TF palette 4.7.b

docs/index.md

@@ -174,7 +174,7 @@ For questions or issues with the provider, open up an issue in the provider GitH
 
 - `api_key` (String, Sensitive) The Spectro Cloud API key. Can also be set with the `SPECTROCLOUD_APIKEY` environment variable.
 - `host` (String) The Spectro Cloud API host url. Can also be set with the `SPECTROCLOUD_HOST` environment variable. Defaults to https://api.spectrocloud.com
-- `ignore_insecure_tls_error` (Boolean) Ignore insecure TLS errors for Spectro Cloud API endpoints. Defaults to false.
+- `ignore_insecure_tls_error` (Boolean) Ignore insecure TLS errors for Spectro Cloud API endpoints. ⚠️ WARNING: Setting this to true disables SSL certificate verification and makes connections vulnerable to man-in-the-middle attacks. Only use this in development/testing environments or when connecting to self-signed certificates in trusted networks. Defaults to false.
 - `project_name` (String) The Palette project the provider will target. If no value is provided, the `Default` Palette project is used. The default value is `Default`.
 - `retry_attempts` (Number) Number of retry attempts. Can also be set with the `SPECTROCLOUD_RETRY_ATTEMPTS` environment variable. Defaults to 10.
 - `trace` (Boolean) Enable HTTP request tracing. Can also be set with the `SPECTROCLOUD_TRACE` environment variable. To enable Terraform debug logging, set `TF_LOG=DEBUG`. Visit the Terraform documentation to learn more about Terraform [debugging](https://developer.hashicorp.com/terraform/plugin/log/managing).

docs/resources/appliance.md

@@ -21,6 +21,21 @@ resource "spectrocloud_appliance" "appliance" {
 }
 ```
 
+## Import
+
+Appliances can be imported using the appliance UID. This is a project-level resource.
+
+```bash
+terraform import spectrocloud_appliance.example <appliance_uid>
+```
+
+Where `<appliance_uid>` is the appliance UID.
+
+The import will automatically populate all configuration fields from the Spectro Cloud API, including the UID, tags, and tunnel configuration settings. The `wait` field will be set to `false` by default for imported appliances. After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
+
+**Note**: Since this is a project-level resource, ensure your provider is configured with appropriate project-level credentials and access.
+
+
 <!-- schema generated by tfplugindocs -->
 ## Schema
 

docs/resources/application.md

@@ -32,6 +32,16 @@ resource "spectrocloud_application" "application" {
    
 ```
 
+## Import
+
+Applications can be imported using their UID. The import will automatically detect the cluster context.
+
+```bash
+terraform import spectrocloud_application.example 63444eb70807dc2c14a8ad59
+```
+
+Note: During import, the application's configuration will be automatically populated from the Spectro Cloud API, including the correct cluster context.
+
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

docs/resources/application_profile.md

@@ -349,6 +349,21 @@ resource "spectrocloud_application_profile" "app_profile_all_tiers" {
 
 ```
 
+```
+## Import
+
+# terraform import spectrocloud_application_profile.app_profile_all_tiers "profile_uid_here"
+# 
+# Where:
+# - profile_uid_here is the unique identifier of the application profile
+#
+# To import using import block:
+# import {
+#   to = spectrocloud_application_profile.app_profile_all_tiers
+#   id = "profile_uid_here"
+# }
+```
+
 <!-- schema generated by tfplugindocs -->
 ## Schema
 

docs/resources/backup_storage_location.md

@@ -44,6 +44,33 @@ resource "spectrocloud_backup_storage_location" "bsl2" {
 }
 ```
 
+## Import
+
+Backup Storage Locations can be imported using either a simple ID format or with explicit context specification. This resource supports both project and tenant contexts.
+
+### Simple Import (defaults to project context)
+
+```bash
+terraform import spectrocloud_backup_storage_location.example <bsl_id>:project
+```
+
+### Context-specific Import
+
+```bash
+terraform import spectrocloud_backup_storage_location.example <bsl_id>:project
+terraform import spectrocloud_backup_storage_location.example <bsl_id>:tenant
+```
+
+Where:
+- `<bsl_id>` is the Backup Storage Location ID
+- `project` or `tenant` specifies the context where the backup storage location exists
+
+**Import behavior:**
+- If no context is specified, it defaults to `project` context
+- If the resource is not found in the specified context, the import will automatically try the other context
+- The import will automatically populate all configuration fields from the Spectro Cloud API, including the correct context, storage provider, and all provider-specific settings
+
+After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
 
 
 <!-- schema generated by tfplugindocs -->

docs/resources/cloudaccount_azure.md

@@ -34,12 +34,13 @@ resource "spectrocloud_cloudaccount_azure" "azure-1" {
 ### Optional
 
 - `cloud` (String) The Azure partition in which the cloud account is located. 
-Can be 'AzurePublicCloud' for standard Azure regions or 'AzureUSGovernmentCloud' for Azure GovCloud (US) regions.
+Can be 'AzurePublicCloud' for standard Azure regions or 'AzureUSGovernmentCloud' for Azure GovCloud (US) regions or 'AzureUSSecretCloud' for Azure Secret Cloud regions.
 Default is 'AzurePublicCloud'.
 - `context` (String) The context of the Azure configuration. Defaults to `project`. If  the `project` context is specified, the project name will sourced from the provider configuration parameter [`project_name`](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs#schema).
 - `disable_properties_request` (Boolean) Disable properties request. This is a boolean value that indicates whether to disable properties request or not. If not specified, the default value is `false`.
 - `private_cloud_gateway_id` (String) ID of the private cloud gateway. This is the ID of the private cloud gateway that is used to connect to the private cluster endpoint.
 - `tenant_name` (String) The name of the tenant. This is the name of the tenant that is used to connect to the Azure cloud.
+- `tls_cert` (String) TLS certificate for authentication. This field is only allowed when cloud is set to 'AzureUSSecretCloud'.
 
 ### Read-Only
 

docs/resources/cluster_group.md

@@ -40,6 +40,25 @@ resource "spectrocloud_cluster_group" "cg" {
    
 ```
 
+## Import
+
+In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import)
+to import the resource spectrocloud_cluster_group by using its `id` with the Palette `context` separated by a colon. For example:
+
+```terraform
+import {
+  to = spectrocloud_cluster_group.example
+  id = "example_id:context"
+}
+```
+
+Using `terraform import`, import the cluster group using the `id` colon separated with `context`. For example:
+
+```console
+terraform import spectrocloud_cluster_group.example example_id:project
+```
+
+Refer to the [Import section](/docs#import) to learn more.
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

docs/resources/cluster_maas.md

@@ -169,6 +169,10 @@ Required:
 
 - `domain` (String) Domain name in which the cluster to be provisioned.
 
+Optional:
+
+- `enable_lxd_vm` (Boolean) Whether to enable LXD VM. Default is `false`.
+
 
 <a id="nestedblock--machine_pool"></a>
 ### Nested Schema for `machine_pool`
@@ -179,6 +183,7 @@ Required:
 - `count` (Number) Number of nodes in the machine pool.
 - `instance_type` (Block List, Min: 1, Max: 1) (see [below for nested schema](#nestedblock--machine_pool--instance_type))
 - `name` (String) Name of the machine pool.
+- `network` (Block List, Min: 1, Max: 1) (see [below for nested schema](#nestedblock--machine_pool--network))
 - `placement` (Block List, Min: 1, Max: 1) (see [below for nested schema](#nestedblock--machine_pool--placement))
 
 Optional:
@@ -193,6 +198,7 @@ Optional:
 - `node_tags` (Set of String) Node tags to dynamically place nodes in a pool by using MAAS automatic tags. Specify the tag values that you want to apply to all nodes in the node pool.
 - `taints` (Block List) (see [below for nested schema](#nestedblock--machine_pool--taints))
 - `update_strategy` (String) Update strategy for the machine pool. Valid values are `RollingUpdateScaleOut` and `RollingUpdateScaleIn`.
+- `use_lxd_vm` (Boolean) Whether to use LXD VM. Default is `false`.
 
 <a id="nestedblock--machine_pool--instance_type"></a>
 ### Nested Schema for `machine_pool.instance_type`
@@ -203,6 +209,19 @@ Required:
 - `min_memory_mb` (Number) Minimum memory in MB required for the machine pool node.
 
 
+<a id="nestedblock--machine_pool--network"></a>
+### Nested Schema for `machine_pool.network`
+
+Required:
+
+- `network_name` (String) The name of the network in which VMs are created/located.
+
+Optional:
+
+- `parent_pool_uid` (String) The UID of the parent pool which allocates IPs for this IPPool.
+- `static_ip` (Boolean) Whether to use static IP. Default is `false`.
+
+
 <a id="nestedblock--machine_pool--placement"></a>
 ### Nested Schema for `machine_pool.placement`
 

docs/resources/datavolume.md

@@ -87,7 +87,6 @@ Read-Only:
 
 - `generation` (Number) A sequence number representing a specific generation of the desired state.
 - `resource_version` (String) An opaque value that represents the internal version of this DataVolume that can be used by clients to determine when DataVolume has changed. Read more: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-- `self_link` (String) A URL representing this DataVolume.
 - `uid` (String) The unique in time and space value for this DataVolume. More info: http://kubernetes.io/docs/user-guide/identifiers#uids
 
 

docs/resources/privatecloudgateway_dns_map.md

@@ -27,6 +27,23 @@ An example of creating an DNS Map for a Private Cloud Gateway using a search dom
  }
 ```
 
+## Import
+
+Private Cloud Gateway DNS maps can be imported using the composite ID format: `pcg_id:dns_map_id`. This is a tenant-level resource.
+
+```bash
+terraform import spectrocloud_privatecloudgateway_dns_map.example <pcg_id>:<dns_map_id>
+```
+
+Where:
+- `<pcg_id>` is the Private Cloud Gateway ID
+- `<dns_map_id>` is the DNS map ID
+
+The import will automatically populate all configuration fields from the Spectro Cloud API, including the associated Private Cloud Gateway ID, search domain name, data center, and network. After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
+
+**Note**: Since this is a tenant-level resource, ensure your provider is configured with appropriate tenant-level credentials and access.
+
+
 <!-- schema generated by tfplugindocs -->
 ## Schema
 

docs/resources/privatecloudgateway_ippool.md

@@ -52,6 +52,22 @@ An example of creating an IP Pool for a Private Cloud Gateway using a subnet of
  }
 ```
 
+## Import
+
+Private Cloud Gateway IP pools can be imported using the composite ID format: `pcg_id:ippool_id`. This is a tenant-level resource.
+
+```bash
+terraform import spectrocloud_privatecloudgateway_ippool.example <pcg_id>:<ippool_id>
+```
+
+Where:
+- `<pcg_id>` is the Private Cloud Gateway ID
+- `<ippool_id>` is the IP Pool ID
+
+The import will automatically populate all configuration fields from the Spectro Cloud API. After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
+
+**Note**: Since this is a tenant-level resource, ensure your provider is configured with appropriate tenant-level credentials and access.
+
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

docs/resources/registry_helm.md

@@ -24,6 +24,20 @@ resource "spectrocloud_registry_helm" "r1" {
 }
 ```
 
+## Import
+
+Helm registries can be imported using the registry ID. This is a tenant-level resource.
+
+```bash
+terraform import spectrocloud_registry_helm.example <registry_id>
+```
+
+Where `<registry_id>` is the Helm registry ID.
+
+The import will automatically populate all configuration fields from the Spectro Cloud API, including the name, endpoint, privacy setting, and authentication credentials. After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
+
+**Note**: Since this is a tenant-level resource, ensure your provider is configured with appropriate tenant-level credentials and access.
+
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

docs/resources/registry_oci.md

@@ -25,6 +25,20 @@ resource "spectrocloud_registry_oci" "r1" {
 }
 ```
 
+## Import
+
+OCI registries can be imported using the registry ID. This is a tenant-level resource.
+
+```bash
+terraform import spectrocloud_registry_oci.example <registry_id>
+```
+
+Where `<registry_id>` is the OCI registry ID.
+
+The import will automatically detect whether the registry is an ECR or basic type and populate all configuration fields from the Spectro Cloud API. After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
+
+**Note**: Since this is a tenant-level resource, ensure your provider is configured with appropriate tenant-level credentials and access.
+
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
@@ -72,7 +86,7 @@ Optional:
 Optional:
 
 - `certificate` (String) Specifies the TLS certificate used for secure communication. Required for enabling SSL/TLS encryption.
-- `insecure_skip_verify` (Boolean) Disables TLS certificate verification when set to true. Use with caution as it may expose connections to security risks.
+- `insecure_skip_verify` (Boolean) Disables TLS certificate verification when set to true. ⚠️ WARNING: Setting this to true disables SSL certificate verification and makes connections vulnerable to man-in-the-middle attacks. Only use this when connecting to registries with self-signed certificates in trusted networks.
 
 
 

docs/resources/ssh_key.md

@@ -58,6 +58,34 @@ resource "spectrocloud_ssh_key" "primary_key_1" {
 }
 ```
 
+## Import
+
+SSH keys can be imported using either a simple ID format or with explicit context specification. This resource supports both project and tenant contexts.
+
+### Simple Import (defaults to project context)
+
+```bash
+terraform import spectrocloud_ssh_key.example <ssh_key_id>
+```
+
+### Context-specific Import
+
+```bash
+terraform import spectrocloud_ssh_key.example <ssh_key_id>:project
+terraform import spectrocloud_ssh_key.example <ssh_key_id>:tenant
+```
+
+Where:
+- `<ssh_key_id>` is the SSH key ID
+- `project` or `tenant` specifies the context where the SSH key exists
+
+**Import behavior:**
+- If no context is specified, it defaults to `project` context
+- If the resource is not found in the specified context, the import will automatically try the other context
+- The import will automatically populate all configuration fields from the Spectro Cloud API, including the correct context, name, and SSH key content
+
+After import, you can run `terraform plan` to see the current configuration and make any necessary adjustments.
+
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

docs/resources/sso.md

@@ -102,7 +102,7 @@ Optional:
 
 - `default_team_ids` (Set of String) A set of default team IDs assigned to users.
 - `identity_provider_ca_certificate` (String) Certificate authority (CA) certificate for the identity provider.
-- `insecure_skip_tls_verify` (Boolean) Boolean to skip TLS verification for identity provider communication.
+- `insecure_skip_tls_verify` (Boolean) Boolean to skip TLS verification for identity provider communication. ⚠️ WARNING: Setting this to true disables SSL certificate verification and makes connections vulnerable to man-in-the-middle attacks. Only use this when connecting to identity providers with self-signed certificates in trusted networks.
 - `user_info_endpoint` (Block List, Max: 1) To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint. (see [below for nested schema](#nestedblock--oidc--user_info_endpoint))
 
 Read-Only: