.identity.oraclecloud.com`).
+func (o OciLinkAccountOutput) OciDomainUrl() pulumi.StringOutput {
+ return o.ApplyT(func(v *OciLinkAccount) pulumi.StringOutput { return v.OciDomainUrl }).(pulumi.StringOutput)
+}
+
+// Home region of the tenancy (e.g. `us-ashburn-1`).
+func (o OciLinkAccountOutput) OciHomeRegion() pulumi.StringOutput {
+ return o.ApplyT(func(v *OciLinkAccount) pulumi.StringOutput { return v.OciHomeRegion }).(pulumi.StringOutput)
+}
+
+// OCI region for the linkage (ignored on create, applied on update).
+func (o OciLinkAccountOutput) OciRegion() pulumi.StringPtrOutput {
+ return o.ApplyT(func(v *OciLinkAccount) pulumi.StringPtrOutput { return v.OciRegion }).(pulumi.StringPtrOutput)
+}
+
+// Service user name associated with the WIF configuration.
+func (o OciLinkAccountOutput) OciSvcUserName() pulumi.StringOutput {
+ return o.ApplyT(func(v *OciLinkAccount) pulumi.StringOutput { return v.OciSvcUserName }).(pulumi.StringOutput)
+}
+
+// OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+func (o OciLinkAccountOutput) TenantId() pulumi.StringOutput {
+ return o.ApplyT(func(v *OciLinkAccount) pulumi.StringOutput { return v.TenantId }).(pulumi.StringOutput)
+}
+
+// Vault secret OCID containing a user or auxiliary secret.
+func (o OciLinkAccountOutput) UserVaultOcid() pulumi.StringPtrOutput {
+ return o.ApplyT(func(v *OciLinkAccount) pulumi.StringPtrOutput { return v.UserVaultOcid }).(pulumi.StringPtrOutput)
+}
+
+type OciLinkAccountArrayOutput struct{ *pulumi.OutputState }
+
+func (OciLinkAccountArrayOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((*[]*OciLinkAccount)(nil)).Elem()
+}
+
+func (o OciLinkAccountArrayOutput) ToOciLinkAccountArrayOutput() OciLinkAccountArrayOutput {
+ return o
+}
+
+func (o OciLinkAccountArrayOutput) ToOciLinkAccountArrayOutputWithContext(ctx context.Context) OciLinkAccountArrayOutput {
+ return o
+}
+
+func (o OciLinkAccountArrayOutput) Index(i pulumi.IntInput) OciLinkAccountOutput {
+ return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OciLinkAccount {
+ return vs[0].([]*OciLinkAccount)[vs[1].(int)]
+ }).(OciLinkAccountOutput)
+}
+
+type OciLinkAccountMapOutput struct{ *pulumi.OutputState }
+
+func (OciLinkAccountMapOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((*map[string]*OciLinkAccount)(nil)).Elem()
+}
+
+func (o OciLinkAccountMapOutput) ToOciLinkAccountMapOutput() OciLinkAccountMapOutput {
+ return o
+}
+
+func (o OciLinkAccountMapOutput) ToOciLinkAccountMapOutputWithContext(ctx context.Context) OciLinkAccountMapOutput {
+ return o
+}
+
+func (o OciLinkAccountMapOutput) MapIndex(k pulumi.StringInput) OciLinkAccountOutput {
+ return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OciLinkAccount {
+ return vs[0].(map[string]*OciLinkAccount)[vs[1].(string)]
+ }).(OciLinkAccountOutput)
+}
+
+func init() {
+ pulumi.RegisterInputType(reflect.TypeOf((*OciLinkAccountInput)(nil)).Elem(), &OciLinkAccount{})
+ pulumi.RegisterInputType(reflect.TypeOf((*OciLinkAccountArrayInput)(nil)).Elem(), OciLinkAccountArray{})
+ pulumi.RegisterInputType(reflect.TypeOf((*OciLinkAccountMapInput)(nil)).Elem(), OciLinkAccountMap{})
+ pulumi.RegisterOutputType(OciLinkAccountOutput{})
+ pulumi.RegisterOutputType(OciLinkAccountArrayOutput{})
+ pulumi.RegisterOutputType(OciLinkAccountMapOutput{})
+}
diff --git a/sdk/java/src/main/java/com/pulumi/newrelic/cloud/OciLinkAccount.java b/sdk/java/src/main/java/com/pulumi/newrelic/cloud/OciLinkAccount.java
new file mode 100644
index 00000000..31a0b0b4
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/newrelic/cloud/OciLinkAccount.java
@@ -0,0 +1,420 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.newrelic.cloud;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Export;
+import com.pulumi.core.annotations.ResourceType;
+import com.pulumi.core.internal.Codegen;
+import com.pulumi.newrelic.Utilities;
+import com.pulumi.newrelic.cloud.OciLinkAccountArgs;
+import com.pulumi.newrelic.cloud.inputs.OciLinkAccountState;
+import java.lang.String;
+import java.util.List;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+/**
+ * Use this resource to link an Oracle Cloud Infrastructure (OCI) account to New Relic.
+ *
+ * This setup is used to create a provider account with OCI credentials, establishing a relationship between Oracle and New Relic. Additionally, as part of this integration, we store WIF (Workload Identity Federation) credentials which are further used for fetching data and validations, and vault OCIDs corresponding to the vault resource where the New Relic ingest and user keys are stored in the OCI console.
+ *
+ * ## Prerequisites
+ *
+ * For the `newrelic.cloud.OciLinkAccount` resource to work properly, you need an OCI tenancy with IAM permissions to create and manage the identity artifacts (client/application, secrets, compartments, and service user) referenced below. OCI provides enterprise-grade cloud services across multiple global regions.
+ *
+ * > NOTE: Before using this resource, ensure the New Relic provider is configured with valid credentials.\
+ * See Getting Started: New Relic provider guide
+ *
+ * If you encounter issues or bugs, please open an issue in the GitHub repository.
+ *
+ * ### Workload Identity Federation (WIF) Attributes
+ *
+ * The following arguments rely on an OCI Identity Domain OAuth2 client set up for workload identity federation (identity propagation): `oci_client_id`, `oci_client_secret`, `oci_domain_url`, and `oci_svc_user_name`.
+ *
+ * To create and retrieve these values, follow Oracle's guidance for configuring identity propagation / JWT token exchange:
+ *
+ * [Oracle documentation: Create an identity propagation trust (JWT token exchange)](https://docs.oracle.com/en-us/iaas/Content/Identity/api-getstarted/json_web_token_exchange.htm#jwt_token_exchange__create-identity-propagation-trust)
+ *
+ * WIF configuration steps:
+ * 1. Create (or identify) an Identity Domain and register an OAuth2 confidential application (client) to represent New Relic ingestion.
+ * 2. Generate / record the client ID (`oci_client_id`) and client secret (`oci_client_secret`). Store the secret securely (e.g., in OCI Vault; reference its OCID via `ingest_vault_ocid` / `user_vault_ocid` if desired).
+ * 3. Use the Identity Domain base URL as `oci_domain_url` (format: `https://idcs-<hash>.identity.oraclecloud.com`).
+ * 4. Provide / map a service user (or principal) used for workload identity federation as `oci_svc_user_name`.
+ * 5. Ensure the client has the required scopes and the tenancy policies allow the token exchange.
+ *
+ * > TIP: Rotating the OAuth2 client secret only requires updating `oci_client_secret`; it does not force resource replacement.
+ *
+ * ## Example Usage
+ *
+ * Minimal example (required arguments for creation):
+ *
+ *
+ * {@code
+ * package generated_program;
+ *
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.newrelic.cloud.OciLinkAccount;
+ * import com.pulumi.newrelic.cloud.OciLinkAccountArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ *
+ * public class App {
+ * public static void main(String[] args) {
+ * Pulumi.run(App::stack);
+ * }
+ *
+ * public static void stack(Context ctx) {
+ * var example = new OciLinkAccount("example", OciLinkAccountArgs.builder()
+ * .accountId("1234567")
+ * .tenantId("ocid1.tenancy.oc1..aaaaaaaaexample")
+ * .name("my-oci-link")
+ * .compartmentOcid("ocid1.compartment.oc1..bbbbbbbbexample")
+ * .ociClientId("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee")
+ * .ociClientSecret(ociClientSecret)
+ * .ociDomainUrl("https://idcs-1234567890abcdef.identity.oraclecloud.com")
+ * .ociHomeRegion("us-ashburn-1")
+ * .ociSvcUserName("svc-newrelic-collector")
+ * .build());
+ *
+ * }
+ * }
+ * }
+ *
+ *
+ * Example including optional secret references and update-only fields:
+ *
+ *
+ * {@code
+ * package generated_program;
+ *
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.newrelic.cloud.OciLinkAccount;
+ * import com.pulumi.newrelic.cloud.OciLinkAccountArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ *
+ * public class App {
+ * public static void main(String[] args) {
+ * Pulumi.run(App::stack);
+ * }
+ *
+ * public static void stack(Context ctx) {
+ * var full = new OciLinkAccount("full", OciLinkAccountArgs.builder()
+ * .name("my-oci-link-full")
+ * .tenantId("ocid1.tenancy.oc1..aaaaaaaaexample")
+ * .compartmentOcid("ocid1.compartment.oc1..bbbbbbbbexample")
+ * .ociClientId("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee")
+ * .ociClientSecret(ociClientSecret)
+ * .ociDomainUrl("https://idcs-1234567890abcdef.identity.oraclecloud.com")
+ * .ociHomeRegion("us-ashburn-1")
+ * .ociSvcUserName("svc-newrelic-collector")
+ * .ingestVaultOcid("ocid1.vaultsecret.oc1..ccccccccexample")
+ * .userVaultOcid("ocid1.vaultsecret.oc1..ddddddddexample")
+ * .instrumentationType("METRICS,LOGS")
+ * .ociRegion("us-phoenix-1")
+ * .metricStackOcid("ocid1.stack.oc1..eeeeeeeeexample")
+ * .loggingStackOcid("ocid1.stack.oc1..ffffffloggingstack")
+ * .build());
+ *
+ * }
+ * }
+ * }
+ *
+ *
+ * ## Import
+ *
+ * Linked OCI accounts can be imported using the `id`, e.g.
+ *
+ * bash
+ *
+ * ```sh
+ * $ pulumi import newrelic:cloud/ociLinkAccount:OciLinkAccount foo <id>
+ * ```
+ *
+ */
+@ResourceType(type="newrelic:cloud/ociLinkAccount:OciLinkAccount")
+public class OciLinkAccount extends com.pulumi.resources.CustomResource {
+ /**
+ * New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ */
+ @Export(name="accountId", refs={String.class}, tree="[0]")
+ private Output accountId;
+
+ /**
+ * @return New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ */
+ public Output accountId() {
+ return this.accountId;
+ }
+ /**
+ * OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ */
+ @Export(name="compartmentOcid", refs={String.class}, tree="[0]")
+ private Output compartmentOcid;
+
+ /**
+ * @return OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ */
+ public Output compartmentOcid() {
+ return this.compartmentOcid;
+ }
+ /**
+ * Vault secret OCID containing an ingest secret.
+ *
+ */
+ @Export(name="ingestVaultOcid", refs={String.class}, tree="[0]")
+ private Output ingestVaultOcid;
+
+ /**
+ * @return Vault secret OCID containing an ingest secret.
+ *
+ */
+ public Output> ingestVaultOcid() {
+ return Codegen.optional(this.ingestVaultOcid);
+ }
+ /**
+ * Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ */
+ @Export(name="instrumentationType", refs={String.class}, tree="[0]")
+ private Output instrumentationType;
+
+ /**
+ * @return Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ */
+ public Output> instrumentationType() {
+ return Codegen.optional(this.instrumentationType);
+ }
+ /**
+ * The Logging stack identifier for the OCI account.
+ *
+ */
+ @Export(name="loggingStackOcid", refs={String.class}, tree="[0]")
+ private Output loggingStackOcid;
+
+ /**
+ * @return The Logging stack identifier for the OCI account.
+ *
+ */
+ public Output> loggingStackOcid() {
+ return Codegen.optional(this.loggingStackOcid);
+ }
+ /**
+ * Metric stack OCID (ignored on create, applied on update).
+ *
+ */
+ @Export(name="metricStackOcid", refs={String.class}, tree="[0]")
+ private Output metricStackOcid;
+
+ /**
+ * @return Metric stack OCID (ignored on create, applied on update).
+ *
+ */
+ public Output> metricStackOcid() {
+ return Codegen.optional(this.metricStackOcid);
+ }
+ /**
+ * Display name for the linked account.
+ *
+ */
+ @Export(name="name", refs={String.class}, tree="[0]")
+ private Output name;
+
+ /**
+ * @return Display name for the linked account.
+ *
+ */
+ public Output name() {
+ return this.name;
+ }
+ /**
+ * OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ */
+ @Export(name="ociClientId", refs={String.class}, tree="[0]")
+ private Output ociClientId;
+
+ /**
+ * @return OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ */
+ public Output ociClientId() {
+ return this.ociClientId;
+ }
+ /**
+ * OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ */
+ @Export(name="ociClientSecret", refs={String.class}, tree="[0]")
+ private Output ociClientSecret;
+
+ /**
+ * @return OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ */
+ public Output ociClientSecret() {
+ return this.ociClientSecret;
+ }
+ /**
+ * Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ */
+ @Export(name="ociDomainUrl", refs={String.class}, tree="[0]")
+ private Output ociDomainUrl;
+
+ /**
+ * @return Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ */
+ public Output ociDomainUrl() {
+ return this.ociDomainUrl;
+ }
+ /**
+ * Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ */
+ @Export(name="ociHomeRegion", refs={String.class}, tree="[0]")
+ private Output ociHomeRegion;
+
+ /**
+ * @return Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ */
+ public Output ociHomeRegion() {
+ return this.ociHomeRegion;
+ }
+ /**
+ * OCI region for the linkage (ignored on create, applied on update).
+ *
+ */
+ @Export(name="ociRegion", refs={String.class}, tree="[0]")
+ private Output ociRegion;
+
+ /**
+ * @return OCI region for the linkage (ignored on create, applied on update).
+ *
+ */
+ public Output> ociRegion() {
+ return Codegen.optional(this.ociRegion);
+ }
+ /**
+ * Service user name associated with the WIF configuration.
+ *
+ */
+ @Export(name="ociSvcUserName", refs={String.class}, tree="[0]")
+ private Output ociSvcUserName;
+
+ /**
+ * @return Service user name associated with the WIF configuration.
+ *
+ */
+ public Output ociSvcUserName() {
+ return this.ociSvcUserName;
+ }
+ /**
+ * OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ */
+ @Export(name="tenantId", refs={String.class}, tree="[0]")
+ private Output tenantId;
+
+ /**
+ * @return OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ */
+ public Output tenantId() {
+ return this.tenantId;
+ }
+ /**
+ * Vault secret OCID containing a user or auxiliary secret.
+ *
+ */
+ @Export(name="userVaultOcid", refs={String.class}, tree="[0]")
+ private Output userVaultOcid;
+
+ /**
+ * @return Vault secret OCID containing a user or auxiliary secret.
+ *
+ */
+ public Output> userVaultOcid() {
+ return Codegen.optional(this.userVaultOcid);
+ }
+
+ /**
+ *
+ * @param name The _unique_ name of the resulting resource.
+ */
+ public OciLinkAccount(java.lang.String name) {
+ this(name, OciLinkAccountArgs.Empty);
+ }
+ /**
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param args The arguments to use to populate this resource's properties.
+ */
+ public OciLinkAccount(java.lang.String name, OciLinkAccountArgs args) {
+ this(name, args, null);
+ }
+ /**
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param options A bag of options that control this resource's behavior.
+ */
+ public OciLinkAccount(java.lang.String name, OciLinkAccountArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ super("newrelic:cloud/ociLinkAccount:OciLinkAccount", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
+ }
+
+ private OciLinkAccount(java.lang.String name, Output id, @Nullable OciLinkAccountState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ super("newrelic:cloud/ociLinkAccount:OciLinkAccount", name, state, makeResourceOptions(options, id), false);
+ }
+
+ private static OciLinkAccountArgs makeArgs(OciLinkAccountArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ if (options != null && options.getUrn().isPresent()) {
+ return null;
+ }
+ return args == null ? OciLinkAccountArgs.Empty : args;
+ }
+
+ private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
+ var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
+ .version(Utilities.getVersion())
+ .additionalSecretOutputs(List.of(
+ "ociClientSecret"
+ ))
+ .build();
+ return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
+ }
+
+ /**
+ * Get an existing Host resource's state with the given name, ID, and optional extra
+ * properties used to qualify the lookup.
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param id The _unique_ provider ID of the resource to lookup.
+ * @param state
+ * @param options Optional settings to control the behavior of the CustomResource.
+ */
+ public static OciLinkAccount get(java.lang.String name, Output id, @Nullable OciLinkAccountState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ return new OciLinkAccount(name, id, state, options);
+ }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/newrelic/cloud/OciLinkAccountArgs.java b/sdk/java/src/main/java/com/pulumi/newrelic/cloud/OciLinkAccountArgs.java
new file mode 100644
index 00000000..e5150afa
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/newrelic/cloud/OciLinkAccountArgs.java
@@ -0,0 +1,623 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.newrelic.cloud;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class OciLinkAccountArgs extends com.pulumi.resources.ResourceArgs {
+
+ public static final OciLinkAccountArgs Empty = new OciLinkAccountArgs();
+
+ /**
+ * New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ */
+ @Import(name="accountId")
+ private @Nullable Output accountId;
+
+ /**
+ * @return New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ */
+ public Optional> accountId() {
+ return Optional.ofNullable(this.accountId);
+ }
+
+ /**
+ * OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ */
+ @Import(name="compartmentOcid", required=true)
+ private Output compartmentOcid;
+
+ /**
+ * @return OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ */
+ public Output compartmentOcid() {
+ return this.compartmentOcid;
+ }
+
+ /**
+ * Vault secret OCID containing an ingest secret.
+ *
+ */
+ @Import(name="ingestVaultOcid")
+ private @Nullable Output ingestVaultOcid;
+
+ /**
+ * @return Vault secret OCID containing an ingest secret.
+ *
+ */
+ public Optional> ingestVaultOcid() {
+ return Optional.ofNullable(this.ingestVaultOcid);
+ }
+
+ /**
+ * Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ */
+ @Import(name="instrumentationType")
+ private @Nullable Output instrumentationType;
+
+ /**
+ * @return Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ */
+ public Optional> instrumentationType() {
+ return Optional.ofNullable(this.instrumentationType);
+ }
+
+ /**
+ * The Logging stack identifier for the OCI account.
+ *
+ */
+ @Import(name="loggingStackOcid")
+ private @Nullable Output loggingStackOcid;
+
+ /**
+ * @return The Logging stack identifier for the OCI account.
+ *
+ */
+ public Optional> loggingStackOcid() {
+ return Optional.ofNullable(this.loggingStackOcid);
+ }
+
+ /**
+ * Metric stack OCID (ignored on create, applied on update).
+ *
+ */
+ @Import(name="metricStackOcid")
+ private @Nullable Output metricStackOcid;
+
+ /**
+ * @return Metric stack OCID (ignored on create, applied on update).
+ *
+ */
+ public Optional> metricStackOcid() {
+ return Optional.ofNullable(this.metricStackOcid);
+ }
+
+ /**
+ * Display name for the linked account.
+ *
+ */
+ @Import(name="name")
+ private @Nullable Output name;
+
+ /**
+ * @return Display name for the linked account.
+ *
+ */
+ public Optional> name() {
+ return Optional.ofNullable(this.name);
+ }
+
+ /**
+ * OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ */
+ @Import(name="ociClientId", required=true)
+ private Output ociClientId;
+
+ /**
+ * @return OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ */
+ public Output ociClientId() {
+ return this.ociClientId;
+ }
+
+ /**
+ * OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ */
+ @Import(name="ociClientSecret", required=true)
+ private Output ociClientSecret;
+
+ /**
+ * @return OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ */
+ public Output ociClientSecret() {
+ return this.ociClientSecret;
+ }
+
+ /**
+ * Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ */
+ @Import(name="ociDomainUrl", required=true)
+ private Output ociDomainUrl;
+
+ /**
+ * @return Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ */
+ public Output ociDomainUrl() {
+ return this.ociDomainUrl;
+ }
+
+ /**
+ * Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ */
+ @Import(name="ociHomeRegion", required=true)
+ private Output ociHomeRegion;
+
+ /**
+ * @return Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ */
+ public Output ociHomeRegion() {
+ return this.ociHomeRegion;
+ }
+
+ /**
+ * OCI region for the linkage (ignored on create, applied on update).
+ *
+ */
+ @Import(name="ociRegion")
+ private @Nullable Output ociRegion;
+
+ /**
+ * @return OCI region for the linkage (ignored on create, applied on update).
+ *
+ */
+ public Optional> ociRegion() {
+ return Optional.ofNullable(this.ociRegion);
+ }
+
+ /**
+ * Service user name associated with the WIF configuration.
+ *
+ */
+ @Import(name="ociSvcUserName", required=true)
+ private Output ociSvcUserName;
+
+ /**
+ * @return Service user name associated with the WIF configuration.
+ *
+ */
+ public Output ociSvcUserName() {
+ return this.ociSvcUserName;
+ }
+
+ /**
+ * OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ */
+ @Import(name="tenantId", required=true)
+ private Output tenantId;
+
+ /**
+ * @return OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ */
+ public Output tenantId() {
+ return this.tenantId;
+ }
+
+ /**
+ * Vault secret OCID containing a user or auxiliary secret.
+ *
+ */
+ @Import(name="userVaultOcid")
+ private @Nullable Output userVaultOcid;
+
+ /**
+ * @return Vault secret OCID containing a user or auxiliary secret.
+ *
+ */
+ public Optional> userVaultOcid() {
+ return Optional.ofNullable(this.userVaultOcid);
+ }
+
+ private OciLinkAccountArgs() {}
+
+ private OciLinkAccountArgs(OciLinkAccountArgs $) {
+ this.accountId = $.accountId;
+ this.compartmentOcid = $.compartmentOcid;
+ this.ingestVaultOcid = $.ingestVaultOcid;
+ this.instrumentationType = $.instrumentationType;
+ this.loggingStackOcid = $.loggingStackOcid;
+ this.metricStackOcid = $.metricStackOcid;
+ this.name = $.name;
+ this.ociClientId = $.ociClientId;
+ this.ociClientSecret = $.ociClientSecret;
+ this.ociDomainUrl = $.ociDomainUrl;
+ this.ociHomeRegion = $.ociHomeRegion;
+ this.ociRegion = $.ociRegion;
+ this.ociSvcUserName = $.ociSvcUserName;
+ this.tenantId = $.tenantId;
+ this.userVaultOcid = $.userVaultOcid;
+ }
+
+ public static Builder builder() {
+ return new Builder();
+ }
+ public static Builder builder(OciLinkAccountArgs defaults) {
+ return new Builder(defaults);
+ }
+
+ public static final class Builder {
+ private OciLinkAccountArgs $;
+
+ public Builder() {
+ $ = new OciLinkAccountArgs();
+ }
+
+ public Builder(OciLinkAccountArgs defaults) {
+ $ = new OciLinkAccountArgs(Objects.requireNonNull(defaults));
+ }
+
+ /**
+ * @param accountId New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ * @return builder
+ *
+ */
+ public Builder accountId(@Nullable Output accountId) {
+ $.accountId = accountId;
+ return this;
+ }
+
+ /**
+ * @param accountId New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ * @return builder
+ *
+ */
+ public Builder accountId(String accountId) {
+ return accountId(Output.of(accountId));
+ }
+
+ /**
+ * @param compartmentOcid OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ * @return builder
+ *
+ */
+ public Builder compartmentOcid(Output compartmentOcid) {
+ $.compartmentOcid = compartmentOcid;
+ return this;
+ }
+
+ /**
+ * @param compartmentOcid OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ * @return builder
+ *
+ */
+ public Builder compartmentOcid(String compartmentOcid) {
+ return compartmentOcid(Output.of(compartmentOcid));
+ }
+
+ /**
+ * @param ingestVaultOcid Vault secret OCID containing an ingest secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder ingestVaultOcid(@Nullable Output ingestVaultOcid) {
+ $.ingestVaultOcid = ingestVaultOcid;
+ return this;
+ }
+
+ /**
+ * @param ingestVaultOcid Vault secret OCID containing an ingest secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder ingestVaultOcid(String ingestVaultOcid) {
+ return ingestVaultOcid(Output.of(ingestVaultOcid));
+ }
+
+ /**
+ * @param instrumentationType Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ * @return builder
+ *
+ */
+ public Builder instrumentationType(@Nullable Output instrumentationType) {
+ $.instrumentationType = instrumentationType;
+ return this;
+ }
+
+ /**
+ * @param instrumentationType Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ * @return builder
+ *
+ */
+ public Builder instrumentationType(String instrumentationType) {
+ return instrumentationType(Output.of(instrumentationType));
+ }
+
+ /**
+ * @param loggingStackOcid The Logging stack identifier for the OCI account.
+ *
+ * @return builder
+ *
+ */
+ public Builder loggingStackOcid(@Nullable Output loggingStackOcid) {
+ $.loggingStackOcid = loggingStackOcid;
+ return this;
+ }
+
+ /**
+ * @param loggingStackOcid The Logging stack identifier for the OCI account.
+ *
+ * @return builder
+ *
+ */
+ public Builder loggingStackOcid(String loggingStackOcid) {
+ return loggingStackOcid(Output.of(loggingStackOcid));
+ }
+
+ /**
+ * @param metricStackOcid Metric stack OCID (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder metricStackOcid(@Nullable Output metricStackOcid) {
+ $.metricStackOcid = metricStackOcid;
+ return this;
+ }
+
+ /**
+ * @param metricStackOcid Metric stack OCID (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder metricStackOcid(String metricStackOcid) {
+ return metricStackOcid(Output.of(metricStackOcid));
+ }
+
+ /**
+ * @param name Display name for the linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder name(@Nullable Output name) {
+ $.name = name;
+ return this;
+ }
+
+ /**
+ * @param name Display name for the linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder name(String name) {
+ return name(Output.of(name));
+ }
+
+ /**
+ * @param ociClientId OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientId(Output ociClientId) {
+ $.ociClientId = ociClientId;
+ return this;
+ }
+
+ /**
+ * @param ociClientId OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientId(String ociClientId) {
+ return ociClientId(Output.of(ociClientId));
+ }
+
+ /**
+ * @param ociClientSecret OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientSecret(Output ociClientSecret) {
+ $.ociClientSecret = ociClientSecret;
+ return this;
+ }
+
+ /**
+ * @param ociClientSecret OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientSecret(String ociClientSecret) {
+ return ociClientSecret(Output.of(ociClientSecret));
+ }
+
+ /**
+ * @param ociDomainUrl Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociDomainUrl(Output ociDomainUrl) {
+ $.ociDomainUrl = ociDomainUrl;
+ return this;
+ }
+
+ /**
+ * @param ociDomainUrl Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociDomainUrl(String ociDomainUrl) {
+ return ociDomainUrl(Output.of(ociDomainUrl));
+ }
+
+ /**
+ * @param ociHomeRegion Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociHomeRegion(Output ociHomeRegion) {
+ $.ociHomeRegion = ociHomeRegion;
+ return this;
+ }
+
+ /**
+ * @param ociHomeRegion Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociHomeRegion(String ociHomeRegion) {
+ return ociHomeRegion(Output.of(ociHomeRegion));
+ }
+
+ /**
+ * @param ociRegion OCI region for the linkage (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociRegion(@Nullable Output ociRegion) {
+ $.ociRegion = ociRegion;
+ return this;
+ }
+
+ /**
+ * @param ociRegion OCI region for the linkage (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociRegion(String ociRegion) {
+ return ociRegion(Output.of(ociRegion));
+ }
+
+ /**
+ * @param ociSvcUserName Service user name associated with the WIF configuration.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociSvcUserName(Output ociSvcUserName) {
+ $.ociSvcUserName = ociSvcUserName;
+ return this;
+ }
+
+ /**
+ * @param ociSvcUserName Service user name associated with the WIF configuration.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociSvcUserName(String ociSvcUserName) {
+ return ociSvcUserName(Output.of(ociSvcUserName));
+ }
+
+ /**
+ * @param tenantId OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder tenantId(Output tenantId) {
+ $.tenantId = tenantId;
+ return this;
+ }
+
+ /**
+ * @param tenantId OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder tenantId(String tenantId) {
+ return tenantId(Output.of(tenantId));
+ }
+
+ /**
+ * @param userVaultOcid Vault secret OCID containing a user or auxiliary secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder userVaultOcid(@Nullable Output userVaultOcid) {
+ $.userVaultOcid = userVaultOcid;
+ return this;
+ }
+
+ /**
+ * @param userVaultOcid Vault secret OCID containing a user or auxiliary secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder userVaultOcid(String userVaultOcid) {
+ return userVaultOcid(Output.of(userVaultOcid));
+ }
+
+ public OciLinkAccountArgs build() {
+ if ($.compartmentOcid == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "compartmentOcid");
+ }
+ if ($.ociClientId == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "ociClientId");
+ }
+ if ($.ociClientSecret == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "ociClientSecret");
+ }
+ if ($.ociDomainUrl == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "ociDomainUrl");
+ }
+ if ($.ociHomeRegion == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "ociHomeRegion");
+ }
+ if ($.ociSvcUserName == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "ociSvcUserName");
+ }
+ if ($.tenantId == null) {
+ throw new MissingRequiredPropertyException("OciLinkAccountArgs", "tenantId");
+ }
+ return $;
+ }
+ }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/newrelic/cloud/inputs/OciLinkAccountState.java b/sdk/java/src/main/java/com/pulumi/newrelic/cloud/inputs/OciLinkAccountState.java
new file mode 100644
index 00000000..e769db2e
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/newrelic/cloud/inputs/OciLinkAccountState.java
@@ -0,0 +1,601 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.newrelic.cloud.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import java.lang.String;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class OciLinkAccountState extends com.pulumi.resources.ResourceArgs {
+
+ public static final OciLinkAccountState Empty = new OciLinkAccountState();
+
+ /**
+ * New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ */
+ @Import(name="accountId")
+ private @Nullable Output accountId;
+
+ /**
+ * @return New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ */
+ public Optional> accountId() {
+ return Optional.ofNullable(this.accountId);
+ }
+
+ /**
+ * OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ */
+ @Import(name="compartmentOcid")
+ private @Nullable Output compartmentOcid;
+
+ /**
+ * @return OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ */
+ public Optional> compartmentOcid() {
+ return Optional.ofNullable(this.compartmentOcid);
+ }
+
+ /**
+ * Vault secret OCID containing an ingest secret.
+ *
+ */
+ @Import(name="ingestVaultOcid")
+ private @Nullable Output ingestVaultOcid;
+
+ /**
+ * @return Vault secret OCID containing an ingest secret.
+ *
+ */
+ public Optional> ingestVaultOcid() {
+ return Optional.ofNullable(this.ingestVaultOcid);
+ }
+
+ /**
+ * Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ */
+ @Import(name="instrumentationType")
+ private @Nullable Output instrumentationType;
+
+ /**
+ * @return Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ */
+ public Optional> instrumentationType() {
+ return Optional.ofNullable(this.instrumentationType);
+ }
+
+ /**
+ * The Logging stack identifier for the OCI account.
+ *
+ */
+ @Import(name="loggingStackOcid")
+ private @Nullable Output loggingStackOcid;
+
+ /**
+ * @return The Logging stack identifier for the OCI account.
+ *
+ */
+ public Optional> loggingStackOcid() {
+ return Optional.ofNullable(this.loggingStackOcid);
+ }
+
+ /**
+ * Metric stack OCID (ignored on create, applied on update).
+ *
+ */
+ @Import(name="metricStackOcid")
+ private @Nullable Output metricStackOcid;
+
+ /**
+ * @return Metric stack OCID (ignored on create, applied on update).
+ *
+ */
+ public Optional> metricStackOcid() {
+ return Optional.ofNullable(this.metricStackOcid);
+ }
+
+ /**
+ * Display name for the linked account.
+ *
+ */
+ @Import(name="name")
+ private @Nullable Output name;
+
+ /**
+ * @return Display name for the linked account.
+ *
+ */
+ public Optional> name() {
+ return Optional.ofNullable(this.name);
+ }
+
+ /**
+ * OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ */
+ @Import(name="ociClientId")
+ private @Nullable Output ociClientId;
+
+ /**
+ * @return OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ */
+ public Optional> ociClientId() {
+ return Optional.ofNullable(this.ociClientId);
+ }
+
+ /**
+ * OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ */
+ @Import(name="ociClientSecret")
+ private @Nullable Output ociClientSecret;
+
+ /**
+ * @return OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ */
+ public Optional> ociClientSecret() {
+ return Optional.ofNullable(this.ociClientSecret);
+ }
+
+ /**
+ * Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ */
+ @Import(name="ociDomainUrl")
+ private @Nullable Output ociDomainUrl;
+
+ /**
+ * @return Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ */
+ public Optional> ociDomainUrl() {
+ return Optional.ofNullable(this.ociDomainUrl);
+ }
+
+ /**
+ * Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ */
+ @Import(name="ociHomeRegion")
+ private @Nullable Output ociHomeRegion;
+
+ /**
+ * @return Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ */
+ public Optional> ociHomeRegion() {
+ return Optional.ofNullable(this.ociHomeRegion);
+ }
+
+ /**
+ * OCI region for the linkage (ignored on create, applied on update).
+ *
+ */
+ @Import(name="ociRegion")
+ private @Nullable Output ociRegion;
+
+ /**
+ * @return OCI region for the linkage (ignored on create, applied on update).
+ *
+ */
+ public Optional> ociRegion() {
+ return Optional.ofNullable(this.ociRegion);
+ }
+
+ /**
+ * Service user name associated with the WIF configuration.
+ *
+ */
+ @Import(name="ociSvcUserName")
+ private @Nullable Output ociSvcUserName;
+
+ /**
+ * @return Service user name associated with the WIF configuration.
+ *
+ */
+ public Optional> ociSvcUserName() {
+ return Optional.ofNullable(this.ociSvcUserName);
+ }
+
+ /**
+ * OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ */
+ @Import(name="tenantId")
+ private @Nullable Output tenantId;
+
+ /**
+ * @return OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ */
+ public Optional> tenantId() {
+ return Optional.ofNullable(this.tenantId);
+ }
+
+ /**
+ * Vault secret OCID containing a user or auxiliary secret.
+ *
+ */
+ @Import(name="userVaultOcid")
+ private @Nullable Output userVaultOcid;
+
+ /**
+ * @return Vault secret OCID containing a user or auxiliary secret.
+ *
+ */
+ public Optional> userVaultOcid() {
+ return Optional.ofNullable(this.userVaultOcid);
+ }
+
+ private OciLinkAccountState() {}
+
+ private OciLinkAccountState(OciLinkAccountState $) {
+ this.accountId = $.accountId;
+ this.compartmentOcid = $.compartmentOcid;
+ this.ingestVaultOcid = $.ingestVaultOcid;
+ this.instrumentationType = $.instrumentationType;
+ this.loggingStackOcid = $.loggingStackOcid;
+ this.metricStackOcid = $.metricStackOcid;
+ this.name = $.name;
+ this.ociClientId = $.ociClientId;
+ this.ociClientSecret = $.ociClientSecret;
+ this.ociDomainUrl = $.ociDomainUrl;
+ this.ociHomeRegion = $.ociHomeRegion;
+ this.ociRegion = $.ociRegion;
+ this.ociSvcUserName = $.ociSvcUserName;
+ this.tenantId = $.tenantId;
+ this.userVaultOcid = $.userVaultOcid;
+ }
+
+ public static Builder builder() {
+ return new Builder();
+ }
+ public static Builder builder(OciLinkAccountState defaults) {
+ return new Builder(defaults);
+ }
+
+ public static final class Builder {
+ private OciLinkAccountState $;
+
+ public Builder() {
+ $ = new OciLinkAccountState();
+ }
+
+ public Builder(OciLinkAccountState defaults) {
+ $ = new OciLinkAccountState(Objects.requireNonNull(defaults));
+ }
+
+ /**
+ * @param accountId New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ * @return builder
+ *
+ */
+ public Builder accountId(@Nullable Output accountId) {
+ $.accountId = accountId;
+ return this;
+ }
+
+ /**
+ * @param accountId New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ *
+ * @return builder
+ *
+ */
+ public Builder accountId(String accountId) {
+ return accountId(Output.of(accountId));
+ }
+
+ /**
+ * @param compartmentOcid OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ * @return builder
+ *
+ */
+ public Builder compartmentOcid(@Nullable Output compartmentOcid) {
+ $.compartmentOcid = compartmentOcid;
+ return this;
+ }
+
+ /**
+ * @param compartmentOcid OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ *
+ * @return builder
+ *
+ */
+ public Builder compartmentOcid(String compartmentOcid) {
+ return compartmentOcid(Output.of(compartmentOcid));
+ }
+
+ /**
+ * @param ingestVaultOcid Vault secret OCID containing an ingest secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder ingestVaultOcid(@Nullable Output ingestVaultOcid) {
+ $.ingestVaultOcid = ingestVaultOcid;
+ return this;
+ }
+
+ /**
+ * @param ingestVaultOcid Vault secret OCID containing an ingest secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder ingestVaultOcid(String ingestVaultOcid) {
+ return ingestVaultOcid(Output.of(ingestVaultOcid));
+ }
+
+ /**
+ * @param instrumentationType Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ * @return builder
+ *
+ */
+ public Builder instrumentationType(@Nullable Output instrumentationType) {
+ $.instrumentationType = instrumentationType;
+ return this;
+ }
+
+ /**
+ * @param instrumentationType Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ *
+ * @return builder
+ *
+ */
+ public Builder instrumentationType(String instrumentationType) {
+ return instrumentationType(Output.of(instrumentationType));
+ }
+
+ /**
+ * @param loggingStackOcid The Logging stack identifier for the OCI account.
+ *
+ * @return builder
+ *
+ */
+ public Builder loggingStackOcid(@Nullable Output loggingStackOcid) {
+ $.loggingStackOcid = loggingStackOcid;
+ return this;
+ }
+
+ /**
+ * @param loggingStackOcid The Logging stack identifier for the OCI account.
+ *
+ * @return builder
+ *
+ */
+ public Builder loggingStackOcid(String loggingStackOcid) {
+ return loggingStackOcid(Output.of(loggingStackOcid));
+ }
+
+ /**
+ * @param metricStackOcid Metric stack OCID (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder metricStackOcid(@Nullable Output metricStackOcid) {
+ $.metricStackOcid = metricStackOcid;
+ return this;
+ }
+
+ /**
+ * @param metricStackOcid Metric stack OCID (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder metricStackOcid(String metricStackOcid) {
+ return metricStackOcid(Output.of(metricStackOcid));
+ }
+
+ /**
+ * @param name Display name for the linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder name(@Nullable Output name) {
+ $.name = name;
+ return this;
+ }
+
+ /**
+ * @param name Display name for the linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder name(String name) {
+ return name(Output.of(name));
+ }
+
+ /**
+ * @param ociClientId OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientId(@Nullable Output ociClientId) {
+ $.ociClientId = ociClientId;
+ return this;
+ }
+
+ /**
+ * @param ociClientId OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientId(String ociClientId) {
+ return ociClientId(Output.of(ociClientId));
+ }
+
+ /**
+ * @param ociClientSecret OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientSecret(@Nullable Output ociClientSecret) {
+ $.ociClientSecret = ociClientSecret;
+ return this;
+ }
+
+ /**
+ * @param ociClientSecret OAuth2 client secret. Not displayed in plans or state outputs.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociClientSecret(String ociClientSecret) {
+ return ociClientSecret(Output.of(ociClientSecret));
+ }
+
+ /**
+ * @param ociDomainUrl Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociDomainUrl(@Nullable Output ociDomainUrl) {
+ $.ociDomainUrl = ociDomainUrl;
+ return this;
+ }
+
+ /**
+ * @param ociDomainUrl Base URL of the OCI Identity Domain (e.g. `https://idcs-<hash>.identity.oraclecloud.com`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociDomainUrl(String ociDomainUrl) {
+ return ociDomainUrl(Output.of(ociDomainUrl));
+ }
+
+ /**
+ * @param ociHomeRegion Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociHomeRegion(@Nullable Output ociHomeRegion) {
+ $.ociHomeRegion = ociHomeRegion;
+ return this;
+ }
+
+ /**
+ * @param ociHomeRegion Home region of the tenancy (e.g. `us-ashburn-1`).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociHomeRegion(String ociHomeRegion) {
+ return ociHomeRegion(Output.of(ociHomeRegion));
+ }
+
+ /**
+ * @param ociRegion OCI region for the linkage (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociRegion(@Nullable Output ociRegion) {
+ $.ociRegion = ociRegion;
+ return this;
+ }
+
+ /**
+ * @param ociRegion OCI region for the linkage (ignored on create, applied on update).
+ *
+ * @return builder
+ *
+ */
+ public Builder ociRegion(String ociRegion) {
+ return ociRegion(Output.of(ociRegion));
+ }
+
+ /**
+ * @param ociSvcUserName Service user name associated with the WIF configuration.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociSvcUserName(@Nullable Output ociSvcUserName) {
+ $.ociSvcUserName = ociSvcUserName;
+ return this;
+ }
+
+ /**
+ * @param ociSvcUserName Service user name associated with the WIF configuration.
+ *
+ * @return builder
+ *
+ */
+ public Builder ociSvcUserName(String ociSvcUserName) {
+ return ociSvcUserName(Output.of(ociSvcUserName));
+ }
+
+ /**
+ * @param tenantId OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder tenantId(@Nullable Output tenantId) {
+ $.tenantId = tenantId;
+ return this;
+ }
+
+ /**
+ * @param tenantId OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ *
+ * @return builder
+ *
+ */
+ public Builder tenantId(String tenantId) {
+ return tenantId(Output.of(tenantId));
+ }
+
+ /**
+ * @param userVaultOcid Vault secret OCID containing a user or auxiliary secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder userVaultOcid(@Nullable Output userVaultOcid) {
+ $.userVaultOcid = userVaultOcid;
+ return this;
+ }
+
+ /**
+ * @param userVaultOcid Vault secret OCID containing a user or auxiliary secret.
+ *
+ * @return builder
+ *
+ */
+ public Builder userVaultOcid(String userVaultOcid) {
+ return userVaultOcid(Output.of(userVaultOcid));
+ }
+
+ public OciLinkAccountState build() {
+ return $;
+ }
+ }
+
+}
diff --git a/sdk/nodejs/cloud/index.ts b/sdk/nodejs/cloud/index.ts
index 30748c3f..b9026afc 100644
--- a/sdk/nodejs/cloud/index.ts
+++ b/sdk/nodejs/cloud/index.ts
@@ -45,6 +45,11 @@ export type GcpLinkAccount = import("./gcpLinkAccount").GcpLinkAccount;
export const GcpLinkAccount: typeof import("./gcpLinkAccount").GcpLinkAccount = null as any;
utilities.lazyLoad(exports, ["GcpLinkAccount"], () => require("./gcpLinkAccount"));
+export { OciLinkAccountArgs, OciLinkAccountState } from "./ociLinkAccount";
+export type OciLinkAccount = import("./ociLinkAccount").OciLinkAccount;
+export const OciLinkAccount: typeof import("./ociLinkAccount").OciLinkAccount = null as any;
+utilities.lazyLoad(exports, ["OciLinkAccount"], () => require("./ociLinkAccount"));
+
const _module = {
version: utilities.getVersion(),
@@ -66,6 +71,8 @@ const _module = {
return new GcpIntegrations(name, undefined, { urn })
case "newrelic:cloud/gcpLinkAccount:GcpLinkAccount":
return new GcpLinkAccount(name, undefined, { urn })
+ case "newrelic:cloud/ociLinkAccount:OciLinkAccount":
+ return new OciLinkAccount(name, undefined, { urn })
default:
throw new Error(`unknown resource type ${type}`);
}
@@ -79,3 +86,4 @@ pulumi.runtime.registerResourceModule("newrelic", "cloud/azureIntegrations", _mo
pulumi.runtime.registerResourceModule("newrelic", "cloud/azureLinkAccount", _module)
pulumi.runtime.registerResourceModule("newrelic", "cloud/gcpIntegrations", _module)
pulumi.runtime.registerResourceModule("newrelic", "cloud/gcpLinkAccount", _module)
+pulumi.runtime.registerResourceModule("newrelic", "cloud/ociLinkAccount", _module)
diff --git a/sdk/nodejs/cloud/ociLinkAccount.ts b/sdk/nodejs/cloud/ociLinkAccount.ts
new file mode 100644
index 00000000..413a4784
--- /dev/null
+++ b/sdk/nodejs/cloud/ociLinkAccount.ts
@@ -0,0 +1,386 @@
+// *** WARNING: this file was generated by pulumi-language-nodejs. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import * as utilities from "../utilities";
+
+/**
+ * Use this resource to link an Oracle Cloud Infrastructure (OCI) account to New Relic.
+ *
+ * This setup is used to create a provider account with OCI credentials, establishing a relationship between Oracle and New Relic. Additionally, as part of this integration, we store WIF (Workload Identity Federation) credentials which are further used for fetching data and validations, and vault OCIDs corresponding to the vault resource where the New Relic ingest and user keys are stored in the OCI console.
+ *
+ * ## Prerequisites
+ *
+ * For the `newrelic.cloud.OciLinkAccount` resource to work properly, you need an OCI tenancy with IAM permissions to create and manage the identity artifacts (client/application, secrets, compartments, and service user) referenced below. OCI provides enterprise-grade cloud services across multiple global regions.
+ *
+ * > NOTE: Before using this resource, ensure the New Relic provider is configured with valid credentials.\
+ * See Getting Started: New Relic provider guide
+ *
+ * If you encounter issues or bugs, please open an issue in the GitHub repository.
+ *
+ * ### Workload Identity Federation (WIF) Attributes
+ *
+ * The following arguments rely on an OCI Identity Domain OAuth2 client set up for workload identity federation (identity propagation): `ociClientId`, `ociClientSecret`, `ociDomainUrl`, and `ociSvcUserName`.
+ *
+ * To create and retrieve these values, follow Oracle's guidance for configuring identity propagation / JWT token exchange:
+ *
+ * [Oracle documentation: Create an identity propagation trust (JWT token exchange)](https://docs.oracle.com/en-us/iaas/Content/Identity/api-getstarted/json_web_token_exchange.htm#jwt_token_exchange__create-identity-propagation-trust)
+ *
+ * WIF configuration steps:
+ * 1. Create (or identify) an Identity Domain and register an OAuth2 confidential application (client) to represent New Relic ingestion.
+ * 2. Generate / record the client ID (`ociClientId`) and client secret (`ociClientSecret`). Store the secret securely (e.g., in OCI Vault; reference its OCID via `ingestVaultOcid` / `userVaultOcid` if desired).
+ * 3. Use the Identity Domain base URL as `ociDomainUrl` (format: `https://idcs-.identity.oraclecloud.com`).
+ * 4. Provide / map a service user (or principal) used for workload identity federation as `ociSvcUserName`.
+ * 5. Ensure the client has the required scopes and the tenancy policies allow the token exchange.
+ *
+ * > TIP: Rotating the OAuth2 client secret only requires updating `ociClientSecret`; it does not force resource replacement.
+ *
+ * ## Example Usage
+ *
+ * Minimal example (required arguments for creation):
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as newrelic from "@pulumi/newrelic";
+ *
+ * const example = new newrelic.cloud.OciLinkAccount("example", {
+ * accountId: "1234567",
+ * tenantId: "ocid1.tenancy.oc1..aaaaaaaaexample",
+ * name: "my-oci-link",
+ * compartmentOcid: "ocid1.compartment.oc1..bbbbbbbbexample",
+ * ociClientId: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
+ * ociClientSecret: ociClientSecret,
+ * ociDomainUrl: "https://idcs-1234567890abcdef.identity.oraclecloud.com",
+ * ociHomeRegion: "us-ashburn-1",
+ * ociSvcUserName: "svc-newrelic-collector",
+ * });
+ * ```
+ *
+ * Example including optional secret references and update-only fields:
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as newrelic from "@pulumi/newrelic";
+ *
+ * const full = new newrelic.cloud.OciLinkAccount("full", {
+ * name: "my-oci-link-full",
+ * tenantId: "ocid1.tenancy.oc1..aaaaaaaaexample",
+ * compartmentOcid: "ocid1.compartment.oc1..bbbbbbbbexample",
+ * ociClientId: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
+ * ociClientSecret: ociClientSecret,
+ * ociDomainUrl: "https://idcs-1234567890abcdef.identity.oraclecloud.com",
+ * ociHomeRegion: "us-ashburn-1",
+ * ociSvcUserName: "svc-newrelic-collector",
+ * ingestVaultOcid: "ocid1.vaultsecret.oc1..ccccccccexample",
+ * userVaultOcid: "ocid1.vaultsecret.oc1..ddddddddexample",
+ * instrumentationType: "METRICS,LOGS",
+ * ociRegion: "us-phoenix-1",
+ * metricStackOcid: "ocid1.stack.oc1..eeeeeeeeexample",
+ * loggingStackOcid: "ocid1.stack.oc1..ffffffloggingstack",
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Linked OCI accounts can be imported using the `id`, e.g.
+ *
+ * bash
+ *
+ * ```sh
+ * $ pulumi import newrelic:cloud/ociLinkAccount:OciLinkAccount foo
+ * ```
+ */
+export class OciLinkAccount extends pulumi.CustomResource {
+ /**
+ * Get an existing OciLinkAccount resource's state with the given name, ID, and optional extra
+ * properties used to qualify the lookup.
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param id The _unique_ provider ID of the resource to lookup.
+ * @param state Any extra arguments used during the lookup.
+ * @param opts Optional settings to control the behavior of the CustomResource.
+ */
+ public static get(name: string, id: pulumi.Input, state?: OciLinkAccountState, opts?: pulumi.CustomResourceOptions): OciLinkAccount {
+ return new OciLinkAccount(name, state, { ...opts, id: id });
+ }
+
+ /** @internal */
+ public static readonly __pulumiType = 'newrelic:cloud/ociLinkAccount:OciLinkAccount';
+
+ /**
+ * Returns true if the given object is an instance of OciLinkAccount. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is OciLinkAccount {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+ return obj['__pulumiType'] === OciLinkAccount.__pulumiType;
+ }
+
+ /**
+ * New Relic account to operate on. Overrides the provider-level `accountId`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ */
+ declare public readonly accountId: pulumi.Output;
+ /**
+ * OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ */
+ declare public readonly compartmentOcid: pulumi.Output;
+ /**
+ * Vault secret OCID containing an ingest secret.
+ */
+ declare public readonly ingestVaultOcid: pulumi.Output;
+ /**
+ * Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ */
+ declare public readonly instrumentationType: pulumi.Output;
+ /**
+ * The Logging stack identifier for the OCI account.
+ */
+ declare public readonly loggingStackOcid: pulumi.Output;
+ /**
+ * Metric stack OCID (ignored on create, applied on update).
+ */
+ declare public readonly metricStackOcid: pulumi.Output;
+ /**
+ * Display name for the linked account.
+ */
+ declare public readonly name: pulumi.Output;
+ /**
+ * OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ */
+ declare public readonly ociClientId: pulumi.Output;
+ /**
+ * OAuth2 client secret. Not displayed in plans or state outputs.
+ */
+ declare public readonly ociClientSecret: pulumi.Output;
+ /**
+ * Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ */
+ declare public readonly ociDomainUrl: pulumi.Output;
+ /**
+ * Home region of the tenancy (e.g. `us-ashburn-1`).
+ */
+ declare public readonly ociHomeRegion: pulumi.Output;
+ /**
+ * OCI region for the linkage (ignored on create, applied on update).
+ */
+ declare public readonly ociRegion: pulumi.Output;
+ /**
+ * Service user name associated with the WIF configuration.
+ */
+ declare public readonly ociSvcUserName: pulumi.Output;
+ /**
+ * OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ */
+ declare public readonly tenantId: pulumi.Output;
+ /**
+ * Vault secret OCID containing a user or auxiliary secret.
+ */
+ declare public readonly userVaultOcid: pulumi.Output;
+
+ /**
+ * Create a OciLinkAccount resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args: OciLinkAccountArgs, opts?: pulumi.CustomResourceOptions)
+ constructor(name: string, argsOrState?: OciLinkAccountArgs | OciLinkAccountState, opts?: pulumi.CustomResourceOptions) {
+ let resourceInputs: pulumi.Inputs = {};
+ opts = opts || {};
+ if (opts.id) {
+ const state = argsOrState as OciLinkAccountState | undefined;
+ resourceInputs["accountId"] = state?.accountId;
+ resourceInputs["compartmentOcid"] = state?.compartmentOcid;
+ resourceInputs["ingestVaultOcid"] = state?.ingestVaultOcid;
+ resourceInputs["instrumentationType"] = state?.instrumentationType;
+ resourceInputs["loggingStackOcid"] = state?.loggingStackOcid;
+ resourceInputs["metricStackOcid"] = state?.metricStackOcid;
+ resourceInputs["name"] = state?.name;
+ resourceInputs["ociClientId"] = state?.ociClientId;
+ resourceInputs["ociClientSecret"] = state?.ociClientSecret;
+ resourceInputs["ociDomainUrl"] = state?.ociDomainUrl;
+ resourceInputs["ociHomeRegion"] = state?.ociHomeRegion;
+ resourceInputs["ociRegion"] = state?.ociRegion;
+ resourceInputs["ociSvcUserName"] = state?.ociSvcUserName;
+ resourceInputs["tenantId"] = state?.tenantId;
+ resourceInputs["userVaultOcid"] = state?.userVaultOcid;
+ } else {
+ const args = argsOrState as OciLinkAccountArgs | undefined;
+ if (args?.compartmentOcid === undefined && !opts.urn) {
+ throw new Error("Missing required property 'compartmentOcid'");
+ }
+ if (args?.ociClientId === undefined && !opts.urn) {
+ throw new Error("Missing required property 'ociClientId'");
+ }
+ if (args?.ociClientSecret === undefined && !opts.urn) {
+ throw new Error("Missing required property 'ociClientSecret'");
+ }
+ if (args?.ociDomainUrl === undefined && !opts.urn) {
+ throw new Error("Missing required property 'ociDomainUrl'");
+ }
+ if (args?.ociHomeRegion === undefined && !opts.urn) {
+ throw new Error("Missing required property 'ociHomeRegion'");
+ }
+ if (args?.ociSvcUserName === undefined && !opts.urn) {
+ throw new Error("Missing required property 'ociSvcUserName'");
+ }
+ if (args?.tenantId === undefined && !opts.urn) {
+ throw new Error("Missing required property 'tenantId'");
+ }
+ resourceInputs["accountId"] = args?.accountId;
+ resourceInputs["compartmentOcid"] = args?.compartmentOcid;
+ resourceInputs["ingestVaultOcid"] = args?.ingestVaultOcid;
+ resourceInputs["instrumentationType"] = args?.instrumentationType;
+ resourceInputs["loggingStackOcid"] = args?.loggingStackOcid;
+ resourceInputs["metricStackOcid"] = args?.metricStackOcid;
+ resourceInputs["name"] = args?.name;
+ resourceInputs["ociClientId"] = args?.ociClientId;
+ resourceInputs["ociClientSecret"] = args?.ociClientSecret ? pulumi.secret(args.ociClientSecret) : undefined;
+ resourceInputs["ociDomainUrl"] = args?.ociDomainUrl;
+ resourceInputs["ociHomeRegion"] = args?.ociHomeRegion;
+ resourceInputs["ociRegion"] = args?.ociRegion;
+ resourceInputs["ociSvcUserName"] = args?.ociSvcUserName;
+ resourceInputs["tenantId"] = args?.tenantId;
+ resourceInputs["userVaultOcid"] = args?.userVaultOcid;
+ }
+ opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+ const secretOpts = { additionalSecretOutputs: ["ociClientSecret"] };
+ opts = pulumi.mergeOptions(opts, secretOpts);
+ super(OciLinkAccount.__pulumiType, name, resourceInputs, opts);
+ }
+}
+
+/**
+ * Input properties used for looking up and filtering OciLinkAccount resources.
+ */
+export interface OciLinkAccountState {
+ /**
+ * New Relic account to operate on. Overrides the provider-level `accountId`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ */
+ accountId?: pulumi.Input;
+ /**
+ * OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ */
+ compartmentOcid?: pulumi.Input;
+ /**
+ * Vault secret OCID containing an ingest secret.
+ */
+ ingestVaultOcid?: pulumi.Input;
+ /**
+ * Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ */
+ instrumentationType?: pulumi.Input;
+ /**
+ * The Logging stack identifier for the OCI account.
+ */
+ loggingStackOcid?: pulumi.Input;
+ /**
+ * Metric stack OCID (ignored on create, applied on update).
+ */
+ metricStackOcid?: pulumi.Input;
+ /**
+ * Display name for the linked account.
+ */
+ name?: pulumi.Input;
+ /**
+ * OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ */
+ ociClientId?: pulumi.Input;
+ /**
+ * OAuth2 client secret. Not displayed in plans or state outputs.
+ */
+ ociClientSecret?: pulumi.Input;
+ /**
+ * Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ */
+ ociDomainUrl?: pulumi.Input;
+ /**
+ * Home region of the tenancy (e.g. `us-ashburn-1`).
+ */
+ ociHomeRegion?: pulumi.Input;
+ /**
+ * OCI region for the linkage (ignored on create, applied on update).
+ */
+ ociRegion?: pulumi.Input;
+ /**
+ * Service user name associated with the WIF configuration.
+ */
+ ociSvcUserName?: pulumi.Input;
+ /**
+ * OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ */
+ tenantId?: pulumi.Input;
+ /**
+ * Vault secret OCID containing a user or auxiliary secret.
+ */
+ userVaultOcid?: pulumi.Input;
+}
+
+/**
+ * The set of arguments for constructing a OciLinkAccount resource.
+ */
+export interface OciLinkAccountArgs {
+ /**
+ * New Relic account to operate on. Overrides the provider-level `accountId`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ */
+ accountId?: pulumi.Input;
+ /**
+ * OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ */
+ compartmentOcid: pulumi.Input;
+ /**
+ * Vault secret OCID containing an ingest secret.
+ */
+ ingestVaultOcid?: pulumi.Input;
+ /**
+ * Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ */
+ instrumentationType?: pulumi.Input;
+ /**
+ * The Logging stack identifier for the OCI account.
+ */
+ loggingStackOcid?: pulumi.Input;
+ /**
+ * Metric stack OCID (ignored on create, applied on update).
+ */
+ metricStackOcid?: pulumi.Input;
+ /**
+ * Display name for the linked account.
+ */
+ name?: pulumi.Input;
+ /**
+ * OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ */
+ ociClientId: pulumi.Input;
+ /**
+ * OAuth2 client secret. Not displayed in plans or state outputs.
+ */
+ ociClientSecret: pulumi.Input;
+ /**
+ * Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ */
+ ociDomainUrl: pulumi.Input;
+ /**
+ * Home region of the tenancy (e.g. `us-ashburn-1`).
+ */
+ ociHomeRegion: pulumi.Input;
+ /**
+ * OCI region for the linkage (ignored on create, applied on update).
+ */
+ ociRegion?: pulumi.Input;
+ /**
+ * Service user name associated with the WIF configuration.
+ */
+ ociSvcUserName: pulumi.Input;
+ /**
+ * OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ */
+ tenantId: pulumi.Input;
+ /**
+ * Vault secret OCID containing a user or auxiliary secret.
+ */
+ userVaultOcid?: pulumi.Input;
+}
diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json
index 6850c61a..030a00ba 100644
--- a/sdk/nodejs/tsconfig.json
+++ b/sdk/nodejs/tsconfig.json
@@ -30,6 +30,7 @@
"cloud/gcpIntegrations.ts",
"cloud/gcpLinkAccount.ts",
"cloud/index.ts",
+ "cloud/ociLinkAccount.ts",
"config/index.ts",
"config/vars.ts",
"dataPartitionRule.ts",
diff --git a/sdk/python/pulumi_newrelic/__init__.py b/sdk/python/pulumi_newrelic/__init__.py
index 19f323c7..2d86aa07 100644
--- a/sdk/python/pulumi_newrelic/__init__.py
+++ b/sdk/python/pulumi_newrelic/__init__.py
@@ -139,6 +139,14 @@
"newrelic:cloud/gcpLinkAccount:GcpLinkAccount": "GcpLinkAccount"
}
},
+ {
+ "pkg": "newrelic",
+ "mod": "cloud/ociLinkAccount",
+ "fqn": "pulumi_newrelic.cloud",
+ "classes": {
+ "newrelic:cloud/ociLinkAccount:OciLinkAccount": "OciLinkAccount"
+ }
+ },
{
"pkg": "newrelic",
"mod": "index/accountManagement",
diff --git a/sdk/python/pulumi_newrelic/cloud/__init__.py b/sdk/python/pulumi_newrelic/cloud/__init__.py
index b76d3e2e..2c7b8975 100644
--- a/sdk/python/pulumi_newrelic/cloud/__init__.py
+++ b/sdk/python/pulumi_newrelic/cloud/__init__.py
@@ -14,5 +14,6 @@
from .azure_link_account import *
from .gcp_integrations import *
from .gcp_link_account import *
+from .oci_link_account import *
from ._inputs import *
from . import outputs
diff --git a/sdk/python/pulumi_newrelic/cloud/oci_link_account.py b/sdk/python/pulumi_newrelic/cloud/oci_link_account.py
new file mode 100644
index 00000000..06f9a7cb
--- /dev/null
+++ b/sdk/python/pulumi_newrelic/cloud/oci_link_account.py
@@ -0,0 +1,980 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+ from typing import NotRequired, TypedDict, TypeAlias
+else:
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+
+__all__ = ['OciLinkAccountArgs', 'OciLinkAccount']
+
+@pulumi.input_type
+class OciLinkAccountArgs:
+ def __init__(__self__, *,
+ compartment_ocid: pulumi.Input[_builtins.str],
+ oci_client_id: pulumi.Input[_builtins.str],
+ oci_client_secret: pulumi.Input[_builtins.str],
+ oci_domain_url: pulumi.Input[_builtins.str],
+ oci_home_region: pulumi.Input[_builtins.str],
+ oci_svc_user_name: pulumi.Input[_builtins.str],
+ tenant_id: pulumi.Input[_builtins.str],
+ account_id: Optional[pulumi.Input[_builtins.str]] = None,
+ ingest_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ instrumentation_type: Optional[pulumi.Input[_builtins.str]] = None,
+ logging_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ metric_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ name: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_region: Optional[pulumi.Input[_builtins.str]] = None,
+ user_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None):
+ """
+ The set of arguments for constructing a OciLinkAccount resource.
+ :param pulumi.Input[_builtins.str] compartment_ocid: OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ :param pulumi.Input[_builtins.str] oci_client_id: OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ :param pulumi.Input[_builtins.str] oci_client_secret: OAuth2 client secret. Not displayed in plans or state outputs.
+ :param pulumi.Input[_builtins.str] oci_domain_url: Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ :param pulumi.Input[_builtins.str] oci_home_region: Home region of the tenancy (e.g. `us-ashburn-1`).
+ :param pulumi.Input[_builtins.str] oci_svc_user_name: Service user name associated with the WIF configuration.
+ :param pulumi.Input[_builtins.str] tenant_id: OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ :param pulumi.Input[_builtins.str] account_id: New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ :param pulumi.Input[_builtins.str] ingest_vault_ocid: Vault secret OCID containing an ingest secret.
+ :param pulumi.Input[_builtins.str] instrumentation_type: Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ :param pulumi.Input[_builtins.str] logging_stack_ocid: The Logging stack identifier for the OCI account.
+ :param pulumi.Input[_builtins.str] metric_stack_ocid: Metric stack OCID (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] name: Display name for the linked account.
+ :param pulumi.Input[_builtins.str] oci_region: OCI region for the linkage (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] user_vault_ocid: Vault secret OCID containing a user or auxiliary secret.
+ """
+ pulumi.set(__self__, "compartment_ocid", compartment_ocid)
+ pulumi.set(__self__, "oci_client_id", oci_client_id)
+ pulumi.set(__self__, "oci_client_secret", oci_client_secret)
+ pulumi.set(__self__, "oci_domain_url", oci_domain_url)
+ pulumi.set(__self__, "oci_home_region", oci_home_region)
+ pulumi.set(__self__, "oci_svc_user_name", oci_svc_user_name)
+ pulumi.set(__self__, "tenant_id", tenant_id)
+ if account_id is not None:
+ pulumi.set(__self__, "account_id", account_id)
+ if ingest_vault_ocid is not None:
+ pulumi.set(__self__, "ingest_vault_ocid", ingest_vault_ocid)
+ if instrumentation_type is not None:
+ pulumi.set(__self__, "instrumentation_type", instrumentation_type)
+ if logging_stack_ocid is not None:
+ pulumi.set(__self__, "logging_stack_ocid", logging_stack_ocid)
+ if metric_stack_ocid is not None:
+ pulumi.set(__self__, "metric_stack_ocid", metric_stack_ocid)
+ if name is not None:
+ pulumi.set(__self__, "name", name)
+ if oci_region is not None:
+ pulumi.set(__self__, "oci_region", oci_region)
+ if user_vault_ocid is not None:
+ pulumi.set(__self__, "user_vault_ocid", user_vault_ocid)
+
+ @_builtins.property
+ @pulumi.getter(name="compartmentOcid")
+ def compartment_ocid(self) -> pulumi.Input[_builtins.str]:
+ """
+ OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ """
+ return pulumi.get(self, "compartment_ocid")
+
+ @compartment_ocid.setter
+ def compartment_ocid(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "compartment_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociClientId")
+ def oci_client_id(self) -> pulumi.Input[_builtins.str]:
+ """
+ OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ """
+ return pulumi.get(self, "oci_client_id")
+
+ @oci_client_id.setter
+ def oci_client_id(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "oci_client_id", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociClientSecret")
+ def oci_client_secret(self) -> pulumi.Input[_builtins.str]:
+ """
+ OAuth2 client secret. Not displayed in plans or state outputs.
+ """
+ return pulumi.get(self, "oci_client_secret")
+
+ @oci_client_secret.setter
+ def oci_client_secret(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "oci_client_secret", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociDomainUrl")
+ def oci_domain_url(self) -> pulumi.Input[_builtins.str]:
+ """
+ Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ """
+ return pulumi.get(self, "oci_domain_url")
+
+ @oci_domain_url.setter
+ def oci_domain_url(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "oci_domain_url", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociHomeRegion")
+ def oci_home_region(self) -> pulumi.Input[_builtins.str]:
+ """
+ Home region of the tenancy (e.g. `us-ashburn-1`).
+ """
+ return pulumi.get(self, "oci_home_region")
+
+ @oci_home_region.setter
+ def oci_home_region(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "oci_home_region", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociSvcUserName")
+ def oci_svc_user_name(self) -> pulumi.Input[_builtins.str]:
+ """
+ Service user name associated with the WIF configuration.
+ """
+ return pulumi.get(self, "oci_svc_user_name")
+
+ @oci_svc_user_name.setter
+ def oci_svc_user_name(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "oci_svc_user_name", value)
+
+ @_builtins.property
+ @pulumi.getter(name="tenantId")
+ def tenant_id(self) -> pulumi.Input[_builtins.str]:
+ """
+ OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ """
+ return pulumi.get(self, "tenant_id")
+
+ @tenant_id.setter
+ def tenant_id(self, value: pulumi.Input[_builtins.str]):
+ pulumi.set(self, "tenant_id", value)
+
+ @_builtins.property
+ @pulumi.getter(name="accountId")
+ def account_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ """
+ return pulumi.get(self, "account_id")
+
+ @account_id.setter
+ def account_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "account_id", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ingestVaultOcid")
+ def ingest_vault_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Vault secret OCID containing an ingest secret.
+ """
+ return pulumi.get(self, "ingest_vault_ocid")
+
+ @ingest_vault_ocid.setter
+ def ingest_vault_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "ingest_vault_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter(name="instrumentationType")
+ def instrumentation_type(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ """
+ return pulumi.get(self, "instrumentation_type")
+
+ @instrumentation_type.setter
+ def instrumentation_type(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "instrumentation_type", value)
+
+ @_builtins.property
+ @pulumi.getter(name="loggingStackOcid")
+ def logging_stack_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ The Logging stack identifier for the OCI account.
+ """
+ return pulumi.get(self, "logging_stack_ocid")
+
+ @logging_stack_ocid.setter
+ def logging_stack_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "logging_stack_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter(name="metricStackOcid")
+ def metric_stack_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Metric stack OCID (ignored on create, applied on update).
+ """
+ return pulumi.get(self, "metric_stack_ocid")
+
+ @metric_stack_ocid.setter
+ def metric_stack_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "metric_stack_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter
+ def name(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Display name for the linked account.
+ """
+ return pulumi.get(self, "name")
+
+ @name.setter
+ def name(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "name", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociRegion")
+ def oci_region(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ OCI region for the linkage (ignored on create, applied on update).
+ """
+ return pulumi.get(self, "oci_region")
+
+ @oci_region.setter
+ def oci_region(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_region", value)
+
+ @_builtins.property
+ @pulumi.getter(name="userVaultOcid")
+ def user_vault_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Vault secret OCID containing a user or auxiliary secret.
+ """
+ return pulumi.get(self, "user_vault_ocid")
+
+ @user_vault_ocid.setter
+ def user_vault_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "user_vault_ocid", value)
+
+
+@pulumi.input_type
+class _OciLinkAccountState:
+ def __init__(__self__, *,
+ account_id: Optional[pulumi.Input[_builtins.str]] = None,
+ compartment_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ ingest_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ instrumentation_type: Optional[pulumi.Input[_builtins.str]] = None,
+ logging_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ metric_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ name: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_id: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_domain_url: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_home_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_svc_user_name: Optional[pulumi.Input[_builtins.str]] = None,
+ tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+ user_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None):
+ """
+ Input properties used for looking up and filtering OciLinkAccount resources.
+ :param pulumi.Input[_builtins.str] account_id: New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ :param pulumi.Input[_builtins.str] compartment_ocid: OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ :param pulumi.Input[_builtins.str] ingest_vault_ocid: Vault secret OCID containing an ingest secret.
+ :param pulumi.Input[_builtins.str] instrumentation_type: Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ :param pulumi.Input[_builtins.str] logging_stack_ocid: The Logging stack identifier for the OCI account.
+ :param pulumi.Input[_builtins.str] metric_stack_ocid: Metric stack OCID (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] name: Display name for the linked account.
+ :param pulumi.Input[_builtins.str] oci_client_id: OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ :param pulumi.Input[_builtins.str] oci_client_secret: OAuth2 client secret. Not displayed in plans or state outputs.
+ :param pulumi.Input[_builtins.str] oci_domain_url: Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ :param pulumi.Input[_builtins.str] oci_home_region: Home region of the tenancy (e.g. `us-ashburn-1`).
+ :param pulumi.Input[_builtins.str] oci_region: OCI region for the linkage (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] oci_svc_user_name: Service user name associated with the WIF configuration.
+ :param pulumi.Input[_builtins.str] tenant_id: OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ :param pulumi.Input[_builtins.str] user_vault_ocid: Vault secret OCID containing a user or auxiliary secret.
+ """
+ if account_id is not None:
+ pulumi.set(__self__, "account_id", account_id)
+ if compartment_ocid is not None:
+ pulumi.set(__self__, "compartment_ocid", compartment_ocid)
+ if ingest_vault_ocid is not None:
+ pulumi.set(__self__, "ingest_vault_ocid", ingest_vault_ocid)
+ if instrumentation_type is not None:
+ pulumi.set(__self__, "instrumentation_type", instrumentation_type)
+ if logging_stack_ocid is not None:
+ pulumi.set(__self__, "logging_stack_ocid", logging_stack_ocid)
+ if metric_stack_ocid is not None:
+ pulumi.set(__self__, "metric_stack_ocid", metric_stack_ocid)
+ if name is not None:
+ pulumi.set(__self__, "name", name)
+ if oci_client_id is not None:
+ pulumi.set(__self__, "oci_client_id", oci_client_id)
+ if oci_client_secret is not None:
+ pulumi.set(__self__, "oci_client_secret", oci_client_secret)
+ if oci_domain_url is not None:
+ pulumi.set(__self__, "oci_domain_url", oci_domain_url)
+ if oci_home_region is not None:
+ pulumi.set(__self__, "oci_home_region", oci_home_region)
+ if oci_region is not None:
+ pulumi.set(__self__, "oci_region", oci_region)
+ if oci_svc_user_name is not None:
+ pulumi.set(__self__, "oci_svc_user_name", oci_svc_user_name)
+ if tenant_id is not None:
+ pulumi.set(__self__, "tenant_id", tenant_id)
+ if user_vault_ocid is not None:
+ pulumi.set(__self__, "user_vault_ocid", user_vault_ocid)
+
+ @_builtins.property
+ @pulumi.getter(name="accountId")
+ def account_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ """
+ return pulumi.get(self, "account_id")
+
+ @account_id.setter
+ def account_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "account_id", value)
+
+ @_builtins.property
+ @pulumi.getter(name="compartmentOcid")
+ def compartment_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ """
+ return pulumi.get(self, "compartment_ocid")
+
+ @compartment_ocid.setter
+ def compartment_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "compartment_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ingestVaultOcid")
+ def ingest_vault_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Vault secret OCID containing an ingest secret.
+ """
+ return pulumi.get(self, "ingest_vault_ocid")
+
+ @ingest_vault_ocid.setter
+ def ingest_vault_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "ingest_vault_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter(name="instrumentationType")
+ def instrumentation_type(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ """
+ return pulumi.get(self, "instrumentation_type")
+
+ @instrumentation_type.setter
+ def instrumentation_type(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "instrumentation_type", value)
+
+ @_builtins.property
+ @pulumi.getter(name="loggingStackOcid")
+ def logging_stack_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ The Logging stack identifier for the OCI account.
+ """
+ return pulumi.get(self, "logging_stack_ocid")
+
+ @logging_stack_ocid.setter
+ def logging_stack_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "logging_stack_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter(name="metricStackOcid")
+ def metric_stack_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Metric stack OCID (ignored on create, applied on update).
+ """
+ return pulumi.get(self, "metric_stack_ocid")
+
+ @metric_stack_ocid.setter
+ def metric_stack_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "metric_stack_ocid", value)
+
+ @_builtins.property
+ @pulumi.getter
+ def name(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Display name for the linked account.
+ """
+ return pulumi.get(self, "name")
+
+ @name.setter
+ def name(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "name", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociClientId")
+ def oci_client_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ """
+ return pulumi.get(self, "oci_client_id")
+
+ @oci_client_id.setter
+ def oci_client_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_client_id", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociClientSecret")
+ def oci_client_secret(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ OAuth2 client secret. Not displayed in plans or state outputs.
+ """
+ return pulumi.get(self, "oci_client_secret")
+
+ @oci_client_secret.setter
+ def oci_client_secret(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_client_secret", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociDomainUrl")
+ def oci_domain_url(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ """
+ return pulumi.get(self, "oci_domain_url")
+
+ @oci_domain_url.setter
+ def oci_domain_url(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_domain_url", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociHomeRegion")
+ def oci_home_region(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Home region of the tenancy (e.g. `us-ashburn-1`).
+ """
+ return pulumi.get(self, "oci_home_region")
+
+ @oci_home_region.setter
+ def oci_home_region(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_home_region", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociRegion")
+ def oci_region(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ OCI region for the linkage (ignored on create, applied on update).
+ """
+ return pulumi.get(self, "oci_region")
+
+ @oci_region.setter
+ def oci_region(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_region", value)
+
+ @_builtins.property
+ @pulumi.getter(name="ociSvcUserName")
+ def oci_svc_user_name(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Service user name associated with the WIF configuration.
+ """
+ return pulumi.get(self, "oci_svc_user_name")
+
+ @oci_svc_user_name.setter
+ def oci_svc_user_name(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "oci_svc_user_name", value)
+
+ @_builtins.property
+ @pulumi.getter(name="tenantId")
+ def tenant_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ """
+ return pulumi.get(self, "tenant_id")
+
+ @tenant_id.setter
+ def tenant_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "tenant_id", value)
+
+ @_builtins.property
+ @pulumi.getter(name="userVaultOcid")
+ def user_vault_ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
+ """
+ Vault secret OCID containing a user or auxiliary secret.
+ """
+ return pulumi.get(self, "user_vault_ocid")
+
+ @user_vault_ocid.setter
+ def user_vault_ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
+ pulumi.set(self, "user_vault_ocid", value)
+
+
+@pulumi.type_token("newrelic:cloud/ociLinkAccount:OciLinkAccount")
+class OciLinkAccount(pulumi.CustomResource):
+ @overload
+ def __init__(__self__,
+ resource_name: str,
+ opts: Optional[pulumi.ResourceOptions] = None,
+ account_id: Optional[pulumi.Input[_builtins.str]] = None,
+ compartment_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ ingest_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ instrumentation_type: Optional[pulumi.Input[_builtins.str]] = None,
+ logging_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ metric_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ name: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_id: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_domain_url: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_home_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_svc_user_name: Optional[pulumi.Input[_builtins.str]] = None,
+ tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+ user_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ __props__=None):
+ """
+ Use this resource to link an Oracle Cloud Infrastructure (OCI) account to New Relic.
+
+ This setup is used to create a provider account with OCI credentials, establishing a relationship between Oracle and New Relic. Additionally, as part of this integration, we store WIF (Workload Identity Federation) credentials which are further used for fetching data and validations, and vault OCIDs corresponding to the vault resource where the New Relic ingest and user keys are stored in the OCI console.
+
+ ## Prerequisites
+
+ For the `cloud.OciLinkAccount` resource to work properly, you need an OCI tenancy with IAM permissions to create and manage the identity artifacts (client/application, secrets, compartments, and service user) referenced below. OCI provides enterprise-grade cloud services across multiple global regions.
+
+ > NOTE: Before using this resource, ensure the New Relic provider is configured with valid credentials.\\
+ See Getting Started: New Relic provider guide
+
+ If you encounter issues or bugs, please open an issue in the GitHub repository.
+
+ ### Workload Identity Federation (WIF) Attributes
+
+ The following arguments rely on an OCI Identity Domain OAuth2 client set up for workload identity federation (identity propagation): `oci_client_id`, `oci_client_secret`, `oci_domain_url`, and `oci_svc_user_name`.
+
+ To create and retrieve these values, follow Oracle's guidance for configuring identity propagation / JWT token exchange:
+
+ [Oracle documentation: Create an identity propagation trust (JWT token exchange)](https://docs.oracle.com/en-us/iaas/Content/Identity/api-getstarted/json_web_token_exchange.htm#jwt_token_exchange__create-identity-propagation-trust)
+
+ WIF configuration steps:
+ 1. Create (or identify) an Identity Domain and register an OAuth2 confidential application (client) to represent New Relic ingestion.
+ 2. Generate / record the client ID (`oci_client_id`) and client secret (`oci_client_secret`). Store the secret securely (e.g., in OCI Vault; reference its OCID via `ingest_vault_ocid` / `user_vault_ocid` if desired).
+ 3. Use the Identity Domain base URL as `oci_domain_url` (format: `https://idcs-.identity.oraclecloud.com`).
+ 4. Provide / map a service user (or principal) used for workload identity federation as `oci_svc_user_name`.
+ 5. Ensure the client has the required scopes and the tenancy policies allow the token exchange.
+
+ > TIP: Rotating the OAuth2 client secret only requires updating `oci_client_secret`; it does not force resource replacement.
+
+ ## Example Usage
+
+ Minimal example (required arguments for creation):
+
+ ```python
+ import pulumi
+ import pulumi_newrelic as newrelic
+
+ example = newrelic.cloud.OciLinkAccount("example",
+ account_id="1234567",
+ tenant_id="ocid1.tenancy.oc1..aaaaaaaaexample",
+ name="my-oci-link",
+ compartment_ocid="ocid1.compartment.oc1..bbbbbbbbexample",
+ oci_client_id="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
+ oci_client_secret=oci_client_secret,
+ oci_domain_url="https://idcs-1234567890abcdef.identity.oraclecloud.com",
+ oci_home_region="us-ashburn-1",
+ oci_svc_user_name="svc-newrelic-collector")
+ ```
+
+ Example including optional secret references and update-only fields:
+
+ ```python
+ import pulumi
+ import pulumi_newrelic as newrelic
+
+ full = newrelic.cloud.OciLinkAccount("full",
+ name="my-oci-link-full",
+ tenant_id="ocid1.tenancy.oc1..aaaaaaaaexample",
+ compartment_ocid="ocid1.compartment.oc1..bbbbbbbbexample",
+ oci_client_id="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
+ oci_client_secret=oci_client_secret,
+ oci_domain_url="https://idcs-1234567890abcdef.identity.oraclecloud.com",
+ oci_home_region="us-ashburn-1",
+ oci_svc_user_name="svc-newrelic-collector",
+ ingest_vault_ocid="ocid1.vaultsecret.oc1..ccccccccexample",
+ user_vault_ocid="ocid1.vaultsecret.oc1..ddddddddexample",
+ instrumentation_type="METRICS,LOGS",
+ oci_region="us-phoenix-1",
+ metric_stack_ocid="ocid1.stack.oc1..eeeeeeeeexample",
+ logging_stack_ocid="ocid1.stack.oc1..ffffffloggingstack")
+ ```
+
+ ## Import
+
+ Linked OCI accounts can be imported using the `id`, e.g.
+
+ bash
+
+ ```sh
+ $ pulumi import newrelic:cloud/ociLinkAccount:OciLinkAccount foo
+ ```
+
+ :param str resource_name: The name of the resource.
+ :param pulumi.ResourceOptions opts: Options for the resource.
+ :param pulumi.Input[_builtins.str] account_id: New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ :param pulumi.Input[_builtins.str] compartment_ocid: OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ :param pulumi.Input[_builtins.str] ingest_vault_ocid: Vault secret OCID containing an ingest secret.
+ :param pulumi.Input[_builtins.str] instrumentation_type: Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ :param pulumi.Input[_builtins.str] logging_stack_ocid: The Logging stack identifier for the OCI account.
+ :param pulumi.Input[_builtins.str] metric_stack_ocid: Metric stack OCID (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] name: Display name for the linked account.
+ :param pulumi.Input[_builtins.str] oci_client_id: OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ :param pulumi.Input[_builtins.str] oci_client_secret: OAuth2 client secret. Not displayed in plans or state outputs.
+ :param pulumi.Input[_builtins.str] oci_domain_url: Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ :param pulumi.Input[_builtins.str] oci_home_region: Home region of the tenancy (e.g. `us-ashburn-1`).
+ :param pulumi.Input[_builtins.str] oci_region: OCI region for the linkage (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] oci_svc_user_name: Service user name associated with the WIF configuration.
+ :param pulumi.Input[_builtins.str] tenant_id: OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ :param pulumi.Input[_builtins.str] user_vault_ocid: Vault secret OCID containing a user or auxiliary secret.
+ """
+ ...
+ @overload
+ def __init__(__self__,
+ resource_name: str,
+ args: OciLinkAccountArgs,
+ opts: Optional[pulumi.ResourceOptions] = None):
+ """
+ Use this resource to link an Oracle Cloud Infrastructure (OCI) account to New Relic.
+
+ This setup is used to create a provider account with OCI credentials, establishing a relationship between Oracle and New Relic. Additionally, as part of this integration, we store WIF (Workload Identity Federation) credentials which are further used for fetching data and validations, and vault OCIDs corresponding to the vault resource where the New Relic ingest and user keys are stored in the OCI console.
+
+ ## Prerequisites
+
+ For the `cloud.OciLinkAccount` resource to work properly, you need an OCI tenancy with IAM permissions to create and manage the identity artifacts (client/application, secrets, compartments, and service user) referenced below. OCI provides enterprise-grade cloud services across multiple global regions.
+
+ > NOTE: Before using this resource, ensure the New Relic provider is configured with valid credentials.\\
+ See Getting Started: New Relic provider guide
+
+ If you encounter issues or bugs, please open an issue in the GitHub repository.
+
+ ### Workload Identity Federation (WIF) Attributes
+
+ The following arguments rely on an OCI Identity Domain OAuth2 client set up for workload identity federation (identity propagation): `oci_client_id`, `oci_client_secret`, `oci_domain_url`, and `oci_svc_user_name`.
+
+ To create and retrieve these values, follow Oracle's guidance for configuring identity propagation / JWT token exchange:
+
+ [Oracle documentation: Create an identity propagation trust (JWT token exchange)](https://docs.oracle.com/en-us/iaas/Content/Identity/api-getstarted/json_web_token_exchange.htm#jwt_token_exchange__create-identity-propagation-trust)
+
+ WIF configuration steps:
+ 1. Create (or identify) an Identity Domain and register an OAuth2 confidential application (client) to represent New Relic ingestion.
+ 2. Generate / record the client ID (`oci_client_id`) and client secret (`oci_client_secret`). Store the secret securely (e.g., in OCI Vault; reference its OCID via `ingest_vault_ocid` / `user_vault_ocid` if desired).
+ 3. Use the Identity Domain base URL as `oci_domain_url` (format: `https://idcs-.identity.oraclecloud.com`).
+ 4. Provide / map a service user (or principal) used for workload identity federation as `oci_svc_user_name`.
+ 5. Ensure the client has the required scopes and the tenancy policies allow the token exchange.
+
+ > TIP: Rotating the OAuth2 client secret only requires updating `oci_client_secret`; it does not force resource replacement.
+
+ ## Example Usage
+
+ Minimal example (required arguments for creation):
+
+ ```python
+ import pulumi
+ import pulumi_newrelic as newrelic
+
+ example = newrelic.cloud.OciLinkAccount("example",
+ account_id="1234567",
+ tenant_id="ocid1.tenancy.oc1..aaaaaaaaexample",
+ name="my-oci-link",
+ compartment_ocid="ocid1.compartment.oc1..bbbbbbbbexample",
+ oci_client_id="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
+ oci_client_secret=oci_client_secret,
+ oci_domain_url="https://idcs-1234567890abcdef.identity.oraclecloud.com",
+ oci_home_region="us-ashburn-1",
+ oci_svc_user_name="svc-newrelic-collector")
+ ```
+
+ Example including optional secret references and update-only fields:
+
+ ```python
+ import pulumi
+ import pulumi_newrelic as newrelic
+
+ full = newrelic.cloud.OciLinkAccount("full",
+ name="my-oci-link-full",
+ tenant_id="ocid1.tenancy.oc1..aaaaaaaaexample",
+ compartment_ocid="ocid1.compartment.oc1..bbbbbbbbexample",
+ oci_client_id="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
+ oci_client_secret=oci_client_secret,
+ oci_domain_url="https://idcs-1234567890abcdef.identity.oraclecloud.com",
+ oci_home_region="us-ashburn-1",
+ oci_svc_user_name="svc-newrelic-collector",
+ ingest_vault_ocid="ocid1.vaultsecret.oc1..ccccccccexample",
+ user_vault_ocid="ocid1.vaultsecret.oc1..ddddddddexample",
+ instrumentation_type="METRICS,LOGS",
+ oci_region="us-phoenix-1",
+ metric_stack_ocid="ocid1.stack.oc1..eeeeeeeeexample",
+ logging_stack_ocid="ocid1.stack.oc1..ffffffloggingstack")
+ ```
+
+ ## Import
+
+ Linked OCI accounts can be imported using the `id`, e.g.
+
+ bash
+
+ ```sh
+ $ pulumi import newrelic:cloud/ociLinkAccount:OciLinkAccount foo
+ ```
+
+ :param str resource_name: The name of the resource.
+ :param OciLinkAccountArgs args: The arguments to use to populate this resource's properties.
+ :param pulumi.ResourceOptions opts: Options for the resource.
+ """
+ ...
+ def __init__(__self__, resource_name: str, *args, **kwargs):
+ resource_args, opts = _utilities.get_resource_args_opts(OciLinkAccountArgs, pulumi.ResourceOptions, *args, **kwargs)
+ if resource_args is not None:
+ __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+ else:
+ __self__._internal_init(resource_name, *args, **kwargs)
+
+ def _internal_init(__self__,
+ resource_name: str,
+ opts: Optional[pulumi.ResourceOptions] = None,
+ account_id: Optional[pulumi.Input[_builtins.str]] = None,
+ compartment_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ ingest_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ instrumentation_type: Optional[pulumi.Input[_builtins.str]] = None,
+ logging_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ metric_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ name: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_id: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_domain_url: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_home_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_svc_user_name: Optional[pulumi.Input[_builtins.str]] = None,
+ tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+ user_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ __props__=None):
+ opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+ if not isinstance(opts, pulumi.ResourceOptions):
+ raise TypeError('Expected resource options to be a ResourceOptions instance')
+ if opts.id is None:
+ if __props__ is not None:
+ raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+ __props__ = OciLinkAccountArgs.__new__(OciLinkAccountArgs)
+
+ __props__.__dict__["account_id"] = account_id
+ if compartment_ocid is None and not opts.urn:
+ raise TypeError("Missing required property 'compartment_ocid'")
+ __props__.__dict__["compartment_ocid"] = compartment_ocid
+ __props__.__dict__["ingest_vault_ocid"] = ingest_vault_ocid
+ __props__.__dict__["instrumentation_type"] = instrumentation_type
+ __props__.__dict__["logging_stack_ocid"] = logging_stack_ocid
+ __props__.__dict__["metric_stack_ocid"] = metric_stack_ocid
+ __props__.__dict__["name"] = name
+ if oci_client_id is None and not opts.urn:
+ raise TypeError("Missing required property 'oci_client_id'")
+ __props__.__dict__["oci_client_id"] = oci_client_id
+ if oci_client_secret is None and not opts.urn:
+ raise TypeError("Missing required property 'oci_client_secret'")
+ __props__.__dict__["oci_client_secret"] = None if oci_client_secret is None else pulumi.Output.secret(oci_client_secret)
+ if oci_domain_url is None and not opts.urn:
+ raise TypeError("Missing required property 'oci_domain_url'")
+ __props__.__dict__["oci_domain_url"] = oci_domain_url
+ if oci_home_region is None and not opts.urn:
+ raise TypeError("Missing required property 'oci_home_region'")
+ __props__.__dict__["oci_home_region"] = oci_home_region
+ __props__.__dict__["oci_region"] = oci_region
+ if oci_svc_user_name is None and not opts.urn:
+ raise TypeError("Missing required property 'oci_svc_user_name'")
+ __props__.__dict__["oci_svc_user_name"] = oci_svc_user_name
+ if tenant_id is None and not opts.urn:
+ raise TypeError("Missing required property 'tenant_id'")
+ __props__.__dict__["tenant_id"] = tenant_id
+ __props__.__dict__["user_vault_ocid"] = user_vault_ocid
+ secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["ociClientSecret"])
+ opts = pulumi.ResourceOptions.merge(opts, secret_opts)
+ super(OciLinkAccount, __self__).__init__(
+ 'newrelic:cloud/ociLinkAccount:OciLinkAccount',
+ resource_name,
+ __props__,
+ opts)
+
+ @staticmethod
+ def get(resource_name: str,
+ id: pulumi.Input[str],
+ opts: Optional[pulumi.ResourceOptions] = None,
+ account_id: Optional[pulumi.Input[_builtins.str]] = None,
+ compartment_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ ingest_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ instrumentation_type: Optional[pulumi.Input[_builtins.str]] = None,
+ logging_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ metric_stack_ocid: Optional[pulumi.Input[_builtins.str]] = None,
+ name: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_id: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_client_secret: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_domain_url: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_home_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_region: Optional[pulumi.Input[_builtins.str]] = None,
+ oci_svc_user_name: Optional[pulumi.Input[_builtins.str]] = None,
+ tenant_id: Optional[pulumi.Input[_builtins.str]] = None,
+ user_vault_ocid: Optional[pulumi.Input[_builtins.str]] = None) -> 'OciLinkAccount':
+ """
+ Get an existing OciLinkAccount resource's state with the given name, id, and optional extra
+ properties used to qualify the lookup.
+
+ :param str resource_name: The unique name of the resulting resource.
+ :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+ :param pulumi.ResourceOptions opts: Options for the resource.
+ :param pulumi.Input[_builtins.str] account_id: New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ :param pulumi.Input[_builtins.str] compartment_ocid: OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ :param pulumi.Input[_builtins.str] ingest_vault_ocid: Vault secret OCID containing an ingest secret.
+ :param pulumi.Input[_builtins.str] instrumentation_type: Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ :param pulumi.Input[_builtins.str] logging_stack_ocid: The Logging stack identifier for the OCI account.
+ :param pulumi.Input[_builtins.str] metric_stack_ocid: Metric stack OCID (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] name: Display name for the linked account.
+ :param pulumi.Input[_builtins.str] oci_client_id: OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ :param pulumi.Input[_builtins.str] oci_client_secret: OAuth2 client secret. Not displayed in plans or state outputs.
+ :param pulumi.Input[_builtins.str] oci_domain_url: Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ :param pulumi.Input[_builtins.str] oci_home_region: Home region of the tenancy (e.g. `us-ashburn-1`).
+ :param pulumi.Input[_builtins.str] oci_region: OCI region for the linkage (ignored on create, applied on update).
+ :param pulumi.Input[_builtins.str] oci_svc_user_name: Service user name associated with the WIF configuration.
+ :param pulumi.Input[_builtins.str] tenant_id: OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ :param pulumi.Input[_builtins.str] user_vault_ocid: Vault secret OCID containing a user or auxiliary secret.
+ """
+ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+
+ __props__ = _OciLinkAccountState.__new__(_OciLinkAccountState)
+
+ __props__.__dict__["account_id"] = account_id
+ __props__.__dict__["compartment_ocid"] = compartment_ocid
+ __props__.__dict__["ingest_vault_ocid"] = ingest_vault_ocid
+ __props__.__dict__["instrumentation_type"] = instrumentation_type
+ __props__.__dict__["logging_stack_ocid"] = logging_stack_ocid
+ __props__.__dict__["metric_stack_ocid"] = metric_stack_ocid
+ __props__.__dict__["name"] = name
+ __props__.__dict__["oci_client_id"] = oci_client_id
+ __props__.__dict__["oci_client_secret"] = oci_client_secret
+ __props__.__dict__["oci_domain_url"] = oci_domain_url
+ __props__.__dict__["oci_home_region"] = oci_home_region
+ __props__.__dict__["oci_region"] = oci_region
+ __props__.__dict__["oci_svc_user_name"] = oci_svc_user_name
+ __props__.__dict__["tenant_id"] = tenant_id
+ __props__.__dict__["user_vault_ocid"] = user_vault_ocid
+ return OciLinkAccount(resource_name, opts=opts, __props__=__props__)
+
+ @_builtins.property
+ @pulumi.getter(name="accountId")
+ def account_id(self) -> pulumi.Output[_builtins.str]:
+ """
+ New Relic account to operate on. Overrides the provider-level `account_id`. If omitted, use the provider default or `NEW_RELIC_ACCOUNT_ID`.
+ """
+ return pulumi.get(self, "account_id")
+
+ @_builtins.property
+ @pulumi.getter(name="compartmentOcid")
+ def compartment_ocid(self) -> pulumi.Output[_builtins.str]:
+ """
+ OCI compartment OCID representing (or containing) the monitored resources/newrelic compartment.
+ """
+ return pulumi.get(self, "compartment_ocid")
+
+ @_builtins.property
+ @pulumi.getter(name="ingestVaultOcid")
+ def ingest_vault_ocid(self) -> pulumi.Output[Optional[_builtins.str]]:
+ """
+ Vault secret OCID containing an ingest secret.
+ """
+ return pulumi.get(self, "ingest_vault_ocid")
+
+ @_builtins.property
+ @pulumi.getter(name="instrumentationType")
+ def instrumentation_type(self) -> pulumi.Output[Optional[_builtins.str]]:
+ """
+ Specifies the type of integration, such as metrics, logs, or a combination of logs and metrics (e.g., `METRICS`, `LOGS`, `METRICS,LOGS`).
+ """
+ return pulumi.get(self, "instrumentation_type")
+
+ @_builtins.property
+ @pulumi.getter(name="loggingStackOcid")
+ def logging_stack_ocid(self) -> pulumi.Output[Optional[_builtins.str]]:
+ """
+ The Logging stack identifier for the OCI account.
+ """
+ return pulumi.get(self, "logging_stack_ocid")
+
+ @_builtins.property
+ @pulumi.getter(name="metricStackOcid")
+ def metric_stack_ocid(self) -> pulumi.Output[Optional[_builtins.str]]:
+ """
+ Metric stack OCID (ignored on create, applied on update).
+ """
+ return pulumi.get(self, "metric_stack_ocid")
+
+ @_builtins.property
+ @pulumi.getter
+ def name(self) -> pulumi.Output[_builtins.str]:
+ """
+ Display name for the linked account.
+ """
+ return pulumi.get(self, "name")
+
+ @_builtins.property
+ @pulumi.getter(name="ociClientId")
+ def oci_client_id(self) -> pulumi.Output[_builtins.str]:
+ """
+ OCI Identity Domain (IDCS) OAuth2 client ID used for workload identity federation.
+ """
+ return pulumi.get(self, "oci_client_id")
+
+ @_builtins.property
+ @pulumi.getter(name="ociClientSecret")
+ def oci_client_secret(self) -> pulumi.Output[_builtins.str]:
+ """
+ OAuth2 client secret. Not displayed in plans or state outputs.
+ """
+ return pulumi.get(self, "oci_client_secret")
+
+ @_builtins.property
+ @pulumi.getter(name="ociDomainUrl")
+ def oci_domain_url(self) -> pulumi.Output[_builtins.str]:
+ """
+ Base URL of the OCI Identity Domain (e.g. `https://idcs-.identity.oraclecloud.com`).
+ """
+ return pulumi.get(self, "oci_domain_url")
+
+ @_builtins.property
+ @pulumi.getter(name="ociHomeRegion")
+ def oci_home_region(self) -> pulumi.Output[_builtins.str]:
+ """
+ Home region of the tenancy (e.g. `us-ashburn-1`).
+ """
+ return pulumi.get(self, "oci_home_region")
+
+ @_builtins.property
+ @pulumi.getter(name="ociRegion")
+ def oci_region(self) -> pulumi.Output[Optional[_builtins.str]]:
+ """
+ OCI region for the linkage (ignored on create, applied on update).
+ """
+ return pulumi.get(self, "oci_region")
+
+ @_builtins.property
+ @pulumi.getter(name="ociSvcUserName")
+ def oci_svc_user_name(self) -> pulumi.Output[_builtins.str]:
+ """
+ Service user name associated with the WIF configuration.
+ """
+ return pulumi.get(self, "oci_svc_user_name")
+
+ @_builtins.property
+ @pulumi.getter(name="tenantId")
+ def tenant_id(self) -> pulumi.Output[_builtins.str]:
+ """
+ OCI tenancy OCID (root tenancy). Changing forces a new linked account.
+ """
+ return pulumi.get(self, "tenant_id")
+
+ @_builtins.property
+ @pulumi.getter(name="userVaultOcid")
+ def user_vault_ocid(self) -> pulumi.Output[Optional[_builtins.str]]:
+ """
+ Vault secret OCID containing a user or auxiliary secret.
+ """
+ return pulumi.get(self, "user_vault_ocid")
+
diff --git a/upstream b/upstream
index 5ad12638..a425e3c2 160000
--- a/upstream
+++ b/upstream
@@ -1 +1 @@
-Subproject commit 5ad126389d6e8d608fdc98e5ecda604d818b34c3
+Subproject commit a425e3c2dec8bdc91b9387b350996f0634f0850f