@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
831 lines (830 loc) • 30 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* A Certificate corresponds to a signed X.509 certificate issued by a Certificate.
*
* > **Note:** The Certificate Authority that is referenced by this resource **must** be
* `tier = "ENTERPRISE"`
*
* ## Example Usage
*
* ### Privateca Certificate Generated Key
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* import * as tls from "@pulumi/tls";
*
* const _default = new gcp.certificateauthority.CaPool("default", {
* location: "us-central1",
* name: "default",
* tier: "ENTERPRISE",
* });
* const defaultAuthority = new gcp.certificateauthority.Authority("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthorityId: "my-authority",
* config: {
* subjectConfig: {
* subject: {
* organization: "HashiCorp",
* commonName: "my-certificate-authority",
* },
* subjectAltName: {
* dnsNames: ["hashicorp.com"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: true,
* },
* },
* },
* },
* keySpec: {
* algorithm: "RSA_PKCS1_4096_SHA256",
* },
* deletionProtection: false,
* skipGracePeriod: true,
* ignoreActiveCertificatesOnDeletion: true,
* });
* const certKey = new tls.PrivateKey("cert_key", {algorithm: "RSA"});
* const defaultCertificate = new gcp.certificateauthority.Certificate("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthority: defaultAuthority.certificateAuthorityId,
* lifetime: "86000s",
* name: "cert-1",
* config: {
* subjectConfig: {
* subject: {
* commonName: "san1.example.com",
* countryCode: "us",
* organization: "google",
* organizationalUnit: "enterprise",
* locality: "mountain view",
* province: "california",
* streetAddress: "1600 amphitheatre parkway",
* },
* subjectAltName: {
* emailAddresses: ["email@example.com"],
* ipAddresses: ["127.0.0.1"],
* uris: ["http://www.ietf.org/rfc/rfc3986.txt"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: false,
* },
* },
* nameConstraints: {
* critical: true,
* permittedDnsNames: ["*.example.com"],
* excludedDnsNames: ["*.deny.example.com"],
* permittedIpRanges: ["10.0.0.0/8"],
* excludedIpRanges: ["10.1.1.0/24"],
* permittedEmailAddresses: [".example.com"],
* excludedEmailAddresses: [".deny.example.com"],
* permittedUris: [".example.com"],
* excludedUris: [".deny.example.com"],
* },
* },
* publicKey: {
* format: "PEM",
* key: std.base64encodeOutput({
* input: certKey.publicKeyPem,
* }).apply(invoke => invoke.result),
* },
* },
* });
* ```
* ### Privateca Certificate With Template
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const _default = new gcp.certificateauthority.CaPool("default", {
* location: "us-central1",
* name: "my-pool",
* tier: "ENTERPRISE",
* });
* const defaultCertificateTemplate = new gcp.certificateauthority.CertificateTemplate("default", {
* location: "us-central1",
* name: "my-certificate-template",
* description: "An updated sample certificate template",
* identityConstraints: {
* allowSubjectAltNamesPassthrough: true,
* allowSubjectPassthrough: true,
* celExpression: {
* description: "Always true",
* expression: "true",
* location: "any.file.anywhere",
* title: "Sample expression",
* },
* },
* passthroughExtensions: {
* additionalExtensions: [{
* objectIdPaths: [
* 1,
* 6,
* ],
* }],
* knownExtensions: ["EXTENDED_KEY_USAGE"],
* },
* predefinedValues: {
* additionalExtensions: [{
* objectId: {
* objectIdPaths: [
* 1,
* 6,
* ],
* },
* value: "c3RyaW5nCg==",
* critical: true,
* }],
* aiaOcspServers: ["string"],
* caOptions: {
* isCa: false,
* maxIssuerPathLength: 6,
* },
* keyUsage: {
* baseKeyUsage: {
* certSign: false,
* contentCommitment: true,
* crlSign: false,
* dataEncipherment: true,
* decipherOnly: true,
* digitalSignature: true,
* encipherOnly: true,
* keyAgreement: true,
* keyEncipherment: true,
* },
* extendedKeyUsage: {
* clientAuth: true,
* codeSigning: true,
* emailProtection: true,
* ocspSigning: true,
* serverAuth: true,
* timeStamping: true,
* },
* unknownExtendedKeyUsages: [{
* objectIdPaths: [
* 1,
* 6,
* ],
* }],
* },
* policyIds: [{
* objectIdPaths: [
* 1,
* 6,
* ],
* }],
* },
* });
* const defaultAuthority = new gcp.certificateauthority.Authority("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthorityId: "my-authority",
* config: {
* subjectConfig: {
* subject: {
* organization: "HashiCorp",
* commonName: "my-certificate-authority",
* },
* subjectAltName: {
* dnsNames: ["hashicorp.com"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: false,
* },
* },
* },
* },
* keySpec: {
* algorithm: "RSA_PKCS1_4096_SHA256",
* },
* deletionProtection: false,
* skipGracePeriod: true,
* ignoreActiveCertificatesOnDeletion: true,
* });
* const defaultCertificate = new gcp.certificateauthority.Certificate("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthority: defaultAuthority.certificateAuthorityId,
* name: "my-certificate",
* lifetime: "860s",
* pemCsr: std.file({
* input: "test-fixtures/rsa_csr.pem",
* }).then(invoke => invoke.result),
* certificateTemplate: defaultCertificateTemplate.id,
* });
* ```
* ### Privateca Certificate Csr
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const _default = new gcp.certificateauthority.CaPool("default", {
* location: "us-central1",
* name: "my-pool",
* tier: "ENTERPRISE",
* });
* const defaultAuthority = new gcp.certificateauthority.Authority("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthorityId: "my-authority",
* config: {
* subjectConfig: {
* subject: {
* organization: "HashiCorp",
* commonName: "my-certificate-authority",
* },
* subjectAltName: {
* dnsNames: ["hashicorp.com"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: false,
* },
* },
* },
* },
* keySpec: {
* algorithm: "RSA_PKCS1_4096_SHA256",
* },
* deletionProtection: false,
* skipGracePeriod: true,
* ignoreActiveCertificatesOnDeletion: true,
* });
* const defaultCertificate = new gcp.certificateauthority.Certificate("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthority: defaultAuthority.certificateAuthorityId,
* name: "my-certificate",
* lifetime: "860s",
* pemCsr: std.file({
* input: "test-fixtures/rsa_csr.pem",
* }).then(invoke => invoke.result),
* });
* ```
* ### Privateca Certificate No Authority
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const _default = new gcp.certificateauthority.CaPool("default", {
* location: "us-central1",
* name: "my-pool",
* tier: "ENTERPRISE",
* });
* const defaultAuthority = new gcp.certificateauthority.Authority("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthorityId: "my-authority",
* config: {
* subjectConfig: {
* subject: {
* organization: "HashiCorp",
* commonName: "my-certificate-authority",
* },
* subjectAltName: {
* dnsNames: ["hashicorp.com"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* digitalSignature: true,
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: true,
* },
* },
* },
* },
* lifetime: "86400s",
* keySpec: {
* algorithm: "RSA_PKCS1_4096_SHA256",
* },
* deletionProtection: false,
* skipGracePeriod: true,
* ignoreActiveCertificatesOnDeletion: true,
* });
* const defaultCertificate = new gcp.certificateauthority.Certificate("default", {
* location: "us-central1",
* pool: _default.name,
* name: "my-certificate",
* lifetime: "860s",
* config: {
* subjectConfig: {
* subject: {
* commonName: "san1.example.com",
* countryCode: "us",
* organization: "google",
* organizationalUnit: "enterprise",
* locality: "mountain view",
* province: "california",
* streetAddress: "1600 amphitheatre parkway",
* postalCode: "94109",
* },
* },
* x509Config: {
* caOptions: {
* isCa: false,
* },
* keyUsage: {
* baseKeyUsage: {
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: true,
* },
* },
* },
* publicKey: {
* format: "PEM",
* key: std.filebase64({
* input: "test-fixtures/rsa_public.pem",
* }).then(invoke => invoke.result),
* },
* },
* }, {
* dependsOn: [defaultAuthority],
* });
* ```
* ### Privateca Certificate Custom Ski
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
*
* const _default = new gcp.certificateauthority.CaPool("default", {
* location: "us-central1",
* name: "my-pool",
* tier: "ENTERPRISE",
* });
* const defaultAuthority = new gcp.certificateauthority.Authority("default", {
* location: "us-central1",
* pool: _default.name,
* certificateAuthorityId: "my-authority",
* config: {
* subjectConfig: {
* subject: {
* organization: "HashiCorp",
* commonName: "my-certificate-authority",
* },
* subjectAltName: {
* dnsNames: ["hashicorp.com"],
* },
* },
* x509Config: {
* caOptions: {
* isCa: true,
* },
* keyUsage: {
* baseKeyUsage: {
* digitalSignature: true,
* certSign: true,
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: true,
* },
* },
* },
* },
* lifetime: "86400s",
* keySpec: {
* algorithm: "RSA_PKCS1_4096_SHA256",
* },
* deletionProtection: false,
* skipGracePeriod: true,
* ignoreActiveCertificatesOnDeletion: true,
* });
* const defaultCertificate = new gcp.certificateauthority.Certificate("default", {
* location: "us-central1",
* pool: _default.name,
* name: "my-certificate",
* lifetime: "860s",
* config: {
* subjectConfig: {
* subject: {
* commonName: "san1.example.com",
* countryCode: "us",
* organization: "google",
* organizationalUnit: "enterprise",
* locality: "mountain view",
* province: "california",
* streetAddress: "1600 amphitheatre parkway",
* postalCode: "94109",
* },
* },
* subjectKeyId: {
* keyId: "4cf3372289b1d411b999dbb9ebcd44744b6b2fca",
* },
* x509Config: {
* caOptions: {
* isCa: false,
* },
* keyUsage: {
* baseKeyUsage: {
* crlSign: true,
* },
* extendedKeyUsage: {
* serverAuth: true,
* },
* },
* },
* publicKey: {
* format: "PEM",
* key: std.filebase64({
* input: "test-fixtures/rsa_public.pem",
* }).then(invoke => invoke.result),
* },
* },
* }, {
* dependsOn: [defaultAuthority],
* });
* ```
*
* ## Import
*
* Certificate can be imported using any of these accepted formats:
*
* * `projects/{{project}}/locations/{{location}}/caPools/{{pool}}/certificates/{{name}}`
*
* * `{{project}}/{{location}}/{{pool}}/{{name}}`
*
* * `{{location}}/{{pool}}/{{name}}`
*
* When using the `pulumi import` command, Certificate can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:certificateauthority/certificate:Certificate default projects/{{project}}/locations/{{location}}/caPools/{{pool}}/certificates/{{name}}
* ```
*
* ```sh
* $ pulumi import gcp:certificateauthority/certificate:Certificate default {{project}}/{{location}}/{{pool}}/{{name}}
* ```
*
* ```sh
* $ pulumi import gcp:certificateauthority/certificate:Certificate default {{location}}/{{pool}}/{{name}}
* ```
*/
export declare class Certificate extends pulumi.CustomResource {
/**
* Get an existing Certificate resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CertificateState, opts?: pulumi.CustomResourceOptions): Certificate;
/**
* Returns true if the given object is an instance of Certificate. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Certificate;
/**
* The Certificate Authority ID that should issue the certificate. For example, to issue a Certificate from
* a Certificate Authority with resource name `projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca`,
* argument `pool` should be set to `projects/my-project/locations/us-central1/caPools/my-pool`, argument `certificateAuthority`
* should be set to `my-ca`.
*/
readonly certificateAuthority: pulumi.Output<string | undefined>;
/**
* Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
* Structure is documented below.
*/
readonly certificateDescriptions: pulumi.Output<outputs.certificateauthority.CertificateCertificateDescription[]>;
/**
* The resource name for a CertificateTemplate used to issue this certificate,
* in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified,
* the caller must have the necessary permission to use this template. If this is
* omitted, no template will be used. This template must be in the same location
* as the Certificate.
*/
readonly certificateTemplate: pulumi.Output<string | undefined>;
/**
* The config used to create a self-signed X.509 certificate or CSR.
* Structure is documented below.
*/
readonly config: pulumi.Output<outputs.certificateauthority.CertificateConfig | undefined>;
/**
* The time that this resource was created on the server.
* This is in RFC3339 text format.
*/
readonly createTime: pulumi.Output<string>;
/**
* All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
*/
readonly effectiveLabels: pulumi.Output<{
[key: string]: string;
}>;
/**
* The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
*/
readonly issuerCertificateAuthority: pulumi.Output<string>;
/**
* Labels with user-defined metadata to apply to this resource.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effectiveLabels` for all of the labels present on the resource.
*/
readonly labels: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* The desired lifetime of the CA certificate. Used to create the "notBeforeTime" and
* "notAfterTime" fields inside an X.509 certificate. A duration in seconds with up to nine
* fractional digits, terminated by 's'. Example: "3.5s".
*/
readonly lifetime: pulumi.Output<string | undefined>;
/**
* Location of the Certificate. A full list of valid locations can be found by
* running `gcloud privateca locations list`.
*
*
* - - -
*/
readonly location: pulumi.Output<string>;
/**
* The name for this Certificate.
*/
readonly name: pulumi.Output<string>;
/**
* Output only. The pem-encoded, signed X.509 certificate.
*/
readonly pemCertificate: pulumi.Output<string>;
/**
* The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
*/
readonly pemCertificateChains: pulumi.Output<string[]>;
/**
* Immutable. A pem-encoded X.509 certificate signing request (CSR).
*/
readonly pemCsr: pulumi.Output<string | undefined>;
/**
* The name of the CaPool this Certificate belongs to.
*/
readonly pool: pulumi.Output<string>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
readonly project: pulumi.Output<string>;
/**
* The combination of labels configured directly on the resource
* and default labels configured on the provider.
*/
readonly pulumiLabels: pulumi.Output<{
[key: string]: string;
}>;
/**
* Output only. Details regarding the revocation of this Certificate. This Certificate is
* considered revoked if and only if this field is present.
* Structure is documented below.
*/
readonly revocationDetails: pulumi.Output<outputs.certificateauthority.CertificateRevocationDetail[]>;
/**
* Output only. The time at which this CertificateAuthority was updated.
* This is in RFC3339 text format.
*/
readonly updateTime: pulumi.Output<string>;
/**
* Create a Certificate resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: CertificateArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Certificate resources.
*/
export interface CertificateState {
/**
* The Certificate Authority ID that should issue the certificate. For example, to issue a Certificate from
* a Certificate Authority with resource name `projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca`,
* argument `pool` should be set to `projects/my-project/locations/us-central1/caPools/my-pool`, argument `certificateAuthority`
* should be set to `my-ca`.
*/
certificateAuthority?: pulumi.Input<string>;
/**
* Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
* Structure is documented below.
*/
certificateDescriptions?: pulumi.Input<pulumi.Input<inputs.certificateauthority.CertificateCertificateDescription>[]>;
/**
* The resource name for a CertificateTemplate used to issue this certificate,
* in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified,
* the caller must have the necessary permission to use this template. If this is
* omitted, no template will be used. This template must be in the same location
* as the Certificate.
*/
certificateTemplate?: pulumi.Input<string>;
/**
* The config used to create a self-signed X.509 certificate or CSR.
* Structure is documented below.
*/
config?: pulumi.Input<inputs.certificateauthority.CertificateConfig>;
/**
* The time that this resource was created on the server.
* This is in RFC3339 text format.
*/
createTime?: pulumi.Input<string>;
/**
* All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
*/
effectiveLabels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
*/
issuerCertificateAuthority?: pulumi.Input<string>;
/**
* Labels with user-defined metadata to apply to this resource.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effectiveLabels` for all of the labels present on the resource.
*/
labels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The desired lifetime of the CA certificate. Used to create the "notBeforeTime" and
* "notAfterTime" fields inside an X.509 certificate. A duration in seconds with up to nine
* fractional digits, terminated by 's'. Example: "3.5s".
*/
lifetime?: pulumi.Input<string>;
/**
* Location of the Certificate. A full list of valid locations can be found by
* running `gcloud privateca locations list`.
*
*
* - - -
*/
location?: pulumi.Input<string>;
/**
* The name for this Certificate.
*/
name?: pulumi.Input<string>;
/**
* Output only. The pem-encoded, signed X.509 certificate.
*/
pemCertificate?: pulumi.Input<string>;
/**
* The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
*/
pemCertificateChains?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Immutable. A pem-encoded X.509 certificate signing request (CSR).
*/
pemCsr?: pulumi.Input<string>;
/**
* The name of the CaPool this Certificate belongs to.
*/
pool?: pulumi.Input<string>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
project?: pulumi.Input<string>;
/**
* The combination of labels configured directly on the resource
* and default labels configured on the provider.
*/
pulumiLabels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Output only. Details regarding the revocation of this Certificate. This Certificate is
* considered revoked if and only if this field is present.
* Structure is documented below.
*/
revocationDetails?: pulumi.Input<pulumi.Input<inputs.certificateauthority.CertificateRevocationDetail>[]>;
/**
* Output only. The time at which this CertificateAuthority was updated.
* This is in RFC3339 text format.
*/
updateTime?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a Certificate resource.
*/
export interface CertificateArgs {
/**
* The Certificate Authority ID that should issue the certificate. For example, to issue a Certificate from
* a Certificate Authority with resource name `projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca`,
* argument `pool` should be set to `projects/my-project/locations/us-central1/caPools/my-pool`, argument `certificateAuthority`
* should be set to `my-ca`.
*/
certificateAuthority?: pulumi.Input<string>;
/**
* The resource name for a CertificateTemplate used to issue this certificate,
* in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified,
* the caller must have the necessary permission to use this template. If this is
* omitted, no template will be used. This template must be in the same location
* as the Certificate.
*/
certificateTemplate?: pulumi.Input<string>;
/**
* The config used to create a self-signed X.509 certificate or CSR.
* Structure is documented below.
*/
config?: pulumi.Input<inputs.certificateauthority.CertificateConfig>;
/**
* Labels with user-defined metadata to apply to this resource.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field `effectiveLabels` for all of the labels present on the resource.
*/
labels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The desired lifetime of the CA certificate. Used to create the "notBeforeTime" and
* "notAfterTime" fields inside an X.509 certificate. A duration in seconds with up to nine
* fractional digits, terminated by 's'. Example: "3.5s".
*/
lifetime?: pulumi.Input<string>;
/**
* Location of the Certificate. A full list of valid locations can be found by
* running `gcloud privateca locations list`.
*
*
* - - -
*/
location: pulumi.Input<string>;
/**
* The name for this Certificate.
*/
name?: pulumi.Input<string>;
/**
* Immutable. A pem-encoded X.509 certificate signing request (CSR).
*/
pemCsr?: pulumi.Input<string>;
/**
* The name of the CaPool this Certificate belongs to.
*/
pool: pulumi.Input<string>;
/**
* The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
project?: pulumi.Input<string>;
}