Docs
Packagesgithub.ActionsOrganizationPermissions
Explore with Pulumi AI
This resource allows you to create and manage GitHub Actions permissions within your GitHub enterprise organizations. You must have admin access to an organization to use this resource.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Github = Pulumi.Github;
return await Deployment.RunAsync(() =>
{
var example = new Github.Repository("example");
var test = new Github.ActionsOrganizationPermissions("test", new()
{
AllowedActions = "selected",
EnabledRepositories = "selected",
AllowedActionsConfig = new Github.Inputs.ActionsOrganizationPermissionsAllowedActionsConfigArgs
{
GithubOwnedAllowed = true,
PatternsAlloweds = new[]
{
"actions/cache@*",
"actions/checkout@*",
},
VerifiedAllowed = true,
},
EnabledRepositoriesConfig = new Github.Inputs.ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs
{
RepositoryIds = new[]
{
example.RepoId,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-github/sdk/v5/go/github"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := github.NewRepository(ctx, "example", nil)
if err != nil {
return err
}
_, err = github.NewActionsOrganizationPermissions(ctx, "test", &github.ActionsOrganizationPermissionsArgs{
AllowedActions: pulumi.String("selected"),
EnabledRepositories: pulumi.String("selected"),
AllowedActionsConfig: &github.ActionsOrganizationPermissionsAllowedActionsConfigArgs{
GithubOwnedAllowed: pulumi.Bool(true),
PatternsAlloweds: pulumi.StringArray{
pulumi.String("actions/cache@*"),
pulumi.String("actions/checkout@*"),
},
VerifiedAllowed: pulumi.Bool(true),
},
EnabledRepositoriesConfig: &github.ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs{
RepositoryIds: pulumi.IntArray{
example.RepoId,
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.github.Repository;
import com.pulumi.github.ActionsOrganizationPermissions;
import com.pulumi.github.ActionsOrganizationPermissionsArgs;
import com.pulumi.github.inputs.ActionsOrganizationPermissionsAllowedActionsConfigArgs;
import com.pulumi.github.inputs.ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Repository("example");
var test = new ActionsOrganizationPermissions("test", ActionsOrganizationPermissionsArgs.builder()
.allowedActions("selected")
.enabledRepositories("selected")
.allowedActionsConfig(ActionsOrganizationPermissionsAllowedActionsConfigArgs.builder()
.githubOwnedAllowed(true)
.patternsAlloweds(
"actions/cache@*",
"actions/checkout@*")
.verifiedAllowed(true)
.build())
.enabledRepositoriesConfig(ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs.builder()
.repositoryIds(example.repoId())
.build())
.build());
}
}
import pulumi
import pulumi_github as github
example = github.Repository("example")
test = github.ActionsOrganizationPermissions("test",
allowed_actions="selected",
enabled_repositories="selected",
allowed_actions_config=github.ActionsOrganizationPermissionsAllowedActionsConfigArgs(
github_owned_allowed=True,
patterns_alloweds=[
"actions/cache@*",
"actions/checkout@*",
],
verified_allowed=True,
),
enabled_repositories_config=github.ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs(
repository_ids=[example.repo_id],
))
import * as pulumi from "@pulumi/pulumi";
import * as github from "@pulumi/github";
const example = new github.Repository("example", {});
const test = new github.ActionsOrganizationPermissions("test", {
allowedActions: "selected",
enabledRepositories: "selected",
allowedActionsConfig: {
githubOwnedAllowed: true,
patternsAlloweds: [
"actions/cache@*",
"actions/checkout@*",
],
verifiedAllowed: true,
},
enabledRepositoriesConfig: {
repositoryIds: [example.repoId],
},
});
resources:
example:
type: github:Repository
test:
type: github:ActionsOrganizationPermissions
properties:
allowedActions: selected
enabledRepositories: selected
allowedActionsConfig:
githubOwnedAllowed: true
patternsAlloweds:
- actions/cache@*
- actions/checkout@*
verifiedAllowed: true
enabledRepositoriesConfig:
repositoryIds:
- ${example.repoId}
Create ActionsOrganizationPermissions Resource
new ActionsOrganizationPermissions(name: string, args: ActionsOrganizationPermissionsArgs, opts?: CustomResourceOptions);@overload
def ActionsOrganizationPermissions(resource_name: str,
opts: Optional[ResourceOptions] = None,
allowed_actions: Optional[str] = None,
allowed_actions_config: Optional[ActionsOrganizationPermissionsAllowedActionsConfigArgs] = None,
enabled_repositories: Optional[str] = None,
enabled_repositories_config: Optional[ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs] = None)
@overload
def ActionsOrganizationPermissions(resource_name: str,
args: ActionsOrganizationPermissionsArgs,
opts: Optional[ResourceOptions] = None)func NewActionsOrganizationPermissions(ctx *Context, name string, args ActionsOrganizationPermissionsArgs, opts ...ResourceOption) (*ActionsOrganizationPermissions, error)public ActionsOrganizationPermissions(string name, ActionsOrganizationPermissionsArgs args, CustomResourceOptions? opts = null)
public ActionsOrganizationPermissions(String name, ActionsOrganizationPermissionsArgs args)
public ActionsOrganizationPermissions(String name, ActionsOrganizationPermissionsArgs args, CustomResourceOptions options)
type: github:ActionsOrganizationPermissions
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ActionsOrganizationPermissionsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ActionsOrganizationPermissionsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ActionsOrganizationPermissionsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ActionsOrganizationPermissionsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ActionsOrganizationPermissionsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ActionsOrganizationPermissions Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ActionsOrganizationPermissions resource accepts the following input properties:
- Enabled
Repositories string The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- Allowed
Actions string The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- Allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- Enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- Enabled
Repositories string The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- Allowed
Actions string The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- Allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- Enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- enabled
Repositories String The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- allowed
Actions String The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- enabled
Repositories string The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- allowed
Actions string The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- enabled_
repositories str The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- allowed_
actions str The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed_
actions_ Actionsconfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled_
repositories_ Actionsconfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- enabled
Repositories String The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- allowed
Actions String The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed
Actions Property MapConfig Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled
Repositories Property MapConfig Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
Outputs
All input properties are implicitly available as output properties. Additionally, the ActionsOrganizationPermissions resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing ActionsOrganizationPermissions Resource
Get an existing ActionsOrganizationPermissions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ActionsOrganizationPermissionsState, opts?: CustomResourceOptions): ActionsOrganizationPermissions@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allowed_actions: Optional[str] = None,
allowed_actions_config: Optional[ActionsOrganizationPermissionsAllowedActionsConfigArgs] = None,
enabled_repositories: Optional[str] = None,
enabled_repositories_config: Optional[ActionsOrganizationPermissionsEnabledRepositoriesConfigArgs] = None) -> ActionsOrganizationPermissionsfunc GetActionsOrganizationPermissions(ctx *Context, name string, id IDInput, state *ActionsOrganizationPermissionsState, opts ...ResourceOption) (*ActionsOrganizationPermissions, error)public static ActionsOrganizationPermissions Get(string name, Input<string> id, ActionsOrganizationPermissionsState? state, CustomResourceOptions? opts = null)public static ActionsOrganizationPermissions get(String name, Output<String> id, ActionsOrganizationPermissionsState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allowed
Actions string The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- Allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- Enabled
Repositories string The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- Enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- Allowed
Actions string The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- Allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- Enabled
Repositories string The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- Enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- allowed
Actions String The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled
Repositories String The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- allowed
Actions string The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed
Actions ActionsConfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled
Repositories string The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- enabled
Repositories ActionsConfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- allowed_
actions str The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed_
actions_ Actionsconfig Organization Permissions Allowed Actions Config Args Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled_
repositories str The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- enabled_
repositories_ Actionsconfig Organization Permissions Enabled Repositories Config Args Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
- allowed
Actions String The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected.- allowed
Actions Property MapConfig Sets the actions that are allowed in an organization. Only available when
allowed_actions=selected. See Allowed Actions Config below for details.- enabled
Repositories String The policy that controls the repositories in the organization that are allowed to run GitHub Actions. Can be one of:
all,none, orselected.- enabled
Repositories Property MapConfig Sets the list of selected repositories that are enabled for GitHub Actions in an organization. Only available when
enabled_repositories=selected. See Enabled Repositories Config below for details.
Supporting Types
ActionsOrganizationPermissionsAllowedActionsConfig
- Github
Owned boolAllowed Whether GitHub-owned actions are allowed in the organization.
- Patterns
Alloweds List<string> Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- Verified
Allowed bool Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- Github
Owned boolAllowed Whether GitHub-owned actions are allowed in the organization.
- Patterns
Alloweds []string Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- Verified
Allowed bool Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github
Owned BooleanAllowed Whether GitHub-owned actions are allowed in the organization.
- patterns
Alloweds List<String> Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified
Allowed Boolean Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github
Owned booleanAllowed Whether GitHub-owned actions are allowed in the organization.
- patterns
Alloweds string[] Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified
Allowed boolean Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github_
owned_ boolallowed Whether GitHub-owned actions are allowed in the organization.
- patterns_
alloweds Sequence[str] Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified_
allowed bool Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github
Owned BooleanAllowed Whether GitHub-owned actions are allowed in the organization.
- patterns
Alloweds List<String> Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified
Allowed Boolean Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
ActionsOrganizationPermissionsEnabledRepositoriesConfig
- Repository
Ids List<int> List of repository IDs to enable for GitHub Actions.
- Repository
Ids []int List of repository IDs to enable for GitHub Actions.
- repository
Ids List<Integer> List of repository IDs to enable for GitHub Actions.
- repository
Ids number[] List of repository IDs to enable for GitHub Actions.
- repository_
ids Sequence[int] List of repository IDs to enable for GitHub Actions.
- repository
Ids List<Number> List of repository IDs to enable for GitHub Actions.
Import
This resource can be imported using the ID of the GitHub organization
$ pulumi import github:index/actionsOrganizationPermissions:ActionsOrganizationPermissions test <github_organization_name>
Package Details
- Repository
- GitHub pulumi/pulumi-github
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
githubTerraform Provider.