumi.set(__self__, "otlp_http_traces_url", otlp_http_traces_url) if otlp_traces_url and not isinstance(otlp_traces_url, str): raise TypeError("Expected argument 'otlp_traces_url' to be a str") pulumi.set(__self__, "otlp_traces_url", otlp_traces_url) @@ -302,6 +311,21 @@ def name(self) -> _builtins.str: """ return pulumi.get(self, "name") + @_builtins.property + @pulumi.getter(name="otlpGrpcTracesUrl") + def otlp_grpc_traces_url(self) -> _builtins.str: + return pulumi.get(self, "otlp_grpc_traces_url") + + @_builtins.property + @pulumi.getter(name="otlpHttpLogsUrl") + def otlp_http_logs_url(self) -> _builtins.str: + return pulumi.get(self, "otlp_http_logs_url") + + @_builtins.property + @pulumi.getter(name="otlpHttpTracesUrl") + def otlp_http_traces_url(self) -> _builtins.str: + return pulumi.get(self, "otlp_http_traces_url") + @_builtins.property @pulumi.getter(name="otlpTracesUrl") def otlp_traces_url(self) -> _builtins.str: @@ -390,6 +414,9 @@ def __await__(self): metrics_retention_days5m_downsampling=self.metrics_retention_days5m_downsampling, metrics_url=self.metrics_url, name=self.name, + otlp_grpc_traces_url=self.otlp_grpc_traces_url, + otlp_http_logs_url=self.otlp_http_logs_url, + otlp_http_traces_url=self.otlp_http_traces_url, otlp_traces_url=self.otlp_traces_url, parameters=self.parameters, plan_id=self.plan_id, @@ -442,6 +469,9 @@ def get_observability_instance(instance_id: Optional[_builtins.str] = None, metrics_retention_days5m_downsampling=pulumi.get(__ret__, 'metrics_retention_days5m_downsampling'), metrics_url=pulumi.get(__ret__, 'metrics_url'), name=pulumi.get(__ret__, 'name'), + otlp_grpc_traces_url=pulumi.get(__ret__, 'otlp_grpc_traces_url'), + otlp_http_logs_url=pulumi.get(__ret__, 'otlp_http_logs_url'), + otlp_http_traces_url=pulumi.get(__ret__, 'otlp_http_traces_url'), otlp_traces_url=pulumi.get(__ret__, 'otlp_traces_url'), parameters=pulumi.get(__ret__, 'parameters'), plan_id=pulumi.get(__ret__, 'plan_id'), @@ -491,6 +521,9 @@ def get_observability_instance_output(instance_id: Optional[pulumi.Input[_builti metrics_retention_days5m_downsampling=pulumi.get(__response__, 'metrics_retention_days5m_downsampling'), metrics_url=pulumi.get(__response__, 'metrics_url'), name=pulumi.get(__response__, 'name'), + otlp_grpc_traces_url=pulumi.get(__response__, 'otlp_grpc_traces_url'), + otlp_http_logs_url=pulumi.get(__response__, 'otlp_http_logs_url'), + otlp_http_traces_url=pulumi.get(__response__, 'otlp_http_traces_url'), otlp_traces_url=pulumi.get(__response__, 'otlp_traces_url'), parameters=pulumi.get(__response__, 'parameters'), plan_id=pulumi.get(__response__, 'plan_id'), diff --git a/sdk/python/pulumi_stackit/get_server.py b/sdk/python/pulumi_stackit/get_server.py index 4d81489..4d96c89 100644 --- a/sdk/python/pulumi_stackit/get_server.py +++ b/sdk/python/pulumi_stackit/get_server.py @@ -27,10 +27,13 @@ class GetServerResult: """ A collection of values returned by getServer. """ - def __init__(__self__, affinity_group=None, availability_zone=None, boot_volume=None, created_at=None, id=None, image_id=None, keypair_name=None, labels=None, launched_at=None, machine_type=None, name=None, network_interfaces=None, project_id=None, region=None, server_id=None, updated_at=None, user_data=None): + def __init__(__self__, affinity_group=None, agent=None, availability_zone=None, boot_volume=None, created_at=None, id=None, image_id=None, keypair_name=None, labels=None, launched_at=None, machine_type=None, name=None, network_interfaces=None, project_id=None, region=None, server_id=None, updated_at=None, user_data=None): if affinity_group and not isinstance(affinity_group, str): raise TypeError("Expected argument 'affinity_group' to be a str") pulumi.set(__self__, "affinity_group", affinity_group) + if agent and not isinstance(agent, dict): + raise TypeError("Expected argument 'agent' to be a dict") + pulumi.set(__self__, "agent", agent) if availability_zone and not isinstance(availability_zone, str): raise TypeError("Expected argument 'availability_zone' to be a str") pulumi.set(__self__, "availability_zone", availability_zone) @@ -88,6 +91,14 @@ def affinity_group(self) -> _builtins.str: """ return pulumi.get(self, "affinity_group") + @_builtins.property + @pulumi.getter + def agent(self) -> 'outputs.GetServerAgentResult': + """ + STACKIT Server Agent as setup on the server + """ + return pulumi.get(self, "agent") + @_builtins.property @pulumi.getter(name="availabilityZone") def availability_zone(self) -> _builtins.str: @@ -224,6 +235,7 @@ def __await__(self): yield self return GetServerResult( affinity_group=self.affinity_group, + agent=self.agent, availability_zone=self.availability_zone, boot_volume=self.boot_volume, created_at=self.created_at, @@ -265,6 +277,7 @@ def get_server(project_id: Optional[_builtins.str] = None, return AwaitableGetServerResult( affinity_group=pulumi.get(__ret__, 'affinity_group'), + agent=pulumi.get(__ret__, 'agent'), availability_zone=pulumi.get(__ret__, 'availability_zone'), boot_volume=pulumi.get(__ret__, 'boot_volume'), created_at=pulumi.get(__ret__, 'created_at'), @@ -303,6 +316,7 @@ def get_server_output(project_id: Optional[pulumi.Input[_builtins.str]] = None, __ret__ = pulumi.runtime.invoke_output('stackit:index/getServer:getServer', __args__, opts=opts, typ=GetServerResult) return __ret__.apply(lambda __response__: GetServerResult( affinity_group=pulumi.get(__response__, 'affinity_group'), + agent=pulumi.get(__response__, 'agent'), availability_zone=pulumi.get(__response__, 'availability_zone'), boot_volume=pulumi.get(__response__, 'boot_volume'), created_at=pulumi.get(__response__, 'created_at'), diff --git a/sdk/python/pulumi_stackit/get_service_account_federated_identity_provider.py b/sdk/python/pulumi_stackit/get_service_account_federated_identity_provider.py new file mode 100644 index 0000000..f76e070 --- /dev/null +++ b/sdk/python/pulumi_stackit/get_service_account_federated_identity_provider.py @@ -0,0 +1,181 @@ +# coding=utf-8 +# *** WARNING: this file was generated by pulumi-language-python. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import builtins as _builtins +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from . import _utilities +from . import outputs + +__all__ = [ + 'GetServiceAccountFederatedIdentityProviderResult', + 'AwaitableGetServiceAccountFederatedIdentityProviderResult', + 'get_service_account_federated_identity_provider', + 'get_service_account_federated_identity_provider_output', +] + +@pulumi.output_type +class GetServiceAccountFederatedIdentityProviderResult: + """ + A collection of values returned by getServiceAccountFederatedIdentityProvider. + """ + def __init__(__self__, assertions=None, federation_id=None, id=None, issuer=None, name=None, project_id=None, service_account_email=None): + if assertions and not isinstance(assertions, list): + raise TypeError("Expected argument 'assertions' to be a list") + pulumi.set(__self__, "assertions", assertions) + if federation_id and not isinstance(federation_id, str): + raise TypeError("Expected argument 'federation_id' to be a str") + pulumi.set(__self__, "federation_id", federation_id) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if issuer and not isinstance(issuer, str): + raise TypeError("Expected argument 'issuer' to be a str") + pulumi.set(__self__, "issuer", issuer) + if name and not isinstance(name, str): + raise TypeError("Expected argument 'name' to be a str") + pulumi.set(__self__, "name", name) + if project_id and not isinstance(project_id, str): + raise TypeError("Expected argument 'project_id' to be a str") + pulumi.set(__self__, "project_id", project_id) + if service_account_email and not isinstance(service_account_email, str): + raise TypeError("Expected argument 'service_account_email' to be a str") + pulumi.set(__self__, "service_account_email", service_account_email) + + @_builtins.property + @pulumi.getter + def assertions(self) -> Sequence['outputs.GetServiceAccountFederatedIdentityProviderAssertionResult']: + """ + The assertions for the federated identity provider. + """ + return pulumi.get(self, "assertions") + + @_builtins.property + @pulumi.getter(name="federationId") + def federation_id(self) -> _builtins.str: + """ + The unique identifier for the federated identity provider associated with the service account. + """ + return pulumi.get(self, "federation_id") + + @_builtins.property + @pulumi.getter + def id(self) -> _builtins.str: + """ + Terraform's internal resource identifier. It is structured as "`project_id`,`service_account_email`,`federation_id`". + """ + return pulumi.get(self, "id") + + @_builtins.property + @pulumi.getter + def issuer(self) -> _builtins.str: + """ + The issuer URL. + """ + return pulumi.get(self, "issuer") + + @_builtins.property + @pulumi.getter + def name(self) -> _builtins.str: + """ + The name of the federated identity provider. + """ + return pulumi.get(self, "name") + + @_builtins.property + @pulumi.getter(name="projectId") + def project_id(self) -> _builtins.str: + """ + The STACKIT project ID associated with the service account. + """ + return pulumi.get(self, "project_id") + + @_builtins.property + @pulumi.getter(name="serviceAccountEmail") + def service_account_email(self) -> _builtins.str: + """ + The email address associated with the service account, used for account identification and communication. + """ + return pulumi.get(self, "service_account_email") + + +class AwaitableGetServiceAccountFederatedIdentityProviderResult(GetServiceAccountFederatedIdentityProviderResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetServiceAccountFederatedIdentityProviderResult( + assertions=self.assertions, + federation_id=self.federation_id, + id=self.id, + issuer=self.issuer, + name=self.name, + project_id=self.project_id, + service_account_email=self.service_account_email) + + +def get_service_account_federated_identity_provider(federation_id: Optional[_builtins.str] = None, + project_id: Optional[_builtins.str] = None, + service_account_email: Optional[_builtins.str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetServiceAccountFederatedIdentityProviderResult: + """ + Service account federated identity provider schema. + + ## Example Usage + + + :param _builtins.str federation_id: The unique identifier for the federated identity provider associated with the service account. + :param _builtins.str project_id: The STACKIT project ID associated with the service account. + :param _builtins.str service_account_email: The email address associated with the service account, used for account identification and communication. + """ + __args__ = dict() + __args__['federationId'] = federation_id + __args__['projectId'] = project_id + __args__['serviceAccountEmail'] = service_account_email + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider', __args__, opts=opts, typ=GetServiceAccountFederatedIdentityProviderResult).value + + return AwaitableGetServiceAccountFederatedIdentityProviderResult( + assertions=pulumi.get(__ret__, 'assertions'), + federation_id=pulumi.get(__ret__, 'federation_id'), + id=pulumi.get(__ret__, 'id'), + issuer=pulumi.get(__ret__, 'issuer'), + name=pulumi.get(__ret__, 'name'), + project_id=pulumi.get(__ret__, 'project_id'), + service_account_email=pulumi.get(__ret__, 'service_account_email')) +def get_service_account_federated_identity_provider_output(federation_id: Optional[pulumi.Input[_builtins.str]] = None, + project_id: Optional[pulumi.Input[_builtins.str]] = None, + service_account_email: Optional[pulumi.Input[_builtins.str]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetServiceAccountFederatedIdentityProviderResult]: + """ + Service account federated identity provider schema. + + ## Example Usage + + + :param _builtins.str federation_id: The unique identifier for the federated identity provider associated with the service account. + :param _builtins.str project_id: The STACKIT project ID associated with the service account. + :param _builtins.str service_account_email: The email address associated with the service account, used for account identification and communication. + """ + __args__ = dict() + __args__['federationId'] = federation_id + __args__['projectId'] = project_id + __args__['serviceAccountEmail'] = service_account_email + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('stackit:index/getServiceAccountFederatedIdentityProvider:getServiceAccountFederatedIdentityProvider', __args__, opts=opts, typ=GetServiceAccountFederatedIdentityProviderResult) + return __ret__.apply(lambda __response__: GetServiceAccountFederatedIdentityProviderResult( + assertions=pulumi.get(__response__, 'assertions'), + federation_id=pulumi.get(__response__, 'federation_id'), + id=pulumi.get(__response__, 'id'), + issuer=pulumi.get(__response__, 'issuer'), + name=pulumi.get(__response__, 'name'), + project_id=pulumi.get(__response__, 'project_id'), + service_account_email=pulumi.get(__response__, 'service_account_email'))) diff --git a/sdk/python/pulumi_stackit/observability_instance.py b/sdk/python/pulumi_stackit/observability_instance.py index ffe4a7c..a129fdf 100644 --- a/sdk/python/pulumi_stackit/observability_instance.py +++ b/sdk/python/pulumi_stackit/observability_instance.py @@ -242,6 +242,9 @@ def __init__(__self__, *, metrics_retention_days5m_downsampling: Optional[pulumi.Input[_builtins.int]] = None, metrics_url: Optional[pulumi.Input[_builtins.str]] = None, name: Optional[pulumi.Input[_builtins.str]] = None, + otlp_grpc_traces_url: Optional[pulumi.Input[_builtins.str]] = None, + otlp_http_logs_url: Optional[pulumi.Input[_builtins.str]] = None, + otlp_http_traces_url: Optional[pulumi.Input[_builtins.str]] = None, otlp_traces_url: Optional[pulumi.Input[_builtins.str]] = None, parameters: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None, plan_id: Optional[pulumi.Input[_builtins.str]] = None, @@ -330,6 +333,12 @@ def __init__(__self__, *, pulumi.set(__self__, "metrics_url", metrics_url) if name is not None: pulumi.set(__self__, "name", name) + if otlp_grpc_traces_url is not None: + pulumi.set(__self__, "otlp_grpc_traces_url", otlp_grpc_traces_url) + if otlp_http_logs_url is not None: + pulumi.set(__self__, "otlp_http_logs_url", otlp_http_logs_url) + if otlp_http_traces_url is not None: + pulumi.set(__self__, "otlp_http_traces_url", otlp_http_traces_url) if otlp_traces_url is not None: pulumi.set(__self__, "otlp_traces_url", otlp_traces_url) if parameters is not None: @@ -607,6 +616,33 @@ def name(self) -> Optional[pulumi.Input[_builtins.str]]: def name(self, value: Optional[pulumi.Input[_builtins.str]]): pulumi.set(self, "name", value) + @_builtins.property + @pulumi.getter(name="otlpGrpcTracesUrl") + def otlp_grpc_traces_url(self) -> Optional[pulumi.Input[_builtins.str]]: + return pulumi.get(self, "otlp_grpc_traces_url") + + @otlp_grpc_traces_url.setter + def otlp_grpc_traces_url(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "otlp_grpc_traces_url", value) + + @_builtins.property + @pulumi.getter(name="otlpHttpLogsUrl") + def otlp_http_logs_url(self) -> Optional[pulumi.Input[_builtins.str]]: + return pulumi.get(self, "otlp_http_logs_url") + + @otlp_http_logs_url.setter + def otlp_http_logs_url(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "otlp_http_logs_url", value) + + @_builtins.property + @pulumi.getter(name="otlpHttpTracesUrl") + def otlp_http_traces_url(self) -> Optional[pulumi.Input[_builtins.str]]: + return pulumi.get(self, "otlp_http_traces_url") + + @otlp_http_traces_url.setter + def otlp_http_traces_url(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "otlp_http_traces_url", value) + @_builtins.property @pulumi.getter(name="otlpTracesUrl") def otlp_traces_url(self) -> Optional[pulumi.Input[_builtins.str]]: @@ -816,6 +852,9 @@ def _internal_init(__self__, __props__.__dict__["logs_url"] = None __props__.__dict__["metrics_push_url"] = None __props__.__dict__["metrics_url"] = None + __props__.__dict__["otlp_grpc_traces_url"] = None + __props__.__dict__["otlp_http_logs_url"] = None + __props__.__dict__["otlp_http_traces_url"] = None __props__.__dict__["otlp_traces_url"] = None __props__.__dict__["plan_id"] = None __props__.__dict__["targets_url"] = None @@ -854,6 +893,9 @@ def get(resource_name: str, metrics_retention_days5m_downsampling: Optional[pulumi.Input[_builtins.int]] = None, metrics_url: Optional[pulumi.Input[_builtins.str]] = None, name: Optional[pulumi.Input[_builtins.str]] = None, + otlp_grpc_traces_url: Optional[pulumi.Input[_builtins.str]] = None, + otlp_http_logs_url: Optional[pulumi.Input[_builtins.str]] = None, + otlp_http_traces_url: Optional[pulumi.Input[_builtins.str]] = None, otlp_traces_url: Optional[pulumi.Input[_builtins.str]] = None, parameters: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None, plan_id: Optional[pulumi.Input[_builtins.str]] = None, @@ -922,6 +964,9 @@ def get(resource_name: str, __props__.__dict__["metrics_retention_days5m_downsampling"] = metrics_retention_days5m_downsampling __props__.__dict__["metrics_url"] = metrics_url __props__.__dict__["name"] = name + __props__.__dict__["otlp_grpc_traces_url"] = otlp_grpc_traces_url + __props__.__dict__["otlp_http_logs_url"] = otlp_http_logs_url + __props__.__dict__["otlp_http_traces_url"] = otlp_http_traces_url __props__.__dict__["otlp_traces_url"] = otlp_traces_url __props__.__dict__["parameters"] = parameters __props__.__dict__["plan_id"] = plan_id @@ -1104,6 +1149,21 @@ def name(self) -> pulumi.Output[_builtins.str]: """ return pulumi.get(self, "name") + @_builtins.property + @pulumi.getter(name="otlpGrpcTracesUrl") + def otlp_grpc_traces_url(self) -> pulumi.Output[_builtins.str]: + return pulumi.get(self, "otlp_grpc_traces_url") + + @_builtins.property + @pulumi.getter(name="otlpHttpLogsUrl") + def otlp_http_logs_url(self) -> pulumi.Output[_builtins.str]: + return pulumi.get(self, "otlp_http_logs_url") + + @_builtins.property + @pulumi.getter(name="otlpHttpTracesUrl") + def otlp_http_traces_url(self) -> pulumi.Output[_builtins.str]: + return pulumi.get(self, "otlp_http_traces_url") + @_builtins.property @pulumi.getter(name="otlpTracesUrl") def otlp_traces_url(self) -> pulumi.Output[_builtins.str]: diff --git a/sdk/python/pulumi_stackit/outputs.py b/sdk/python/pulumi_stackit/outputs.py index 6358ba4..0c360c3 100644 --- a/sdk/python/pulumi_stackit/outputs.py +++ b/sdk/python/pulumi_stackit/outputs.py @@ -48,6 +48,7 @@ 'CdnDistributionConfigRedirects', 'CdnDistributionConfigRedirectsRule', 'CdnDistributionConfigRedirectsRuleMatcher', + 'CdnDistributionConfigWaf', 'CdnDistributionDomain', 'DnsRecordSetTimeouts', 'DnsZoneTimeouts', @@ -100,8 +101,10 @@ 'SecurityGroupRuleIcmpParameters', 'SecurityGroupRulePortRange', 'SecurityGroupRuleProtocol', + 'ServerAgent', 'ServerBackupScheduleBackupProperties', 'ServerBootVolume', + 'ServiceAccountFederatedIdentityProviderAssertion', 'SfsExportPolicyRule', 'SkeClusterExtensions', 'SkeClusterExtensionsAcl', @@ -150,6 +153,7 @@ 'GetCdnDistributionConfigRedirectsResult', 'GetCdnDistributionConfigRedirectsRuleResult', 'GetCdnDistributionConfigRedirectsRuleMatcherResult', + 'GetCdnDistributionConfigWafResult', 'GetCdnDistributionDomainResult', 'GetDnsRecordSetTimeoutsResult', 'GetDnsZoneTimeoutsResult', @@ -214,11 +218,13 @@ 'GetSecurityGroupRuleIcmpParametersResult', 'GetSecurityGroupRulePortRangeResult', 'GetSecurityGroupRuleProtocolResult', + 'GetServerAgentResult', 'GetServerBackupScheduleBackupPropertiesResult', 'GetServerBackupSchedulesItemResult', 'GetServerBackupSchedulesItemBackupPropertiesResult', 'GetServerBootVolumeResult', 'GetServerUpdateSchedulesItemResult', + 'GetServiceAccountFederatedIdentityProviderAssertionResult', 'GetServiceAccountsItemResult', 'GetSfsExportPolicyRuleResult', 'GetSfsResourcePoolSnapshotSnapshotResult', @@ -1517,13 +1523,15 @@ def __init__(__self__, *, regions: Sequence[_builtins.str], blocked_countries: Optional[Sequence[_builtins.str]] = None, optimizer: Optional['outputs.CdnDistributionConfigOptimizer'] = None, - redirects: Optional['outputs.CdnDistributionConfigRedirects'] = None): + redirects: Optional['outputs.CdnDistributionConfigRedirects'] = None, + waf: Optional['outputs.CdnDistributionConfigWaf'] = None): """ :param 'CdnDistributionConfigBackendArgs' backend: The configured backend for the distribution :param Sequence[_builtins.str] regions: The configured regions where content will be hosted :param Sequence[_builtins.str] blocked_countries: The configured countries where distribution of content is blocked :param 'CdnDistributionConfigOptimizerArgs' optimizer: Configuration for the Image Optimizer. This is a paid feature that automatically optimizes images to reduce their file size for faster delivery, leading to improved website performance and a better user experience. :param 'CdnDistributionConfigRedirectsArgs' redirects: A wrapper for a list of redirect rules that allows for redirect settings on a distribution + :param 'CdnDistributionConfigWafArgs' waf: Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. """ pulumi.set(__self__, "backend", backend) pulumi.set(__self__, "regions", regions) @@ -1533,6 +1541,8 @@ def __init__(__self__, *, pulumi.set(__self__, "optimizer", optimizer) if redirects is not None: pulumi.set(__self__, "redirects", redirects) + if waf is not None: + pulumi.set(__self__, "waf", waf) @_builtins.property @pulumi.getter @@ -1574,6 +1584,14 @@ def redirects(self) -> Optional['outputs.CdnDistributionConfigRedirects']: """ return pulumi.get(self, "redirects") + @_builtins.property + @pulumi.getter + def waf(self) -> Optional['outputs.CdnDistributionConfigWaf']: + """ + Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + """ + return pulumi.get(self, "waf") + @pulumi.output_type class CdnDistributionConfigBackend(dict): @@ -1909,6 +1927,234 @@ def value_match_condition(self) -> Optional[_builtins.str]: return pulumi.get(self, "value_match_condition") +@pulumi.output_type +class CdnDistributionConfigWaf(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "allowedHttpMethods": + suggest = "allowed_http_methods" + elif key == "allowedHttpVersions": + suggest = "allowed_http_versions" + elif key == "allowedRequestContentTypes": + suggest = "allowed_request_content_types" + elif key == "disabledRuleCollectionIds": + suggest = "disabled_rule_collection_ids" + elif key == "disabledRuleGroupIds": + suggest = "disabled_rule_group_ids" + elif key == "disabledRuleIds": + suggest = "disabled_rule_ids" + elif key == "enabledRuleCollectionIds": + suggest = "enabled_rule_collection_ids" + elif key == "enabledRuleGroupIds": + suggest = "enabled_rule_group_ids" + elif key == "enabledRuleIds": + suggest = "enabled_rule_ids" + elif key == "logOnlyRuleCollectionIds": + suggest = "log_only_rule_collection_ids" + elif key == "logOnlyRuleGroupIds": + suggest = "log_only_rule_group_ids" + elif key == "logOnlyRuleIds": + suggest = "log_only_rule_ids" + elif key == "paranoiaLevel": + suggest = "paranoia_level" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in CdnDistributionConfigWaf. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + CdnDistributionConfigWaf.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + CdnDistributionConfigWaf.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + allowed_http_methods: Optional[Sequence[_builtins.str]] = None, + allowed_http_versions: Optional[Sequence[_builtins.str]] = None, + allowed_request_content_types: Optional[Sequence[_builtins.str]] = None, + disabled_rule_collection_ids: Optional[Sequence[_builtins.str]] = None, + disabled_rule_group_ids: Optional[Sequence[_builtins.str]] = None, + disabled_rule_ids: Optional[Sequence[_builtins.str]] = None, + enabled_rule_collection_ids: Optional[Sequence[_builtins.str]] = None, + enabled_rule_group_ids: Optional[Sequence[_builtins.str]] = None, + enabled_rule_ids: Optional[Sequence[_builtins.str]] = None, + log_only_rule_collection_ids: Optional[Sequence[_builtins.str]] = None, + log_only_rule_group_ids: Optional[Sequence[_builtins.str]] = None, + log_only_rule_ids: Optional[Sequence[_builtins.str]] = None, + mode: Optional[_builtins.str] = None, + paranoia_level: Optional[_builtins.str] = None, + type: Optional[_builtins.str] = None): + """ + :param Sequence[_builtins.str] allowed_http_methods: Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + :param Sequence[_builtins.str] allowed_http_versions: Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + :param Sequence[_builtins.str] allowed_request_content_types: Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + :param Sequence[_builtins.str] disabled_rule_collection_ids: Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] disabled_rule_group_ids: Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] disabled_rule_ids: Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] enabled_rule_collection_ids: Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] enabled_rule_group_ids: Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] enabled_rule_ids: Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] log_only_rule_collection_ids: Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] log_only_rule_group_ids: Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] log_only_rule_ids: Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param _builtins.str mode: The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + :param _builtins.str paranoia_level: Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + :param _builtins.str type: The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + if allowed_http_methods is not None: + pulumi.set(__self__, "allowed_http_methods", allowed_http_methods) + if allowed_http_versions is not None: + pulumi.set(__self__, "allowed_http_versions", allowed_http_versions) + if allowed_request_content_types is not None: + pulumi.set(__self__, "allowed_request_content_types", allowed_request_content_types) + if disabled_rule_collection_ids is not None: + pulumi.set(__self__, "disabled_rule_collection_ids", disabled_rule_collection_ids) + if disabled_rule_group_ids is not None: + pulumi.set(__self__, "disabled_rule_group_ids", disabled_rule_group_ids) + if disabled_rule_ids is not None: + pulumi.set(__self__, "disabled_rule_ids", disabled_rule_ids) + if enabled_rule_collection_ids is not None: + pulumi.set(__self__, "enabled_rule_collection_ids", enabled_rule_collection_ids) + if enabled_rule_group_ids is not None: + pulumi.set(__self__, "enabled_rule_group_ids", enabled_rule_group_ids) + if enabled_rule_ids is not None: + pulumi.set(__self__, "enabled_rule_ids", enabled_rule_ids) + if log_only_rule_collection_ids is not None: + pulumi.set(__self__, "log_only_rule_collection_ids", log_only_rule_collection_ids) + if log_only_rule_group_ids is not None: + pulumi.set(__self__, "log_only_rule_group_ids", log_only_rule_group_ids) + if log_only_rule_ids is not None: + pulumi.set(__self__, "log_only_rule_ids", log_only_rule_ids) + if mode is not None: + pulumi.set(__self__, "mode", mode) + if paranoia_level is not None: + pulumi.set(__self__, "paranoia_level", paranoia_level) + if type is not None: + pulumi.set(__self__, "type", type) + + @_builtins.property + @pulumi.getter(name="allowedHttpMethods") + def allowed_http_methods(self) -> Optional[Sequence[_builtins.str]]: + """ + Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + """ + return pulumi.get(self, "allowed_http_methods") + + @_builtins.property + @pulumi.getter(name="allowedHttpVersions") + def allowed_http_versions(self) -> Optional[Sequence[_builtins.str]]: + """ + Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + """ + return pulumi.get(self, "allowed_http_versions") + + @_builtins.property + @pulumi.getter(name="allowedRequestContentTypes") + def allowed_request_content_types(self) -> Optional[Sequence[_builtins.str]]: + """ + Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + """ + return pulumi.get(self, "allowed_request_content_types") + + @_builtins.property + @pulumi.getter(name="disabledRuleCollectionIds") + def disabled_rule_collection_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_collection_ids") + + @_builtins.property + @pulumi.getter(name="disabledRuleGroupIds") + def disabled_rule_group_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_group_ids") + + @_builtins.property + @pulumi.getter(name="disabledRuleIds") + def disabled_rule_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_ids") + + @_builtins.property + @pulumi.getter(name="enabledRuleCollectionIds") + def enabled_rule_collection_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_collection_ids") + + @_builtins.property + @pulumi.getter(name="enabledRuleGroupIds") + def enabled_rule_group_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_group_ids") + + @_builtins.property + @pulumi.getter(name="enabledRuleIds") + def enabled_rule_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_ids") + + @_builtins.property + @pulumi.getter(name="logOnlyRuleCollectionIds") + def log_only_rule_collection_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_collection_ids") + + @_builtins.property + @pulumi.getter(name="logOnlyRuleGroupIds") + def log_only_rule_group_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_group_ids") + + @_builtins.property + @pulumi.getter(name="logOnlyRuleIds") + def log_only_rule_ids(self) -> Optional[Sequence[_builtins.str]]: + """ + Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_ids") + + @_builtins.property + @pulumi.getter + def mode(self) -> Optional[_builtins.str]: + """ + The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + """ + return pulumi.get(self, "mode") + + @_builtins.property + @pulumi.getter(name="paranoiaLevel") + def paranoia_level(self) -> Optional[_builtins.str]: + """ + Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + """ + return pulumi.get(self, "paranoia_level") + + @_builtins.property + @pulumi.getter + def type(self) -> Optional[_builtins.str]: + """ + The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + return pulumi.get(self, "type") + + @pulumi.output_type class CdnDistributionDomain(dict): def __init__(__self__, *, @@ -5934,6 +6180,54 @@ def number(self) -> Optional[_builtins.int]: return pulumi.get(self, "number") +@pulumi.output_type +class ServerAgent(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "provisioningPolicy": + suggest = "provisioning_policy" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ServerAgent. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ServerAgent.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ServerAgent.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + provisioned: Optional[_builtins.bool] = None, + provisioning_policy: Optional[_builtins.str] = None): + """ + :param _builtins.bool provisioned: Whether a STACKIT Server Agent is provisioned at the server + :param _builtins.str provisioning_policy: Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + """ + if provisioned is not None: + pulumi.set(__self__, "provisioned", provisioned) + if provisioning_policy is not None: + pulumi.set(__self__, "provisioning_policy", provisioning_policy) + + @_builtins.property + @pulumi.getter + def provisioned(self) -> Optional[_builtins.bool]: + """ + Whether a STACKIT Server Agent is provisioned at the server + """ + return pulumi.get(self, "provisioned") + + @_builtins.property + @pulumi.getter(name="provisioningPolicy") + def provisioning_policy(self) -> Optional[_builtins.str]: + """ + Agent provisioning policy: `ALWAYS`, `NEVER`, or `INHERIT`. `INHERIT` follows the image default value. + """ + return pulumi.get(self, "provisioning_policy") + + @pulumi.output_type class ServerBackupScheduleBackupProperties(dict): @staticmethod @@ -6080,6 +6374,46 @@ def size(self) -> Optional[_builtins.int]: return pulumi.get(self, "size") +@pulumi.output_type +class ServiceAccountFederatedIdentityProviderAssertion(dict): + def __init__(__self__, *, + item: _builtins.str, + operator: _builtins.str, + value: _builtins.str): + """ + :param _builtins.str item: The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + :param _builtins.str operator: The assertion operator. Currently, the only supported operator is "equals". + :param _builtins.str value: The assertion value. + """ + pulumi.set(__self__, "item", item) + pulumi.set(__self__, "operator", operator) + pulumi.set(__self__, "value", value) + + @_builtins.property + @pulumi.getter + def item(self) -> _builtins.str: + """ + The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + """ + return pulumi.get(self, "item") + + @_builtins.property + @pulumi.getter + def operator(self) -> _builtins.str: + """ + The assertion operator. Currently, the only supported operator is "equals". + """ + return pulumi.get(self, "operator") + + @_builtins.property + @pulumi.getter + def value(self) -> _builtins.str: + """ + The assertion value. + """ + return pulumi.get(self, "value") + + @pulumi.output_type class SfsExportPolicyRule(dict): @staticmethod @@ -8019,18 +8353,21 @@ def __init__(__self__, *, optimizer: 'outputs.GetCdnDistributionConfigOptimizerResult', redirects: 'outputs.GetCdnDistributionConfigRedirectsResult', regions: Sequence[_builtins.str], + waf: 'outputs.GetCdnDistributionConfigWafResult', blocked_countries: Optional[Sequence[_builtins.str]] = None): """ :param 'GetCdnDistributionConfigBackendArgs' backend: The configured backend for the distribution :param 'GetCdnDistributionConfigOptimizerArgs' optimizer: Configuration for the Image Optimizer. This is a paid feature that automatically optimizes images to reduce their file size for faster delivery, leading to improved website performance and a better user experience. :param 'GetCdnDistributionConfigRedirectsArgs' redirects: A wrapper for a list of redirect rules that allows for redirect settings on a distribution :param Sequence[_builtins.str] regions: The configured regions where content will be hosted + :param 'GetCdnDistributionConfigWafArgs' waf: Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. :param Sequence[_builtins.str] blocked_countries: The configured countries where distribution of content is blocked """ pulumi.set(__self__, "backend", backend) pulumi.set(__self__, "optimizer", optimizer) pulumi.set(__self__, "redirects", redirects) pulumi.set(__self__, "regions", regions) + pulumi.set(__self__, "waf", waf) if blocked_countries is not None: pulumi.set(__self__, "blocked_countries", blocked_countries) @@ -8066,6 +8403,14 @@ def regions(self) -> Sequence[_builtins.str]: """ return pulumi.get(self, "regions") + @_builtins.property + @pulumi.getter + def waf(self) -> 'outputs.GetCdnDistributionConfigWafResult': + """ + Configures the Web Application Firewall (WAF) for the distribution. If this block is undefined or removed from your configuration, the WAF mode will default to DISABLED and the type to FREE. All other WAF properties will retain their last known state in the API; if they were never defined, the API will apply its default settings. + """ + return pulumi.get(self, "waf") + @_builtins.property @pulumi.getter(name="blockedCountries") def blocked_countries(self) -> Optional[Sequence[_builtins.str]]: @@ -8280,6 +8625,178 @@ def values(self) -> Sequence[_builtins.str]: return pulumi.get(self, "values") +@pulumi.output_type +class GetCdnDistributionConfigWafResult(dict): + def __init__(__self__, *, + allowed_http_methods: Sequence[_builtins.str], + allowed_http_versions: Sequence[_builtins.str], + allowed_request_content_types: Sequence[_builtins.str], + disabled_rule_collection_ids: Sequence[_builtins.str], + disabled_rule_group_ids: Sequence[_builtins.str], + disabled_rule_ids: Sequence[_builtins.str], + enabled_rule_collection_ids: Sequence[_builtins.str], + enabled_rule_group_ids: Sequence[_builtins.str], + enabled_rule_ids: Sequence[_builtins.str], + log_only_rule_collection_ids: Sequence[_builtins.str], + log_only_rule_group_ids: Sequence[_builtins.str], + log_only_rule_ids: Sequence[_builtins.str], + mode: _builtins.str, + paranoia_level: _builtins.str, + type: _builtins.str): + """ + :param Sequence[_builtins.str] allowed_http_methods: Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + :param Sequence[_builtins.str] allowed_http_versions: Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + :param Sequence[_builtins.str] allowed_request_content_types: Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + :param Sequence[_builtins.str] disabled_rule_collection_ids: Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] disabled_rule_group_ids: Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] disabled_rule_ids: Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] enabled_rule_collection_ids: Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] enabled_rule_group_ids: Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] enabled_rule_ids: Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] log_only_rule_collection_ids: Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] log_only_rule_group_ids: Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param Sequence[_builtins.str] log_only_rule_ids: Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + :param _builtins.str mode: The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + :param _builtins.str paranoia_level: Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + :param _builtins.str type: The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + pulumi.set(__self__, "allowed_http_methods", allowed_http_methods) + pulumi.set(__self__, "allowed_http_versions", allowed_http_versions) + pulumi.set(__self__, "allowed_request_content_types", allowed_request_content_types) + pulumi.set(__self__, "disabled_rule_collection_ids", disabled_rule_collection_ids) + pulumi.set(__self__, "disabled_rule_group_ids", disabled_rule_group_ids) + pulumi.set(__self__, "disabled_rule_ids", disabled_rule_ids) + pulumi.set(__self__, "enabled_rule_collection_ids", enabled_rule_collection_ids) + pulumi.set(__self__, "enabled_rule_group_ids", enabled_rule_group_ids) + pulumi.set(__self__, "enabled_rule_ids", enabled_rule_ids) + pulumi.set(__self__, "log_only_rule_collection_ids", log_only_rule_collection_ids) + pulumi.set(__self__, "log_only_rule_group_ids", log_only_rule_group_ids) + pulumi.set(__self__, "log_only_rule_ids", log_only_rule_ids) + pulumi.set(__self__, "mode", mode) + pulumi.set(__self__, "paranoia_level", paranoia_level) + pulumi.set(__self__, "type", type) + + @_builtins.property + @pulumi.getter(name="allowedHttpMethods") + def allowed_http_methods(self) -> Sequence[_builtins.str]: + """ + Restricts which HTTP methods the distribution accepts. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. + """ + return pulumi.get(self, "allowed_http_methods") + + @_builtins.property + @pulumi.getter(name="allowedHttpVersions") + def allowed_http_versions(self) -> Sequence[_builtins.str]: + """ + Restricts which HTTP protocol versions are accepted. If provided, the set must contain at least one item. If omitted, the API applies the following defaults: `HTTP/1.0`, `HTTP/1.1`, `HTTP/2`, `HTTP/2.0`. + """ + return pulumi.get(self, "allowed_http_versions") + + @_builtins.property + @pulumi.getter(name="allowedRequestContentTypes") + def allowed_request_content_types(self) -> Sequence[_builtins.str]: + """ + Restricts which Content-Type headers are accepted in request bodies. If provided, the set must contain at least one item. Case you removed waf will retain the last known state and if omitted, the API applies the following defaults: `application/x-www-form-urlencoded`, `multipart/form-data`, `multipart/related`, `text/xml`, `application/xml`, `application/soap+xml`, `application/x-amf`, `application/json`, `application/octet-stream`, `application/csp-report`, `application/xss-auditor-report`, `text/plain`. + """ + return pulumi.get(self, "allowed_request_content_types") + + @_builtins.property + @pulumi.getter(name="disabledRuleCollectionIds") + def disabled_rule_collection_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF Collection IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_collection_ids") + + @_builtins.property + @pulumi.getter(name="disabledRuleGroupIds") + def disabled_rule_group_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF Rule Group IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_group_ids") + + @_builtins.property + @pulumi.getter(name="disabledRuleIds") + def disabled_rule_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF rule IDs explicitly disabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly disabled Rule ID takes precedence over an enabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "disabled_rule_ids") + + @_builtins.property + @pulumi.getter(name="enabledRuleCollectionIds") + def enabled_rule_collection_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF Collection IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_collection_ids") + + @_builtins.property + @pulumi.getter(name="enabledRuleGroupIds") + def enabled_rule_group_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF Rule Group IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_group_ids") + + @_builtins.property + @pulumi.getter(name="enabledRuleIds") + def enabled_rule_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF rule IDs explicitly enabled. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. For example, an explicitly enabled Rule ID takes precedence over a disabled Group ID. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "enabled_rule_ids") + + @_builtins.property + @pulumi.getter(name="logOnlyRuleCollectionIds") + def log_only_rule_collection_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF Collection IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. To view available rule collections, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_collection_ids") + + @_builtins.property + @pulumi.getter(name="logOnlyRuleGroupIds") + def log_only_rule_group_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF Rule Group IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Groups override Collections. To view available rule groups, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_group_ids") + + @_builtins.property + @pulumi.getter(name="logOnlyRuleIds") + def log_only_rule_ids(self) -> Sequence[_builtins.str]: + """ + Set of WAF rule IDs explicitly marked as Log Only. Can be set to an empty set to clear previously set rules. Case you removed waf will retain the last known state. Precedence hierarchy: Specific Rules override Groups. To view available rules, please consult the API documentation: https://docs.api.eu01.stackit.cloud/documentation/cdn/version/v1#tag/WAF/operation/ListWafCollections + """ + return pulumi.get(self, "log_only_rule_ids") + + @_builtins.property + @pulumi.getter + def mode(self) -> _builtins.str: + """ + The operating mode of the WAF. 'ENABLED' actively blocks threats, 'LOG_ONLY' logs matches without blocking, and 'DISABLED' completely turns off inspection. Defaults to 'DISABLED'. + """ + return pulumi.get(self, "mode") + + @_builtins.property + @pulumi.getter(name="paranoiaLevel") + def paranoia_level(self) -> _builtins.str: + """ + Defines how aggressively the WAF should act on requests. Valid values are 'L1' to 'L4'. Case you removed waf will retain the last known state and if omitted, The API applies the following default 'L1'. + """ + return pulumi.get(self, "paranoia_level") + + @_builtins.property + @pulumi.getter + def type(self) -> _builtins.str: + """ + The tier of the WAF. Valid values are 'FREE' or 'PREMIUM'. Defaults to 'FREE'. + """ + return pulumi.get(self, "type") + + @pulumi.output_type class GetCdnDistributionDomainResult(dict): def __init__(__self__, *, @@ -11918,6 +12435,24 @@ def number(self) -> _builtins.int: return pulumi.get(self, "number") +@pulumi.output_type +class GetServerAgentResult(dict): + def __init__(__self__, *, + provisioned: _builtins.bool): + """ + :param _builtins.bool provisioned: Whether a STACKIT Server Agent is provisioned at the server + """ + pulumi.set(__self__, "provisioned", provisioned) + + @_builtins.property + @pulumi.getter + def provisioned(self) -> _builtins.bool: + """ + Whether a STACKIT Server Agent is provisioned at the server + """ + return pulumi.get(self, "provisioned") + + @pulumi.output_type class GetServerBackupScheduleBackupPropertiesResult(dict): def __init__(__self__, *, @@ -12115,6 +12650,46 @@ def update_schedule_id(self) -> _builtins.int: return pulumi.get(self, "update_schedule_id") +@pulumi.output_type +class GetServiceAccountFederatedIdentityProviderAssertionResult(dict): + def __init__(__self__, *, + item: _builtins.str, + operator: _builtins.str, + value: _builtins.str): + """ + :param _builtins.str item: The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + :param _builtins.str operator: The assertion operator. Currently, the only supported operator is "equals". + :param _builtins.str value: The assertion value. + """ + pulumi.set(__self__, "item", item) + pulumi.set(__self__, "operator", operator) + pulumi.set(__self__, "value", value) + + @_builtins.property + @pulumi.getter + def item(self) -> _builtins.str: + """ + The assertion claim. At least one assertion with the claim "aud" is required for security reasons. + """ + return pulumi.get(self, "item") + + @_builtins.property + @pulumi.getter + def operator(self) -> _builtins.str: + """ + The assertion operator. Currently, the only supported operator is "equals". + """ + return pulumi.get(self, "operator") + + @_builtins.property + @pulumi.getter + def value(self) -> _builtins.str: + """ + The assertion value. + """ + return pulumi.get(self, "value") + + @pulumi.output_type class GetServiceAccountsItemResult(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_stackit/server.py b/sdk/python/pulumi_stackit/server.py index 6bc20d6..956c885 100644 --- a/sdk/python/pulumi_stackit/server.py +++ b/sdk/python/pulumi_stackit/server.py @@ -24,6 +24,7 @@ def __init__(__self__, *, machine_type: pulumi.Input[_builtins.str], project_id: pulumi.Input[_builtins.str], affinity_group: Optional[pulumi.Input[_builtins.str]] = None, + agent: Optional[pulumi.Input['ServerAgentArgs']] = None, availability_zone: Optional[pulumi.Input[_builtins.str]] = None, boot_volume: Optional[pulumi.Input['ServerBootVolumeArgs']] = None, desired_status: Optional[pulumi.Input[_builtins.str]] = None, @@ -40,6 +41,7 @@ def __init__(__self__, *, :param pulumi.Input[_builtins.str] machine_type: Name of the type of the machine for the server. Possible values are documented in [Virtual machine flavors](https://docs.stackit.cloud/products/compute-engine/server/basics/machine-types/) :param pulumi.Input[_builtins.str] project_id: STACKIT project ID to which the server is associated. :param pulumi.Input[_builtins.str] affinity_group: The affinity group the server is assigned to. + :param pulumi.Input['ServerAgentArgs'] agent: The STACKIT Server Agent configured for the server :param pulumi.Input[_builtins.str] availability_zone: The availability zone of the server. :param pulumi.Input['ServerBootVolumeArgs'] boot_volume: The boot volume for the server :param pulumi.Input[_builtins.str] desired_status: The desired status of the server resource. Possible values are: `active`, `inactive`, `deallocated`. @@ -55,6 +57,8 @@ def __init__(__self__, *, pulumi.set(__self__, "project_id", project_id) if affinity_group is not None: pulumi.set(__self__, "affinity_group", affinity_group) + if agent is not None: + pulumi.set(__self__, "agent", agent) if availability_zone is not None: pulumi.set(__self__, "availability_zone", availability_zone) if boot_volume is not None: @@ -112,6 +116,18 @@ def affinity_group(self) -> Optional[pulumi.Input[_builtins.str]]: def affinity_group(self, value: Optional[pulumi.Input[_builtins.str]]): pulumi.set(self, "affinity_group", value) + @_builtins.property + @pulumi.getter + def agent(self) -> Optional[pulumi.Input['ServerAgentArgs']]: + """ + The STACKIT Server Agent configured for the server + """ + return pulumi.get(self, "agent") + + @agent.setter + def agent(self, value: Optional[pulumi.Input['ServerAgentArgs']]): + pulumi.set(self, "agent", value) + @_builtins.property @pulumi.getter(name="availabilityZone") def availability_zone(self) -> Optional[pulumi.Input[_builtins.str]]: @@ -237,6 +253,7 @@ def user_data(self, value: Optional[pulumi.Input[_builtins.str]]): class _ServerState: def __init__(__self__, *, affinity_group: Optional[pulumi.Input[_builtins.str]] = None, + agent: Optional[pulumi.Input['ServerAgentArgs']] = None, availability_zone: Optional[pulumi.Input[_builtins.str]] = None, boot_volume: Optional[pulumi.Input['ServerBootVolumeArgs']] = None, created_at: Optional[pulumi.Input[_builtins.str]] = None, @@ -257,6 +274,7 @@ def __init__(__self__, *, Input properties used for looking up and filtering Server resources. :param pulumi.Input[_builtins.str] affinity_group: The affinity group the server is assigned to. + :param pulumi.Input['ServerAgentArgs'] agent: The STACKIT Server Agent configured for the server :param pulumi.Input[_builtins.str] availability_zone: The availability zone of the server. :param pulumi.Input['ServerBootVolumeArgs'] boot_volume: The boot volume for the server :param pulumi.Input[_builtins.str] created_at: Date-time when the server was created @@ -276,6 +294,8 @@ def __init__(__self__, *, """ if affinity_group is not None: pulumi.set(__self__, "affinity_group", affinity_group) + if agent is not None: + pulumi.set(__self__, "agent", agent) if availability_zone is not None: pulumi.set(__self__, "availability_zone", availability_zone) if boot_volume is not None: @@ -321,6 +341,18 @@ def affinity_group(self) -> Optional[pulumi.Input[_builtins.str]]: def affinity_group(self, value: Optional[pulumi.Input[_builtins.str]]): pulumi.set(self, "affinity_group", value) + @_builtins.property + @pulumi.getter + def agent(self) -> Optional[pulumi.Input['ServerAgentArgs']]: + """ + The STACKIT Server Agent configured for the server + """ + return pulumi.get(self, "agent") + + @agent.setter + def agent(self, value: Optional[pulumi.Input['ServerAgentArgs']]): + pulumi.set(self, "agent", value) + @_builtins.property @pulumi.getter(name="availabilityZone") def availability_zone(self) -> Optional[pulumi.Input[_builtins.str]]: @@ -521,6 +553,7 @@ def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, affinity_group: Optional[pulumi.Input[_builtins.str]] = None, + agent: Optional[pulumi.Input[Union['ServerAgentArgs', 'ServerAgentArgsDict']]] = None, availability_zone: Optional[pulumi.Input[_builtins.str]] = None, boot_volume: Optional[pulumi.Input[Union['ServerBootVolumeArgs', 'ServerBootVolumeArgsDict']]] = None, desired_status: Optional[pulumi.Input[_builtins.str]] = None, @@ -557,6 +590,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[_builtins.str] affinity_group: The affinity group the server is assigned to. + :param pulumi.Input[Union['ServerAgentArgs', 'ServerAgentArgsDict']] agent: The STACKIT Server Agent configured for the server :param pulumi.Input[_builtins.str] availability_zone: The availability zone of the server. :param pulumi.Input[Union['ServerBootVolumeArgs', 'ServerBootVolumeArgsDict']] boot_volume: The boot volume for the server :param pulumi.Input[_builtins.str] desired_status: The desired status of the server resource. Possible values are: `active`, `inactive`, `deallocated`. @@ -612,6 +646,7 @@ def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, affinity_group: Optional[pulumi.Input[_builtins.str]] = None, + agent: Optional[pulumi.Input[Union['ServerAgentArgs', 'ServerAgentArgsDict']]] = None, availability_zone: Optional[pulumi.Input[_builtins.str]] = None, boot_volume: Optional[pulumi.Input[Union['ServerBootVolumeArgs', 'ServerBootVolumeArgsDict']]] = None, desired_status: Optional[pulumi.Input[_builtins.str]] = None, @@ -634,6 +669,7 @@ def _internal_init(__self__, __props__ = ServerArgs.__new__(ServerArgs) __props__.__dict__["affinity_group"] = affinity_group + __props__.__dict__["agent"] = agent __props__.__dict__["availability_zone"] = availability_zone __props__.__dict__["boot_volume"] = boot_volume __props__.__dict__["desired_status"] = desired_status @@ -665,6 +701,7 @@ def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, affinity_group: Optional[pulumi.Input[_builtins.str]] = None, + agent: Optional[pulumi.Input[Union['ServerAgentArgs', 'ServerAgentArgsDict']]] = None, availability_zone: Optional[pulumi.Input[_builtins.str]] = None, boot_volume: Optional[pulumi.Input[Union['ServerBootVolumeArgs', 'ServerBootVolumeArgsDict']]] = None, created_at: Optional[pulumi.Input[_builtins.str]] = None, @@ -689,6 +726,7 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[_builtins.str] affinity_group: The affinity group the server is assigned to. + :param pulumi.Input[Union['ServerAgentArgs', 'ServerAgentArgsDict']] agent: The STACKIT Server Agent configured for the server :param pulumi.Input[_builtins.str] availability_zone: The availability zone of the server. :param pulumi.Input[Union['ServerBootVolumeArgs', 'ServerBootVolumeArgsDict']] boot_volume: The boot volume for the server :param pulumi.Input[_builtins.str] created_at: Date-time when the server was created @@ -711,6 +749,7 @@ def get(resource_name: str, __props__ = _ServerState.__new__(_ServerState) __props__.__dict__["affinity_group"] = affinity_group + __props__.__dict__["agent"] = agent __props__.__dict__["availability_zone"] = availability_zone __props__.__dict__["boot_volume"] = boot_volume __props__.__dict__["created_at"] = created_at @@ -737,6 +776,14 @@ def affinity_group(self) -> pulumi.Output[Optional[_builtins.str]]: """ return pulumi.get(self, "affinity_group") + @_builtins.property + @pulumi.getter + def agent(self) -> pulumi.Output['outputs.ServerAgent']: + """ + The STACKIT Server Agent configured for the server + """ + return pulumi.get(self, "agent") + @_builtins.property @pulumi.getter(name="availabilityZone") def availability_zone(self) -> pulumi.Output[_builtins.str]: diff --git a/sdk/python/pulumi_stackit/service_account_federated_identity_provider.py b/sdk/python/pulumi_stackit/service_account_federated_identity_provider.py new file mode 100644 index 0000000..326ffcf --- /dev/null +++ b/sdk/python/pulumi_stackit/service_account_federated_identity_provider.py @@ -0,0 +1,387 @@ +# coding=utf-8 +# *** WARNING: this file was generated by pulumi-language-python. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import builtins as _builtins +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from . import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['ServiceAccountFederatedIdentityProviderArgs', 'ServiceAccountFederatedIdentityProvider'] + +@pulumi.input_type +class ServiceAccountFederatedIdentityProviderArgs: + def __init__(__self__, *, + assertions: pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]], + issuer: pulumi.Input[_builtins.str], + project_id: pulumi.Input[_builtins.str], + service_account_email: pulumi.Input[_builtins.str], + name: Optional[pulumi.Input[_builtins.str]] = None): + """ + The set of arguments for constructing a ServiceAccountFederatedIdentityProvider resource. + + :param pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]] assertions: The assertions for the federated identity provider. + :param pulumi.Input[_builtins.str] issuer: The issuer URL. + :param pulumi.Input[_builtins.str] project_id: The STACKIT project ID associated with the service account. + :param pulumi.Input[_builtins.str] service_account_email: The email address associated with the service account, used for account identification and communication. + :param pulumi.Input[_builtins.str] name: The name of the federated identity provider. + """ + pulumi.set(__self__, "assertions", assertions) + pulumi.set(__self__, "issuer", issuer) + pulumi.set(__self__, "project_id", project_id) + pulumi.set(__self__, "service_account_email", service_account_email) + if name is not None: + pulumi.set(__self__, "name", name) + + @_builtins.property + @pulumi.getter + def assertions(self) -> pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]]: + """ + The assertions for the federated identity provider. + """ + return pulumi.get(self, "assertions") + + @assertions.setter + def assertions(self, value: pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]]): + pulumi.set(self, "assertions", value) + + @_builtins.property + @pulumi.getter + def issuer(self) -> pulumi.Input[_builtins.str]: + """ + The issuer URL. + """ + return pulumi.get(self, "issuer") + + @issuer.setter + def issuer(self, value: pulumi.Input[_builtins.str]): + pulumi.set(self, "issuer", value) + + @_builtins.property + @pulumi.getter(name="projectId") + def project_id(self) -> pulumi.Input[_builtins.str]: + """ + The STACKIT project ID associated with the service account. + """ + return pulumi.get(self, "project_id") + + @project_id.setter + def project_id(self, value: pulumi.Input[_builtins.str]): + pulumi.set(self, "project_id", value) + + @_builtins.property + @pulumi.getter(name="serviceAccountEmail") + def service_account_email(self) -> pulumi.Input[_builtins.str]: + """ + The email address associated with the service account, used for account identification and communication. + """ + return pulumi.get(self, "service_account_email") + + @service_account_email.setter + def service_account_email(self, value: pulumi.Input[_builtins.str]): + pulumi.set(self, "service_account_email", value) + + @_builtins.property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The name of the federated identity provider. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "name", value) + + +@pulumi.input_type +class _ServiceAccountFederatedIdentityProviderState: + def __init__(__self__, *, + assertions: Optional[pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]]] = None, + federation_id: Optional[pulumi.Input[_builtins.str]] = None, + issuer: Optional[pulumi.Input[_builtins.str]] = None, + name: Optional[pulumi.Input[_builtins.str]] = None, + project_id: Optional[pulumi.Input[_builtins.str]] = None, + service_account_email: Optional[pulumi.Input[_builtins.str]] = None): + """ + Input properties used for looking up and filtering ServiceAccountFederatedIdentityProvider resources. + + :param pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]] assertions: The assertions for the federated identity provider. + :param pulumi.Input[_builtins.str] federation_id: The unique identifier for the federated identity provider associated with the service account. + :param pulumi.Input[_builtins.str] issuer: The issuer URL. + :param pulumi.Input[_builtins.str] name: The name of the federated identity provider. + :param pulumi.Input[_builtins.str] project_id: The STACKIT project ID associated with the service account. + :param pulumi.Input[_builtins.str] service_account_email: The email address associated with the service account, used for account identification and communication. + """ + if assertions is not None: + pulumi.set(__self__, "assertions", assertions) + if federation_id is not None: + pulumi.set(__self__, "federation_id", federation_id) + if issuer is not None: + pulumi.set(__self__, "issuer", issuer) + if name is not None: + pulumi.set(__self__, "name", name) + if project_id is not None: + pulumi.set(__self__, "project_id", project_id) + if service_account_email is not None: + pulumi.set(__self__, "service_account_email", service_account_email) + + @_builtins.property + @pulumi.getter + def assertions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]]]: + """ + The assertions for the federated identity provider. + """ + return pulumi.get(self, "assertions") + + @assertions.setter + def assertions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ServiceAccountFederatedIdentityProviderAssertionArgs']]]]): + pulumi.set(self, "assertions", value) + + @_builtins.property + @pulumi.getter(name="federationId") + def federation_id(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The unique identifier for the federated identity provider associated with the service account. + """ + return pulumi.get(self, "federation_id") + + @federation_id.setter + def federation_id(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "federation_id", value) + + @_builtins.property + @pulumi.getter + def issuer(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The issuer URL. + """ + return pulumi.get(self, "issuer") + + @issuer.setter + def issuer(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "issuer", value) + + @_builtins.property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The name of the federated identity provider. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "name", value) + + @_builtins.property + @pulumi.getter(name="projectId") + def project_id(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The STACKIT project ID associated with the service account. + """ + return pulumi.get(self, "project_id") + + @project_id.setter + def project_id(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "project_id", value) + + @_builtins.property + @pulumi.getter(name="serviceAccountEmail") + def service_account_email(self) -> Optional[pulumi.Input[_builtins.str]]: + """ + The email address associated with the service account, used for account identification and communication. + """ + return pulumi.get(self, "service_account_email") + + @service_account_email.setter + def service_account_email(self, value: Optional[pulumi.Input[_builtins.str]]): + pulumi.set(self, "service_account_email", value) + + +@pulumi.type_token("stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider") +class ServiceAccountFederatedIdentityProvider(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + assertions: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ServiceAccountFederatedIdentityProviderAssertionArgs', 'ServiceAccountFederatedIdentityProviderAssertionArgsDict']]]]] = None, + issuer: Optional[pulumi.Input[_builtins.str]] = None, + name: Optional[pulumi.Input[_builtins.str]] = None, + project_id: Optional[pulumi.Input[_builtins.str]] = None, + service_account_email: Optional[pulumi.Input[_builtins.str]] = None, + __props__=None): + """ + Service account federated identity provider schema. + ## Example Usage + + ### Create a federated identity provider + + ### Additional Examples + + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Sequence[pulumi.Input[Union['ServiceAccountFederatedIdentityProviderAssertionArgs', 'ServiceAccountFederatedIdentityProviderAssertionArgsDict']]]] assertions: The assertions for the federated identity provider. + :param pulumi.Input[_builtins.str] issuer: The issuer URL. + :param pulumi.Input[_builtins.str] name: The name of the federated identity provider. + :param pulumi.Input[_builtins.str] project_id: The STACKIT project ID associated with the service account. + :param pulumi.Input[_builtins.str] service_account_email: The email address associated with the service account, used for account identification and communication. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ServiceAccountFederatedIdentityProviderArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Service account federated identity provider schema. + ## Example Usage + + ### Create a federated identity provider + + ### Additional Examples + + + :param str resource_name: The name of the resource. + :param ServiceAccountFederatedIdentityProviderArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ServiceAccountFederatedIdentityProviderArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + assertions: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ServiceAccountFederatedIdentityProviderAssertionArgs', 'ServiceAccountFederatedIdentityProviderAssertionArgsDict']]]]] = None, + issuer: Optional[pulumi.Input[_builtins.str]] = None, + name: Optional[pulumi.Input[_builtins.str]] = None, + project_id: Optional[pulumi.Input[_builtins.str]] = None, + service_account_email: Optional[pulumi.Input[_builtins.str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ServiceAccountFederatedIdentityProviderArgs.__new__(ServiceAccountFederatedIdentityProviderArgs) + + if assertions is None and not opts.urn: + raise TypeError("Missing required property 'assertions'") + __props__.__dict__["assertions"] = assertions + if issuer is None and not opts.urn: + raise TypeError("Missing required property 'issuer'") + __props__.__dict__["issuer"] = issuer + __props__.__dict__["name"] = name + if project_id is None and not opts.urn: + raise TypeError("Missing required property 'project_id'") + __props__.__dict__["project_id"] = project_id + if service_account_email is None and not opts.urn: + raise TypeError("Missing required property 'service_account_email'") + __props__.__dict__["service_account_email"] = service_account_email + __props__.__dict__["federation_id"] = None + super(ServiceAccountFederatedIdentityProvider, __self__).__init__( + 'stackit:index/serviceAccountFederatedIdentityProvider:ServiceAccountFederatedIdentityProvider', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + assertions: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ServiceAccountFederatedIdentityProviderAssertionArgs', 'ServiceAccountFederatedIdentityProviderAssertionArgsDict']]]]] = None, + federation_id: Optional[pulumi.Input[_builtins.str]] = None, + issuer: Optional[pulumi.Input[_builtins.str]] = None, + name: Optional[pulumi.Input[_builtins.str]] = None, + project_id: Optional[pulumi.Input[_builtins.str]] = None, + service_account_email: Optional[pulumi.Input[_builtins.str]] = None) -> 'ServiceAccountFederatedIdentityProvider': + """ + Get an existing ServiceAccountFederatedIdentityProvider resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[Sequence[pulumi.Input[Union['ServiceAccountFederatedIdentityProviderAssertionArgs', 'ServiceAccountFederatedIdentityProviderAssertionArgsDict']]]] assertions: The assertions for the federated identity provider. + :param pulumi.Input[_builtins.str] federation_id: The unique identifier for the federated identity provider associated with the service account. + :param pulumi.Input[_builtins.str] issuer: The issuer URL. + :param pulumi.Input[_builtins.str] name: The name of the federated identity provider. + :param pulumi.Input[_builtins.str] project_id: The STACKIT project ID associated with the service account. + :param pulumi.Input[_builtins.str] service_account_email: The email address associated with the service account, used for account identification and communication. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _ServiceAccountFederatedIdentityProviderState.__new__(_ServiceAccountFederatedIdentityProviderState) + + __props__.__dict__["assertions"] = assertions + __props__.__dict__["federation_id"] = federation_id + __props__.__dict__["issuer"] = issuer + __props__.__dict__["name"] = name + __props__.__dict__["project_id"] = project_id + __props__.__dict__["service_account_email"] = service_account_email + return ServiceAccountFederatedIdentityProvider(resource_name, opts=opts, __props__=__props__) + + @_builtins.property + @pulumi.getter + def assertions(self) -> pulumi.Output[Sequence['outputs.ServiceAccountFederatedIdentityProviderAssertion']]: + """ + The assertions for the federated identity provider. + """ + return pulumi.get(self, "assertions") + + @_builtins.property + @pulumi.getter(name="federationId") + def federation_id(self) -> pulumi.Output[_builtins.str]: + """ + The unique identifier for the federated identity provider associated with the service account. + """ + return pulumi.get(self, "federation_id") + + @_builtins.property + @pulumi.getter + def issuer(self) -> pulumi.Output[_builtins.str]: + """ + The issuer URL. + """ + return pulumi.get(self, "issuer") + + @_builtins.property + @pulumi.getter + def name(self) -> pulumi.Output[_builtins.str]: + """ + The name of the federated identity provider. + """ + return pulumi.get(self, "name") + + @_builtins.property + @pulumi.getter(name="projectId") + def project_id(self) -> pulumi.Output[_builtins.str]: + """ + The STACKIT project ID associated with the service account. + """ + return pulumi.get(self, "project_id") + + @_builtins.property + @pulumi.getter(name="serviceAccountEmail") + def service_account_email(self) -> pulumi.Output[_builtins.str]: + """ + The email address associated with the service account, used for account identification and communication. + """ + return pulumi.get(self, "service_account_email") +