Docs Home
cyral 4.16.3 published on Monday, Apr 14, 2025 by cyralinc
cyral.RepositoryAccessRules
Explore with Pulumi AI
# cyral.RepositoryAccessRules (Resource)
Manage access rules
Import ID syntax is
{repository_id}/{user_account_id}.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cyral from "@pulumi/cyral";
const someResourceName = new cyral.RepositoryAccessRules("someResourceName", {
repositoryId: "",
rules: [
{
config: {
policyIds: [
"policy1",
"policy2",
],
},
identity: {
name: "",
type: "username|email|group",
},
validFrom: "2022-09-19T23:50:48.606Z",
validUntil: "2022-10-10T00:00:00Z",
},
{
identity: {
name: "",
type: "username|email|group",
},
},
{
config: {
policyIds: ["some_mfa_policy"],
},
identity: {
name: "",
type: "username|email|group",
},
},
],
userAccountId: "",
});
import pulumi
import pulumi_cyral as cyral
some_resource_name = cyral.RepositoryAccessRules("someResourceName",
repository_id="",
rules=[
{
"config": {
"policy_ids": [
"policy1",
"policy2",
],
},
"identity": {
"name": "",
"type": "username|email|group",
},
"valid_from": "2022-09-19T23:50:48.606Z",
"valid_until": "2022-10-10T00:00:00Z",
},
{
"identity": {
"name": "",
"type": "username|email|group",
},
},
{
"config": {
"policy_ids": ["some_mfa_policy"],
},
"identity": {
"name": "",
"type": "username|email|group",
},
},
],
user_account_id="")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/cyral/v4/cyral"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cyral.NewRepositoryAccessRules(ctx, "someResourceName", &cyral.RepositoryAccessRulesArgs{
RepositoryId: pulumi.String(""),
Rules: cyral.RepositoryAccessRulesRuleArray{
&cyral.RepositoryAccessRulesRuleArgs{
Config: &cyral.RepositoryAccessRulesRuleConfigArgs{
PolicyIds: pulumi.StringArray{
pulumi.String("policy1"),
pulumi.String("policy2"),
},
},
Identity: &cyral.RepositoryAccessRulesRuleIdentityArgs{
Name: pulumi.String(""),
Type: pulumi.String("username|email|group"),
},
ValidFrom: pulumi.String("2022-09-19T23:50:48.606Z"),
ValidUntil: pulumi.String("2022-10-10T00:00:00Z"),
},
&cyral.RepositoryAccessRulesRuleArgs{
Identity: &cyral.RepositoryAccessRulesRuleIdentityArgs{
Name: pulumi.String(""),
Type: pulumi.String("username|email|group"),
},
},
&cyral.RepositoryAccessRulesRuleArgs{
Config: &cyral.RepositoryAccessRulesRuleConfigArgs{
PolicyIds: pulumi.StringArray{
pulumi.String("some_mfa_policy"),
},
},
Identity: &cyral.RepositoryAccessRulesRuleIdentityArgs{
Name: pulumi.String(""),
Type: pulumi.String("username|email|group"),
},
},
},
UserAccountId: pulumi.String(""),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cyral = Pulumi.Cyral;
return await Deployment.RunAsync(() =>
{
var someResourceName = new Cyral.RepositoryAccessRules("someResourceName", new()
{
RepositoryId = "",
Rules = new[]
{
new Cyral.Inputs.RepositoryAccessRulesRuleArgs
{
Config = new Cyral.Inputs.RepositoryAccessRulesRuleConfigArgs
{
PolicyIds = new[]
{
"policy1",
"policy2",
},
},
Identity = new Cyral.Inputs.RepositoryAccessRulesRuleIdentityArgs
{
Name = "",
Type = "username|email|group",
},
ValidFrom = "2022-09-19T23:50:48.606Z",
ValidUntil = "2022-10-10T00:00:00Z",
},
new Cyral.Inputs.RepositoryAccessRulesRuleArgs
{
Identity = new Cyral.Inputs.RepositoryAccessRulesRuleIdentityArgs
{
Name = "",
Type = "username|email|group",
},
},
new Cyral.Inputs.RepositoryAccessRulesRuleArgs
{
Config = new Cyral.Inputs.RepositoryAccessRulesRuleConfigArgs
{
PolicyIds = new[]
{
"some_mfa_policy",
},
},
Identity = new Cyral.Inputs.RepositoryAccessRulesRuleIdentityArgs
{
Name = "",
Type = "username|email|group",
},
},
},
UserAccountId = "",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cyral.RepositoryAccessRules;
import com.pulumi.cyral.RepositoryAccessRulesArgs;
import com.pulumi.cyral.inputs.RepositoryAccessRulesRuleArgs;
import com.pulumi.cyral.inputs.RepositoryAccessRulesRuleConfigArgs;
import com.pulumi.cyral.inputs.RepositoryAccessRulesRuleIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var someResourceName = new RepositoryAccessRules("someResourceName", RepositoryAccessRulesArgs.builder()
.repositoryId("")
.rules(
RepositoryAccessRulesRuleArgs.builder()
.config(RepositoryAccessRulesRuleConfigArgs.builder()
.policyIds(
"policy1",
"policy2")
.build())
.identity(RepositoryAccessRulesRuleIdentityArgs.builder()
.name("")
.type("username|email|group")
.build())
.validFrom("2022-09-19T23:50:48.606Z")
.validUntil("2022-10-10T00:00:00Z")
.build(),
RepositoryAccessRulesRuleArgs.builder()
.identity(RepositoryAccessRulesRuleIdentityArgs.builder()
.name("")
.type("username|email|group")
.build())
.build(),
RepositoryAccessRulesRuleArgs.builder()
.config(RepositoryAccessRulesRuleConfigArgs.builder()
.policyIds("some_mfa_policy")
.build())
.identity(RepositoryAccessRulesRuleIdentityArgs.builder()
.name("")
.type("username|email|group")
.build())
.build())
.userAccountId("")
.build());
}
}
resources:
someResourceName:
type: cyral:RepositoryAccessRules
properties:
repositoryId: ""
rules:
- config:
policyIds:
- policy1
- policy2
identity:
name: ""
type: username|email|group
validFrom: 2022-09-19T23:50:48.606Z
validUntil: 2022-10-10T00:00:00Z
- identity:
name: ""
type: username|email|group
- config:
policyIds:
- some_mfa_policy
identity:
name: ""
type: username|email|group
userAccountId: ""
Create RepositoryAccessRules Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RepositoryAccessRules(name: string, args: RepositoryAccessRulesArgs, opts?: CustomResourceOptions);@overload
def RepositoryAccessRules(resource_name: str,
args: RepositoryAccessRulesArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RepositoryAccessRules(resource_name: str,
opts: Optional[ResourceOptions] = None,
repository_id: Optional[str] = None,
rules: Optional[Sequence[RepositoryAccessRulesRuleArgs]] = None,
user_account_id: Optional[str] = None)func NewRepositoryAccessRules(ctx *Context, name string, args RepositoryAccessRulesArgs, opts ...ResourceOption) (*RepositoryAccessRules, error)public RepositoryAccessRules(string name, RepositoryAccessRulesArgs args, CustomResourceOptions? opts = null)
public RepositoryAccessRules(String name, RepositoryAccessRulesArgs args)
public RepositoryAccessRules(String name, RepositoryAccessRulesArgs args, CustomResourceOptions options)
type: cyral:RepositoryAccessRules
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RepositoryAccessRulesArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RepositoryAccessRulesArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RepositoryAccessRulesArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RepositoryAccessRulesArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RepositoryAccessRulesArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var repositoryAccessRulesResource = new Cyral.RepositoryAccessRules("repositoryAccessRulesResource", new()
{
RepositoryId = "string",
Rules = new[]
{
new Cyral.Inputs.RepositoryAccessRulesRuleArgs
{
Identity = new Cyral.Inputs.RepositoryAccessRulesRuleIdentityArgs
{
Name = "string",
Type = "string",
},
Config = new Cyral.Inputs.RepositoryAccessRulesRuleConfigArgs
{
PolicyIds = new[]
{
"string",
},
},
ValidFrom = "string",
ValidUntil = "string",
},
},
UserAccountId = "string",
});
example, err := cyral.NewRepositoryAccessRules(ctx, "repositoryAccessRulesResource", &cyral.RepositoryAccessRulesArgs{
RepositoryId: pulumi.String("string"),
Rules: cyral.RepositoryAccessRulesRuleArray{
&cyral.RepositoryAccessRulesRuleArgs{
Identity: &cyral.RepositoryAccessRulesRuleIdentityArgs{
Name: pulumi.String("string"),
Type: pulumi.String("string"),
},
Config: &cyral.RepositoryAccessRulesRuleConfigArgs{
PolicyIds: pulumi.StringArray{
pulumi.String("string"),
},
},
ValidFrom: pulumi.String("string"),
ValidUntil: pulumi.String("string"),
},
},
UserAccountId: pulumi.String("string"),
})
var repositoryAccessRulesResource = new RepositoryAccessRules("repositoryAccessRulesResource", RepositoryAccessRulesArgs.builder()
.repositoryId("string")
.rules(RepositoryAccessRulesRuleArgs.builder()
.identity(RepositoryAccessRulesRuleIdentityArgs.builder()
.name("string")
.type("string")
.build())
.config(RepositoryAccessRulesRuleConfigArgs.builder()
.policyIds("string")
.build())
.validFrom("string")
.validUntil("string")
.build())
.userAccountId("string")
.build());
repository_access_rules_resource = cyral.RepositoryAccessRules("repositoryAccessRulesResource",
repository_id="string",
rules=[{
"identity": {
"name": "string",
"type": "string",
},
"config": {
"policy_ids": ["string"],
},
"valid_from": "string",
"valid_until": "string",
}],
user_account_id="string")
const repositoryAccessRulesResource = new cyral.RepositoryAccessRules("repositoryAccessRulesResource", {
repositoryId: "string",
rules: [{
identity: {
name: "string",
type: "string",
},
config: {
policyIds: ["string"],
},
validFrom: "string",
validUntil: "string",
}],
userAccountId: "string",
});
type: cyral:RepositoryAccessRules
properties:
repositoryId: string
rules:
- config:
policyIds:
- string
identity:
name: string
type: string
validFrom: string
validUntil: string
userAccountId: string
RepositoryAccessRules Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The RepositoryAccessRules resource accepts the following input properties:
- Repository
Id string - ID of the repository.
- Rules
List<Repository
Access Rules Rule> - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- User
Account stringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- Repository
Id string - ID of the repository.
- Rules
[]Repository
Access Rules Rule Args - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- User
Account stringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository
Id String - ID of the repository.
- rules
List<Repository
Access Rules Rule> - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user
Account StringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository
Id string - ID of the repository.
- rules
Repository
Access Rules Rule[] - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user
Account stringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository_
id str - ID of the repository.
- rules
Sequence[Repository
Access Rules Rule Args] - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user_
account_ strid - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository
Id String - ID of the repository.
- rules List<Property Map>
- A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user
Account StringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
Outputs
All input properties are implicitly available as output properties. Additionally, the RepositoryAccessRules resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RepositoryAccessRules Resource
Get an existing RepositoryAccessRules resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RepositoryAccessRulesState, opts?: CustomResourceOptions): RepositoryAccessRules@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
repository_id: Optional[str] = None,
rules: Optional[Sequence[RepositoryAccessRulesRuleArgs]] = None,
user_account_id: Optional[str] = None) -> RepositoryAccessRulesfunc GetRepositoryAccessRules(ctx *Context, name string, id IDInput, state *RepositoryAccessRulesState, opts ...ResourceOption) (*RepositoryAccessRules, error)public static RepositoryAccessRules Get(string name, Input<string> id, RepositoryAccessRulesState? state, CustomResourceOptions? opts = null)public static RepositoryAccessRules get(String name, Output<String> id, RepositoryAccessRulesState state, CustomResourceOptions options)resources: _: type: cyral:RepositoryAccessRules get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Repository
Id string - ID of the repository.
- Rules
List<Repository
Access Rules Rule> - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- User
Account stringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- Repository
Id string - ID of the repository.
- Rules
[]Repository
Access Rules Rule Args - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- User
Account stringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository
Id String - ID of the repository.
- rules
List<Repository
Access Rules Rule> - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user
Account StringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository
Id string - ID of the repository.
- rules
Repository
Access Rules Rule[] - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user
Account stringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository_
id str - ID of the repository.
- rules
Sequence[Repository
Access Rules Rule Args] - A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user_
account_ strid - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
- repository
Id String - ID of the repository.
- rules List<Property Map>
- A list of access rules. The order in which access rules are declared dictates the precedence of the rules (first one has the highest priority)
- user
Account StringId - ID of the database account. This should be the attribute
user_account_idof the resourcecyral.RepositoryUserAccount.
Supporting Types
RepositoryAccessRulesRule, RepositoryAccessRulesRuleArgs
- Identity
Repository
Access Rules Rule Identity - The identity of the person/group getting access.
- Config
Repository
Access Rules Rule Config - Extra (optional) configuration parameters.
- Valid
From string - The start time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z. - Valid
Until string - The end time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z.
- Identity
Repository
Access Rules Rule Identity - The identity of the person/group getting access.
- Config
Repository
Access Rules Rule Config - Extra (optional) configuration parameters.
- Valid
From string - The start time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z. - Valid
Until string - The end time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z.
- identity
Repository
Access Rules Rule Identity - The identity of the person/group getting access.
- config
Repository
Access Rules Rule Config - Extra (optional) configuration parameters.
- valid
From String - The start time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z. - valid
Until String - The end time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z.
- identity
Repository
Access Rules Rule Identity - The identity of the person/group getting access.
- config
Repository
Access Rules Rule Config - Extra (optional) configuration parameters.
- valid
From string - The start time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z. - valid
Until string - The end time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z.
- identity
Repository
Access Rules Rule Identity - The identity of the person/group getting access.
- config
Repository
Access Rules Rule Config - Extra (optional) configuration parameters.
- valid_
from str - The start time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z. - valid_
until str - The end time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z.
- identity Property Map
- The identity of the person/group getting access.
- config Property Map
- Extra (optional) configuration parameters.
- valid
From String - The start time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z. - valid
Until String - The end time for the grant. Format is:
yyyy-mm-ddThh:mm:ssZ. Eg.2022-01-24T18:30:00Z.
RepositoryAccessRulesRuleConfig, RepositoryAccessRulesRuleConfigArgs
- Policy
Ids List<string> - Extra authorization policies, such as PagerDuty or DUO. Use the attribute
idfrom resourcescyral.IntegrationPagerDutyandcyral.IntegrationMfaDuo.
- Policy
Ids []string - Extra authorization policies, such as PagerDuty or DUO. Use the attribute
idfrom resourcescyral.IntegrationPagerDutyandcyral.IntegrationMfaDuo.
- policy
Ids List<String> - Extra authorization policies, such as PagerDuty or DUO. Use the attribute
idfrom resourcescyral.IntegrationPagerDutyandcyral.IntegrationMfaDuo.
- policy
Ids string[] - Extra authorization policies, such as PagerDuty or DUO. Use the attribute
idfrom resourcescyral.IntegrationPagerDutyandcyral.IntegrationMfaDuo.
- policy_
ids Sequence[str] - Extra authorization policies, such as PagerDuty or DUO. Use the attribute
idfrom resourcescyral.IntegrationPagerDutyandcyral.IntegrationMfaDuo.
- policy
Ids List<String> - Extra authorization policies, such as PagerDuty or DUO. Use the attribute
idfrom resourcescyral.IntegrationPagerDutyandcyral.IntegrationMfaDuo.
RepositoryAccessRulesRuleIdentity, RepositoryAccessRulesRuleIdentityArgs
Package Details
- Repository
- cyral cyralinc/terraform-provider-cyral
- License
- Notes
- This Pulumi package is based on the
cyralTerraform Provider.