From ff5876b5a5e3668a6002c41f9c7a06eb069425ee Mon Sep 17 00:00:00 2001 From: The Magician Date: Fri, 28 Apr 2023 11:52:55 -0700 Subject: [PATCH] Format YAML for products i-p (#7788) (#5565) Signed-off-by: Modular Magician --- .changelog/7788.txt | 3 +++ google-beta/resource_iam_workforce_pool.go | 2 +- .../resource_iam_workforce_pool_provider.go | 6 +++--- ...rce_identity_platform_project_default_config.go | 4 ++-- google-beta/resource_kms_crypto_key.go | 2 +- google-beta/resource_logging_metric.go | 4 ++-- google-beta/resource_monitoring_service.go | 4 ++-- ...etwork_security_gateway_security_policy_rule.go | 2 +- google-beta/resource_network_services_gateway.go | 4 ++-- google-beta/resource_network_services_mesh.go | 8 ++++---- google-beta/resource_network_services_tcp_route.go | 6 +++--- google-beta/resource_privateca_ca_pool.go | 2 +- google-beta/resource_privateca_certificate.go | 4 ++-- .../resource_privateca_certificate_authority.go | 4 ++-- google-beta/resource_pubsub_subscription.go | 12 ++++++------ website/docs/r/iam_workforce_pool.html.markdown | 2 +- .../r/iam_workforce_pool_provider.html.markdown | 6 +++--- website/docs/r/iap_brand.html.markdown | 6 +++--- .../docs/r/identity_platform_config.html.markdown | 2 +- ...y_platform_project_default_config.html.markdown | 4 ++-- website/docs/r/kms_crypto_key.html.markdown | 2 +- .../docs/r/kms_key_ring_import_job.html.markdown | 2 +- website/docs/r/logging_metric.html.markdown | 4 ++-- website/docs/r/monitoring_service.html.markdown | 4 ++-- ...rity_gateway_security_policy_rule.html.markdown | 2 +- .../docs/r/network_services_gateway.html.markdown | 4 ++-- website/docs/r/network_services_mesh.html.markdown | 14 +++++++------- .../r/network_services_tcp_route.html.markdown | 6 +++--- website/docs/r/privateca_ca_pool.html.markdown | 2 +- website/docs/r/privateca_certificate.html.markdown | 6 +++--- .../privateca_certificate_authority.html.markdown | 4 ++-- website/docs/r/pubsub_subscription.html.markdown | 14 +++++++------- website/docs/r/pubsub_topic.html.markdown | 2 +- 33 files changed, 78 insertions(+), 75 deletions(-) create mode 100644 .changelog/7788.txt diff --git a/.changelog/7788.txt b/.changelog/7788.txt new file mode 100644 index 0000000000..8ec013c069 --- /dev/null +++ b/.changelog/7788.txt @@ -0,0 +1,3 @@ +```release-note:none + +``` diff --git a/google-beta/resource_iam_workforce_pool.go b/google-beta/resource_iam_workforce_pool.go index 9180a91e25..714b4e41f7 100644 --- a/google-beta/resource_iam_workforce_pool.go +++ b/google-beta/resource_iam_workforce_pool.go @@ -106,7 +106,7 @@ or use existing tokens to access resources. If the pool is re-enabled, existing Type: schema.TypeString, Optional: true, Description: `Duration that the Google Cloud access tokens, console sign-in sessions, -and 'gcloud' sign-in sessions from this pool are valid. +and 'gcloud' sign-in sessions from this pool are valid. Must be greater than 15 minutes (900s) and less than 12 hours (43200s). If 'sessionDuration' is not configured, minted credentials have a default duration of one hour (3600s). A duration in seconds with up to nine fractional digits, ending with ''s''. Example: "'3.5s'".`, diff --git a/google-beta/resource_iam_workforce_pool_provider.go b/google-beta/resource_iam_workforce_pool_provider.go index 6b4a517257..ea6e680df8 100644 --- a/google-beta/resource_iam_workforce_pool_provider.go +++ b/google-beta/resource_iam_workforce_pool_provider.go @@ -245,9 +245,9 @@ The max size of the acceptable xml document will be bounded to 128k characters. The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. -3) For each signing key: - a) Valid from should be no more than 7 days from now. - b) Valid to should be no more than 10 years in the future. +3) For each signing key: + a) Valid from should be no more than 7 days from now. + b) Valid to should be no more than 10 years in the future. 4) Up to 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at least one non-expired signing key diff --git a/google-beta/resource_identity_platform_project_default_config.go b/google-beta/resource_identity_platform_project_default_config.go index 517d6327b1..408c0c0253 100644 --- a/google-beta/resource_identity_platform_project_default_config.go +++ b/google-beta/resource_identity_platform_project_default_config.go @@ -85,8 +85,8 @@ func ResourceIdentityPlatformProjectDefaultConfig() *schema.Resource { "password_required": { Type: schema.TypeBool, Optional: true, - Description: `Whether a password is required for email auth or not. If true, both an email and -password must be provided to sign in. If false, a user may sign in via either + Description: `Whether a password is required for email auth or not. If true, both an email and +password must be provided to sign in. If false, a user may sign in via either email/password or email link.`, }, }, diff --git a/google-beta/resource_kms_crypto_key.go b/google-beta/resource_kms_crypto_key.go index 7bc36a7256..eef89a6b64 100644 --- a/google-beta/resource_kms_crypto_key.go +++ b/google-beta/resource_kms_crypto_key.go @@ -112,7 +112,7 @@ letter 's' (seconds). It must be greater than a day (ie, 86400).`, Type: schema.TypeBool, Optional: true, ForceNew: true, - Description: `If set to true, the request will create a CryptoKey without any CryptoKeyVersions. + Description: `If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must use the 'google_kms_key_ring_import_job' resource to import the CryptoKeyVersion.`, }, "version_template": { diff --git a/google-beta/resource_logging_metric.go b/google-beta/resource_logging_metric.go index f11b7a3b42..ac74183692 100644 --- a/google-beta/resource_logging_metric.go +++ b/google-beta/resource_logging_metric.go @@ -203,8 +203,8 @@ For counter metrics, set this to INT64. Possible values: ["BOOL", "INT64", "DOUB "display_name": { Type: schema.TypeString, Optional: true, - Description: `A concise name for the metric, which can be displayed in user interfaces. Use sentence case -without an ending period, for example "Request count". This field is optional but it is + Description: `A concise name for the metric, which can be displayed in user interfaces. Use sentence case +without an ending period, for example "Request count". This field is optional but it is recommended to be set for any metrics associated with user-visible concepts, such as Quota.`, }, "labels": { diff --git a/google-beta/resource_monitoring_service.go b/google-beta/resource_monitoring_service.go index 144865420b..4fd5a31434 100644 --- a/google-beta/resource_monitoring_service.go +++ b/google-beta/resource_monitoring_service.go @@ -64,14 +64,14 @@ https://cloud.google.com/stackdriver/docs/solutions/slo-monitoring/api/api-struc Type: schema.TypeMap, Optional: true, ForceNew: true, - Description: `Labels that specify the resource that emits the monitoring data + Description: `Labels that specify the resource that emits the monitoring data which is used for SLO reporting of this 'Service'.`, Elem: &schema.Schema{Type: schema.TypeString}, }, "service_type": { Type: schema.TypeString, Optional: true, - Description: `The type of service that this basic service defines, e.g. + Description: `The type of service that this basic service defines, e.g. APP_ENGINE service type`, }, }, diff --git a/google-beta/resource_network_security_gateway_security_policy_rule.go b/google-beta/resource_network_security_gateway_security_policy_rule.go index cf0657a459..2ed54ea167 100644 --- a/google-beta/resource_network_security_gateway_security_policy_rule.go +++ b/google-beta/resource_network_security_gateway_security_policy_rule.go @@ -96,7 +96,7 @@ rule should match the pattern: (^a-z?$).`, "tls_inspection_enabled": { Type: schema.TypeBool, Optional: true, - Description: `Flag to enable TLS inspection of traffic matching on. Can only be true if the + Description: `Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig.`, }, "create_time": { diff --git a/google-beta/resource_network_services_gateway.go b/google-beta/resource_network_services_gateway.go index af416caf6f..12109ce63d 100644 --- a/google-beta/resource_network_services_gateway.go +++ b/google-beta/resource_network_services_gateway.go @@ -53,7 +53,7 @@ func ResourceNetworkServicesGateway() *schema.Resource { Required: true, ForceNew: true, Description: `One or more port numbers (1-65535), on which the Gateway will receive traffic. -The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are +The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports.`, Elem: &schema.Schema{ Type: schema.TypeInt, @@ -64,7 +64,7 @@ limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support mu Required: true, Description: `Immutable. Scope determines how configuration across multiple Gateway instances are merged. The configuration for multiple Gateway instances with the same scope will be merged as presented as -a single coniguration to the proxy/load balancer. +a single coniguration to the proxy/load balancer. Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens.`, }, "type": { diff --git a/google-beta/resource_network_services_mesh.go b/google-beta/resource_network_services_mesh.go index 47b41fa246..dee4a18d39 100644 --- a/google-beta/resource_network_services_mesh.go +++ b/google-beta/resource_network_services_mesh.go @@ -56,10 +56,10 @@ func ResourceNetworkServicesMesh() *schema.Resource { "interception_port": { Type: schema.TypeInt, Optional: true, - Description: `Optional. If set to a valid TCP port (1-65535), instructs the SIDECAR proxy to listen on the -specified port of localhost (127.0.0.1) address. The SIDECAR proxy will expect all traffic to -be redirected to this port regardless of its actual ip:port destination. If unset, a port -'15001' is used as the interception port. This will is applicable only for sidecar proxy + Description: `Optional. If set to a valid TCP port (1-65535), instructs the SIDECAR proxy to listen on the +specified port of localhost (127.0.0.1) address. The SIDECAR proxy will expect all traffic to +be redirected to this port regardless of its actual ip:port destination. If unset, a port +'15001' is used as the interception port. This will is applicable only for sidecar proxy deployments.`, }, "labels": { diff --git a/google-beta/resource_network_services_tcp_route.go b/google-beta/resource_network_services_tcp_route.go index f910f5829c..49ff496f36 100644 --- a/google-beta/resource_network_services_tcp_route.go +++ b/google-beta/resource_network_services_tcp_route.go @@ -52,7 +52,7 @@ func ResourceNetworkServicesTcpRoute() *schema.Resource { "rules": { Type: schema.TypeList, Required: true, - Description: `Rules that define how traffic is routed and handled. At least one RouteRule must be supplied. + Description: `Rules that define how traffic is routed and handled. At least one RouteRule must be supplied. If there are multiple rules then the action taken will be the first rule to match.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -96,14 +96,14 @@ If weights are unspecified for all services, then, traffic is distributed in equ "matches": { Type: schema.TypeList, Optional: true, - Description: `RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. + Description: `RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. If no routeMatch field is specified, this rule will unconditionally match traffic.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "address": { Type: schema.TypeString, Required: true, - Description: `Must be specified in the CIDR range format. A CIDR range consists of an IP Address and a prefix length to construct the subnet mask. + Description: `Must be specified in the CIDR range format. A CIDR range consists of an IP Address and a prefix length to construct the subnet mask. By default, the prefix length is 32 (i.e. matches a single IP address). Only IPV4 addresses are supported. Examples: "10.0.0.1" - matches against this exact IP address. "10.0.0.0/8" - matches against any IP address within the 10.0.0.0 subnet and 255.255.255.0 mask. "0.0.0.0/0" - matches against any IP address'.`, }, "port": { diff --git a/google-beta/resource_privateca_ca_pool.go b/google-beta/resource_privateca_ca_pool.go index 18085cdb9c..905af22512 100644 --- a/google-beta/resource_privateca_ca_pool.go +++ b/google-beta/resource_privateca_ca_pool.go @@ -169,7 +169,7 @@ subordinate CA certificates that are allowed. If this value is less than 0, the "non_ca": { Type: schema.TypeBool, Optional: true, - Description: `When true, the "CA" in Basic Constraints extension will be set to false. + Description: `When true, the "CA" in Basic Constraints extension will be set to false. If both 'is_ca' and 'non_ca' are unset, the extension will be omitted from the CA certificate.`, }, "zero_max_issuer_path_length": { diff --git a/google-beta/resource_privateca_certificate.go b/google-beta/resource_privateca_certificate.go index 4c53e1dd15..463a1c03b5 100644 --- a/google-beta/resource_privateca_certificate.go +++ b/google-beta/resource_privateca_certificate.go @@ -463,7 +463,7 @@ subordinate CA certificates that are allowed. If this value is less than 0, the Type: schema.TypeBool, Optional: true, ForceNew: true, - Description: `When true, the "CA" in Basic Constraints extension will be set to false. + Description: `When true, the "CA" in Basic Constraints extension will be set to false. If both 'is_ca' and 'non_ca' are unset, the extension will be omitted from the CA certificate.`, }, "zero_max_issuer_path_length": { @@ -1375,7 +1375,7 @@ This is in RFC3339 text format.`, "revocation_details": { Type: schema.TypeList, Computed: true, - Description: `Output only. Details regarding the revocation of this Certificate. This Certificate is + Description: `Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.`, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ diff --git a/google-beta/resource_privateca_certificate_authority.go b/google-beta/resource_privateca_certificate_authority.go index c226312691..2c1104db5e 100644 --- a/google-beta/resource_privateca_certificate_authority.go +++ b/google-beta/resource_privateca_certificate_authority.go @@ -240,7 +240,7 @@ requires setting 'zero_max_issuer_path_length = true'.`, Type: schema.TypeBool, Optional: true, ForceNew: true, - Description: `When true, the "CA" in Basic Constraints extension will be set to false. + Description: `When true, the "CA" in Basic Constraints extension will be set to false. If both 'is_ca' and 'non_ca' are unset, the extension will be omitted from the CA certificate.`, }, "zero_max_issuer_path_length": { @@ -700,7 +700,7 @@ and usability purposes only. The resource name is in the format "pem_issuer_chain": { Type: schema.TypeList, Optional: true, - Description: `Contains the PEM certificate chain for the issuers of this CertificateAuthority, + Description: `Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.`, MaxItems: 1, Elem: &schema.Resource{ diff --git a/google-beta/resource_pubsub_subscription.go b/google-beta/resource_pubsub_subscription.go index 6ce9d7f1c5..9a44cb54b4 100644 --- a/google-beta/resource_pubsub_subscription.go +++ b/google-beta/resource_pubsub_subscription.go @@ -148,7 +148,7 @@ permission to Acknowledge() messages on this subscription.`, Format is 'projects/{project}/topics/{topic}'. The Cloud Pub/Sub service account associated with the enclosing subscription's -parent project (i.e., +parent project (i.e., service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must have permission to Publish() to this topic. @@ -162,7 +162,7 @@ since messages published to a topic with no subscriptions are lost.`, Description: `The maximum number of delivery attempts for any message. The value must be between 5 and 100. -The number of delivery attempts is defined as 1 + (the sum of number of +The number of delivery attempts is defined as 1 + (the sum of number of NACKs and number of times the acknowledgement deadline has been exceeded for the message). A NACK is any call to ModifyAckDeadline with a 0 deadline. Note that @@ -227,9 +227,9 @@ Example - "3.5s".`, Type: schema.TypeString, Optional: true, ForceNew: true, - Description: `The subscription only delivers the messages that match the filter. + Description: `The subscription only delivers the messages that match the filter. Pub/Sub automatically acknowledges the messages that don't match the filter. You can filter messages -by their attributes. The maximum length of a filter is 256 bytes. After creating the subscription, +by their attributes. The maximum length of a filter is 256 bytes. After creating the subscription, you can't modify the filter.`, }, "labels": { @@ -343,7 +343,7 @@ messageRetentionDuration window.`, Optional: true, Description: `A policy that specifies how Pub/Sub retries message delivery for this subscription. -If not set, the default retry policy is applied. This generally implies that messages will be retried as soon as possible for healthy subscribers. +If not set, the default retry policy is applied. This generally implies that messages will be retried as soon as possible for healthy subscribers. RetryPolicy will be triggered on NACKs or acknowledgement deadline exceeded events for a given message`, MaxItems: 1, Elem: &schema.Resource{ @@ -353,7 +353,7 @@ RetryPolicy will be triggered on NACKs or acknowledgement deadline exceeded even Computed: true, Optional: true, DiffSuppressFunc: DurationDiffSuppress, - Description: `The maximum delay between consecutive deliveries of a given message. Value should be between 0 and 600 seconds. Defaults to 600 seconds. + Description: `The maximum delay between consecutive deliveries of a given message. Value should be between 0 and 600 seconds. Defaults to 600 seconds. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".`, }, "minimum_backoff": { diff --git a/website/docs/r/iam_workforce_pool.html.markdown b/website/docs/r/iam_workforce_pool.html.markdown index 78b0662a8d..9393c30c8f 100644 --- a/website/docs/r/iam_workforce_pool.html.markdown +++ b/website/docs/r/iam_workforce_pool.html.markdown @@ -96,7 +96,7 @@ The following arguments are supported: * `session_duration` - (Optional) Duration that the Google Cloud access tokens, console sign-in sessions, - and `gcloud` sign-in sessions from this pool are valid. + and `gcloud` sign-in sessions from this pool are valid. Must be greater than 15 minutes (900s) and less than 12 hours (43200s). If `sessionDuration` is not configured, minted credentials have a default duration of one hour (3600s). A duration in seconds with up to nine fractional digits, ending with '`s`'. Example: "`3.5s`". diff --git a/website/docs/r/iam_workforce_pool_provider.html.markdown b/website/docs/r/iam_workforce_pool_provider.html.markdown index d10117b609..777aec290f 100644 --- a/website/docs/r/iam_workforce_pool_provider.html.markdown +++ b/website/docs/r/iam_workforce_pool_provider.html.markdown @@ -261,9 +261,9 @@ The following arguments are supported: The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. - 3) For each signing key: - a) Valid from should be no more than 7 days from now. - b) Valid to should be no more than 10 years in the future. + 3) For each signing key: + a) Valid from should be no more than 7 days from now. + b) Valid to should be no more than 10 years in the future. 4) Up to 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at least one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are diff --git a/website/docs/r/iap_brand.html.markdown b/website/docs/r/iap_brand.html.markdown index 809e9f0a07..5e92f10fc2 100644 --- a/website/docs/r/iap_brand.html.markdown +++ b/website/docs/r/iap_brand.html.markdown @@ -24,9 +24,9 @@ programmatically via API. To convert it into an external brands please use the GCP Console. -~> **Note:** Brands can only be created once for a Google Cloud -project and the underlying Google API doesn't not support DELETE or PATCH methods. -Destroying a Terraform-managed Brand will remove it from state +~> **Note:** Brands can only be created once for a Google Cloud +project and the underlying Google API doesn't not support DELETE or PATCH methods. +Destroying a Terraform-managed Brand will remove it from state but *will not delete it from Google Cloud.* diff --git a/website/docs/r/identity_platform_config.html.markdown b/website/docs/r/identity_platform_config.html.markdown index f3f80c4d98..c40458fc9b 100644 --- a/website/docs/r/identity_platform_config.html.markdown +++ b/website/docs/r/identity_platform_config.html.markdown @@ -23,7 +23,7 @@ Identity Platform configuration for a Cloud project. Identity Platform is an end-to-end authentication system for third-party users to access apps and services. -This entity is created only once during intialization and cannot be deleted, +This entity is created only once during intialization and cannot be deleted, individual Identity Providers may be disabled instead. This resource may only be created in billing-enabled projects. diff --git a/website/docs/r/identity_platform_project_default_config.html.markdown b/website/docs/r/identity_platform_project_default_config.html.markdown index a0283a801d..48b7bfdc73 100644 --- a/website/docs/r/identity_platform_project_default_config.html.markdown +++ b/website/docs/r/identity_platform_project_default_config.html.markdown @@ -109,8 +109,8 @@ The following arguments are supported: * `password_required` - (Optional) - Whether a password is required for email auth or not. If true, both an email and - password must be provided to sign in. If false, a user may sign in via either + Whether a password is required for email auth or not. If true, both an email and + password must be provided to sign in. If false, a user may sign in via either email/password or email link. The `phone_number` block supports: diff --git a/website/docs/r/kms_crypto_key.html.markdown b/website/docs/r/kms_crypto_key.html.markdown index 7364fe55fd..45d6e8cd27 100644 --- a/website/docs/r/kms_crypto_key.html.markdown +++ b/website/docs/r/kms_crypto_key.html.markdown @@ -133,7 +133,7 @@ The following arguments are supported: * `skip_initial_version_creation` - (Optional) - If set to true, the request will create a CryptoKey without any CryptoKeyVersions. + If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must use the `google_kms_key_ring_import_job` resource to import the CryptoKeyVersion. diff --git a/website/docs/r/kms_key_ring_import_job.html.markdown b/website/docs/r/kms_key_ring_import_job.html.markdown index 9512e8ef78..c0fa1e7bbd 100644 --- a/website/docs/r/kms_key_ring_import_job.html.markdown +++ b/website/docs/r/kms_key_ring_import_job.html.markdown @@ -28,7 +28,7 @@ was wrapped with the `KeyRingImportJob`'s public key. ~> **Note:** KeyRingImportJobs cannot be deleted from Google Cloud Platform. Destroying a Terraform-managed KeyRingImportJob will remove it from state but -*will not delete the resource from the project.* +*will not delete the resource from the project.* To get more information about KeyRingImportJob, see: diff --git a/website/docs/r/logging_metric.html.markdown b/website/docs/r/logging_metric.html.markdown index 7d0020e18b..545b2f4d6a 100644 --- a/website/docs/r/logging_metric.html.markdown +++ b/website/docs/r/logging_metric.html.markdown @@ -256,8 +256,8 @@ The following arguments are supported: * `display_name` - (Optional) - A concise name for the metric, which can be displayed in user interfaces. Use sentence case - without an ending period, for example "Request count". This field is optional but it is + A concise name for the metric, which can be displayed in user interfaces. Use sentence case + without an ending period, for example "Request count". This field is optional but it is recommended to be set for any metrics associated with user-visible concepts, such as Quota. diff --git a/website/docs/r/monitoring_service.html.markdown b/website/docs/r/monitoring_service.html.markdown index 2e7c118fcb..5b46a606d4 100644 --- a/website/docs/r/monitoring_service.html.markdown +++ b/website/docs/r/monitoring_service.html.markdown @@ -102,12 +102,12 @@ The following arguments are supported: * `service_type` - (Optional) - The type of service that this basic service defines, e.g. + The type of service that this basic service defines, e.g. APP_ENGINE service type * `service_labels` - (Optional) - Labels that specify the resource that emits the monitoring data + Labels that specify the resource that emits the monitoring data which is used for SLO reporting of this `Service`. ## Attributes Reference diff --git a/website/docs/r/network_security_gateway_security_policy_rule.html.markdown b/website/docs/r/network_security_gateway_security_policy_rule.html.markdown index 699b787588..b236eff229 100644 --- a/website/docs/r/network_security_gateway_security_policy_rule.html.markdown +++ b/website/docs/r/network_security_gateway_security_policy_rule.html.markdown @@ -138,7 +138,7 @@ The following arguments are supported: * `tls_inspection_enabled` - (Optional) - Flag to enable TLS inspection of traffic matching on. Can only be true if the + Flag to enable TLS inspection of traffic matching on. Can only be true if the parent GatewaySecurityPolicy references a TLSInspectionConfig. * `project` - (Optional) The ID of the project in which the resource belongs. diff --git a/website/docs/r/network_services_gateway.html.markdown b/website/docs/r/network_services_gateway.html.markdown index 80e7f590e7..6d9adfdb45 100644 --- a/website/docs/r/network_services_gateway.html.markdown +++ b/website/docs/r/network_services_gateway.html.markdown @@ -83,14 +83,14 @@ The following arguments are supported: * `ports` - (Required) One or more port numbers (1-65535), on which the Gateway will receive traffic. - The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are + The proxy binds to the specified ports. Gateways of type 'SECURE_WEB_GATEWAY' are limited to 1 port. Gateways of type 'OPEN_MESH' listen on 0.0.0.0 and support multiple ports. * `scope` - (Required) Immutable. Scope determines how configuration across multiple Gateway instances are merged. The configuration for multiple Gateway instances with the same scope will be merged as presented as - a single coniguration to the proxy/load balancer. + a single coniguration to the proxy/load balancer. Max length 64 characters. Scope should start with a letter and can only have letters, numbers, hyphens. * `name` - diff --git a/website/docs/r/network_services_mesh.html.markdown b/website/docs/r/network_services_mesh.html.markdown index be97674ad2..6d9357258e 100644 --- a/website/docs/r/network_services_mesh.html.markdown +++ b/website/docs/r/network_services_mesh.html.markdown @@ -14,14 +14,14 @@ # ---------------------------------------------------------------------------- subcategory: "Network services" description: |- - Mesh represents a logical configuration grouping for workload to workload communication within a + Mesh represents a logical configuration grouping for workload to workload communication within a service mesh. --- # google\_network\_services\_mesh -Mesh represents a logical configuration grouping for workload to workload communication within a -service mesh. Routes that point to mesh dictate how requests are routed within this logical +Mesh represents a logical configuration grouping for workload to workload communication within a +service mesh. Routes that point to mesh dictate how requests are routed within this logical mesh boundary. ~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider. @@ -92,10 +92,10 @@ The following arguments are supported: * `interception_port` - (Optional) - Optional. If set to a valid TCP port (1-65535), instructs the SIDECAR proxy to listen on the - specified port of localhost (127.0.0.1) address. The SIDECAR proxy will expect all traffic to - be redirected to this port regardless of its actual ip:port destination. If unset, a port - '15001' is used as the interception port. This will is applicable only for sidecar proxy + Optional. If set to a valid TCP port (1-65535), instructs the SIDECAR proxy to listen on the + specified port of localhost (127.0.0.1) address. The SIDECAR proxy will expect all traffic to + be redirected to this port regardless of its actual ip:port destination. If unset, a port + '15001' is used as the interception port. This will is applicable only for sidecar proxy deployments. * `project` - (Optional) The ID of the project in which the resource belongs. diff --git a/website/docs/r/network_services_tcp_route.html.markdown b/website/docs/r/network_services_tcp_route.html.markdown index 13f8088bf7..44bdb0f082 100644 --- a/website/docs/r/network_services_tcp_route.html.markdown +++ b/website/docs/r/network_services_tcp_route.html.markdown @@ -243,7 +243,7 @@ The following arguments are supported: * `rules` - (Required) - Rules that define how traffic is routed and handled. At least one RouteRule must be supplied. + Rules that define how traffic is routed and handled. At least one RouteRule must be supplied. If there are multiple rules then the action taken will be the first rule to match. Structure is [documented below](#nested_rules). @@ -256,7 +256,7 @@ The following arguments are supported: * `matches` - (Optional) - RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. + RouteMatch defines the predicate used to match requests to a given action. Multiple match types are "OR"ed for evaluation. If no routeMatch field is specified, this rule will unconditionally match traffic. Structure is [documented below](#nested_matches). @@ -270,7 +270,7 @@ The following arguments are supported: * `address` - (Required) - Must be specified in the CIDR range format. A CIDR range consists of an IP Address and a prefix length to construct the subnet mask. + Must be specified in the CIDR range format. A CIDR range consists of an IP Address and a prefix length to construct the subnet mask. By default, the prefix length is 32 (i.e. matches a single IP address). Only IPV4 addresses are supported. Examples: "10.0.0.1" - matches against this exact IP address. "10.0.0.0/8" - matches against any IP address within the 10.0.0.0 subnet and 255.255.255.0 mask. "0.0.0.0/0" - matches against any IP address'. * `port` - diff --git a/website/docs/r/privateca_ca_pool.html.markdown b/website/docs/r/privateca_ca_pool.html.markdown index f3246dd01a..32b8eb1073 100644 --- a/website/docs/r/privateca_ca_pool.html.markdown +++ b/website/docs/r/privateca_ca_pool.html.markdown @@ -372,7 +372,7 @@ The following arguments are supported: * `non_ca` - (Optional) - When true, the "CA" in Basic Constraints extension will be set to false. + When true, the "CA" in Basic Constraints extension will be set to false. If both `is_ca` and `non_ca` are unset, the extension will be omitted from the CA certificate. * `max_issuer_path_length` - diff --git a/website/docs/r/privateca_certificate.html.markdown b/website/docs/r/privateca_certificate.html.markdown index c8b7218d87..61cdb10fbc 100644 --- a/website/docs/r/privateca_certificate.html.markdown +++ b/website/docs/r/privateca_certificate.html.markdown @@ -22,7 +22,7 @@ description: |- A Certificate corresponds to a signed X.509 certificate issued by a Certificate. -~> **Note:** The Certificate Authority that is referenced by this resource **must** be +~> **Note:** The Certificate Authority that is referenced by this resource **must** be `tier = "ENTERPRISE"` @@ -571,7 +571,7 @@ The following arguments are supported: * `non_ca` - (Optional) - When true, the "CA" in Basic Constraints extension will be set to false. + When true, the "CA" in Basic Constraints extension will be set to false. If both `is_ca` and `non_ca` are unset, the extension will be omitted from the CA certificate. * `max_issuer_path_length` - @@ -821,7 +821,7 @@ In addition to the arguments listed above, the following computed attributes are The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. * `revocation_details` - - Output only. Details regarding the revocation of this Certificate. This Certificate is + Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present. Structure is [documented below](#nested_revocation_details). diff --git a/website/docs/r/privateca_certificate_authority.html.markdown b/website/docs/r/privateca_certificate_authority.html.markdown index f1f3043043..7ced36aaf0 100644 --- a/website/docs/r/privateca_certificate_authority.html.markdown +++ b/website/docs/r/privateca_certificate_authority.html.markdown @@ -389,7 +389,7 @@ The following arguments are supported: * `non_ca` - (Optional) - When true, the "CA" in Basic Constraints extension will be set to false. + When true, the "CA" in Basic Constraints extension will be set to false. If both `is_ca` and `non_ca` are unset, the extension will be omitted from the CA certificate. * `max_issuer_path_length` - @@ -705,7 +705,7 @@ in Terraform state, a `terraform destroy` or `terraform apply` that would delete * `pem_issuer_chain` - (Optional) - Contains the PEM certificate chain for the issuers of this CertificateAuthority, + Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself. Structure is [documented below](#nested_pem_issuer_chain). diff --git a/website/docs/r/pubsub_subscription.html.markdown b/website/docs/r/pubsub_subscription.html.markdown index ae8cea12d7..46811be501 100644 --- a/website/docs/r/pubsub_subscription.html.markdown +++ b/website/docs/r/pubsub_subscription.html.markdown @@ -30,7 +30,7 @@ To get more information about Subscription, see: * How-to Guides * [Managing Subscriptions](https://cloud.google.com/pubsub/docs/admin#managing_subscriptions) -~> **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding +~> **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding by using the `google_project_service_identity` resource.
@@ -289,9 +289,9 @@ The following arguments are supported: * `filter` - (Optional) - The subscription only delivers the messages that match the filter. + The subscription only delivers the messages that match the filter. Pub/Sub automatically acknowledges the messages that don't match the filter. You can filter messages - by their attributes. The maximum length of a filter is 256 bytes. After creating the subscription, + by their attributes. The maximum length of a filter is 256 bytes. After creating the subscription, you can't modify the filter. * `dead_letter_policy` - @@ -308,7 +308,7 @@ The following arguments are supported: * `retry_policy` - (Optional) A policy that specifies how Pub/Sub retries message delivery for this subscription. - If not set, the default retry policy is applied. This generally implies that messages will be retried as soon as possible for healthy subscribers. + If not set, the default retry policy is applied. This generally implies that messages will be retried as soon as possible for healthy subscribers. RetryPolicy will be triggered on NACKs or acknowledgement deadline exceeded events for a given message Structure is [documented below](#nested_retry_policy). @@ -422,7 +422,7 @@ The following arguments are supported: The name of the topic to which dead letter messages should be published. Format is `projects/{project}/topics/{topic}`. The Cloud Pub/Sub service account associated with the enclosing subscription's - parent project (i.e., + parent project (i.e., service-{project_number}@gcp-sa-pubsub.iam.gserviceaccount.com) must have permission to Publish() to this topic. The operation will fail if the topic does not exist. @@ -433,7 +433,7 @@ The following arguments are supported: (Optional) The maximum number of delivery attempts for any message. The value must be between 5 and 100. - The number of delivery attempts is defined as 1 + (the sum of number of + The number of delivery attempts is defined as 1 + (the sum of number of NACKs and number of times the acknowledgement deadline has been exceeded for the message). A NACK is any call to ModifyAckDeadline with a 0 deadline. Note that client libraries may automatically extend ack_deadlines. @@ -449,7 +449,7 @@ The following arguments are supported: * `maximum_backoff` - (Optional) - The maximum delay between consecutive deliveries of a given message. Value should be between 0 and 600 seconds. Defaults to 600 seconds. + The maximum delay between consecutive deliveries of a given message. Value should be between 0 and 600 seconds. Defaults to 600 seconds. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". ## Attributes Reference diff --git a/website/docs/r/pubsub_topic.html.markdown b/website/docs/r/pubsub_topic.html.markdown index f346f1e51e..4a6f880222 100644 --- a/website/docs/r/pubsub_topic.html.markdown +++ b/website/docs/r/pubsub_topic.html.markdown @@ -28,7 +28,7 @@ To get more information about Topic, see: * How-to Guides * [Managing Topics](https://cloud.google.com/pubsub/docs/admin#managing_topics) -~> **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding +~> **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding by using the `google_project_service_identity` resource.