Skip to main content
Sign in Dashboard Get started
  1. Docs
  2. pulumi org role new | CLI commands

pulumi org role new | CLI commands

Generated for Pulumi CLI v3.245.0.

    [EXPERIMENTAL] Create a new custom role for an organization

    Synopsis

    [EXPERIMENTAL] Create a new custom role for an organization.

    The role’s permission tree is read from the JSON file at . Pass - to read the JSON from stdin instead.

    Both --output default and --output json print the same fields for the newly created role (id, name, description, purpose, version, etc.).

    pulumi org role new <name> <details-file> [flags]

    Examples

      # Create a role from a JSON file
  pulumi org role new stack-reader ./reader.json \
      --description "Read-only stack access"

  # Create a role from stdin and get the result as JSON
  cat reader.json | pulumi org role new stack-reader - --output json

    Options

          --description string   A description for the role
  -h, --help                 help for new
      --org string           The organization to create the role in. Defaults to the current default organization
      --output string        Output format. Supported values are: default and json (default "default")
      --purpose string       The UX purpose for the role: organization, team, or token

    Options inherited from parent commands

          --color string                 Colorize output. Choices are: always, never, raw, auto (default "auto")
  -C, --cwd string                   Run pulumi as if it had been started in another directory
      --disable-integrity-checking   Disable integrity checking of checkpoint files
  -e, --emoji                        Enable emojis in the output
  -Q, --fully-qualify-stack-names    Show fully-qualified stack names
      --logflow                      Flow log settings to child processes (like plugins)
      --logtostderr                  Log to stderr instead of to files
      --memprofilerate int           Enable more precise (and expensive) memory allocation profiles by setting runtime.MemProfileRate
      --non-interactive              Disable interactive mode for all commands
      --otel-traces string           Export OpenTelemetry traces to the specified endpoint. Use file:// for local JSON files, grpc:// for remote collectors
      --profiling string             Emit CPU and memory profiles and an execution trace to '[filename].[pid].{cpu,mem,trace}', respectively
      --tracing file:                Emit tracing to the specified endpoint. Use the file: scheme to write tracing data to a local file
  -v, --verbose int                  Enable verbose logging (e.g., v=3); anything >3 is very verbose

    SEE ALSO