Docs Home
GitHub v6.7.2 published on Wednesday, Apr 30, 2025 by Pulumi
github.ActionsRepositoryPermissions
Explore with Pulumi AI
This resource allows you to enable and manage GitHub Actions permissions for a given repository. You must have admin access to an repository to use this resource.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as github from "@pulumi/github";
const example = new github.Repository("example", {name: "my-repository"});
const test = new github.ActionsRepositoryPermissions("test", {
allowedActions: "selected",
allowedActionsConfig: {
githubOwnedAllowed: true,
patternsAlloweds: [
"actions/cache@*",
"actions/checkout@*",
],
verifiedAllowed: true,
},
repository: example.name,
});
import pulumi
import pulumi_github as github
example = github.Repository("example", name="my-repository")
test = github.ActionsRepositoryPermissions("test",
allowed_actions="selected",
allowed_actions_config={
"github_owned_allowed": True,
"patterns_alloweds": [
"actions/cache@*",
"actions/checkout@*",
],
"verified_allowed": True,
},
repository=example.name)
package main
import (
"github.com/pulumi/pulumi-github/sdk/v6/go/github"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := github.NewRepository(ctx, "example", &github.RepositoryArgs{
Name: pulumi.String("my-repository"),
})
if err != nil {
return err
}
_, err = github.NewActionsRepositoryPermissions(ctx, "test", &github.ActionsRepositoryPermissionsArgs{
AllowedActions: pulumi.String("selected"),
AllowedActionsConfig: &github.ActionsRepositoryPermissionsAllowedActionsConfigArgs{
GithubOwnedAllowed: pulumi.Bool(true),
PatternsAlloweds: pulumi.StringArray{
pulumi.String("actions/cache@*"),
pulumi.String("actions/checkout@*"),
},
VerifiedAllowed: pulumi.Bool(true),
},
Repository: example.Name,
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Github = Pulumi.Github;
return await Deployment.RunAsync(() =>
{
var example = new Github.Repository("example", new()
{
Name = "my-repository",
});
var test = new Github.ActionsRepositoryPermissions("test", new()
{
AllowedActions = "selected",
AllowedActionsConfig = new Github.Inputs.ActionsRepositoryPermissionsAllowedActionsConfigArgs
{
GithubOwnedAllowed = true,
PatternsAlloweds = new[]
{
"actions/cache@*",
"actions/checkout@*",
},
VerifiedAllowed = true,
},
Repository = example.Name,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.github.Repository;
import com.pulumi.github.RepositoryArgs;
import com.pulumi.github.ActionsRepositoryPermissions;
import com.pulumi.github.ActionsRepositoryPermissionsArgs;
import com.pulumi.github.inputs.ActionsRepositoryPermissionsAllowedActionsConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Repository("example", RepositoryArgs.builder()
.name("my-repository")
.build());
var test = new ActionsRepositoryPermissions("test", ActionsRepositoryPermissionsArgs.builder()
.allowedActions("selected")
.allowedActionsConfig(ActionsRepositoryPermissionsAllowedActionsConfigArgs.builder()
.githubOwnedAllowed(true)
.patternsAlloweds(
"actions/cache@*",
"actions/checkout@*")
.verifiedAllowed(true)
.build())
.repository(example.name())
.build());
}
}
resources:
example:
type: github:Repository
properties:
name: my-repository
test:
type: github:ActionsRepositoryPermissions
properties:
allowedActions: selected
allowedActionsConfig:
githubOwnedAllowed: true
patternsAlloweds:
- actions/cache@*
- actions/checkout@*
verifiedAllowed: true
repository: ${example.name}
Create ActionsRepositoryPermissions Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ActionsRepositoryPermissions(name: string, args: ActionsRepositoryPermissionsArgs, opts?: CustomResourceOptions);@overload
def ActionsRepositoryPermissions(resource_name: str,
args: ActionsRepositoryPermissionsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ActionsRepositoryPermissions(resource_name: str,
opts: Optional[ResourceOptions] = None,
repository: Optional[str] = None,
allowed_actions: Optional[str] = None,
allowed_actions_config: Optional[ActionsRepositoryPermissionsAllowedActionsConfigArgs] = None,
enabled: Optional[bool] = None)func NewActionsRepositoryPermissions(ctx *Context, name string, args ActionsRepositoryPermissionsArgs, opts ...ResourceOption) (*ActionsRepositoryPermissions, error)public ActionsRepositoryPermissions(string name, ActionsRepositoryPermissionsArgs args, CustomResourceOptions? opts = null)
public ActionsRepositoryPermissions(String name, ActionsRepositoryPermissionsArgs args)
public ActionsRepositoryPermissions(String name, ActionsRepositoryPermissionsArgs args, CustomResourceOptions options)
type: github:ActionsRepositoryPermissions
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ActionsRepositoryPermissionsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ActionsRepositoryPermissionsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ActionsRepositoryPermissionsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ActionsRepositoryPermissionsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ActionsRepositoryPermissionsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var actionsRepositoryPermissionsResource = new Github.ActionsRepositoryPermissions("actionsRepositoryPermissionsResource", new()
{
Repository = "string",
AllowedActions = "string",
AllowedActionsConfig = new Github.Inputs.ActionsRepositoryPermissionsAllowedActionsConfigArgs
{
GithubOwnedAllowed = false,
PatternsAlloweds = new[]
{
"string",
},
VerifiedAllowed = false,
},
Enabled = false,
});
example, err := github.NewActionsRepositoryPermissions(ctx, "actionsRepositoryPermissionsResource", &github.ActionsRepositoryPermissionsArgs{
Repository: pulumi.String("string"),
AllowedActions: pulumi.String("string"),
AllowedActionsConfig: &github.ActionsRepositoryPermissionsAllowedActionsConfigArgs{
GithubOwnedAllowed: pulumi.Bool(false),
PatternsAlloweds: pulumi.StringArray{
pulumi.String("string"),
},
VerifiedAllowed: pulumi.Bool(false),
},
Enabled: pulumi.Bool(false),
})
var actionsRepositoryPermissionsResource = new ActionsRepositoryPermissions("actionsRepositoryPermissionsResource", ActionsRepositoryPermissionsArgs.builder()
.repository("string")
.allowedActions("string")
.allowedActionsConfig(ActionsRepositoryPermissionsAllowedActionsConfigArgs.builder()
.githubOwnedAllowed(false)
.patternsAlloweds("string")
.verifiedAllowed(false)
.build())
.enabled(false)
.build());
actions_repository_permissions_resource = github.ActionsRepositoryPermissions("actionsRepositoryPermissionsResource",
repository="string",
allowed_actions="string",
allowed_actions_config={
"github_owned_allowed": False,
"patterns_alloweds": ["string"],
"verified_allowed": False,
},
enabled=False)
const actionsRepositoryPermissionsResource = new github.ActionsRepositoryPermissions("actionsRepositoryPermissionsResource", {
repository: "string",
allowedActions: "string",
allowedActionsConfig: {
githubOwnedAllowed: false,
patternsAlloweds: ["string"],
verifiedAllowed: false,
},
enabled: false,
});
type: github:ActionsRepositoryPermissions
properties:
allowedActions: string
allowedActionsConfig:
githubOwnedAllowed: false
patternsAlloweds:
- string
verifiedAllowed: false
enabled: false
repository: string
ActionsRepositoryPermissions Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ActionsRepositoryPermissions resource accepts the following input properties:
- Repository string
- The GitHub repository
- Allowed
Actions string - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - Allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - Enabled bool
- Should GitHub actions be enabled on this repository?
- Repository string
- The GitHub repository
- Allowed
Actions string - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - Allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config Args - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - Enabled bool
- Should GitHub actions be enabled on this repository?
- repository String
- The GitHub repository
- allowed
Actions String - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled Boolean
- Should GitHub actions be enabled on this repository?
- repository string
- The GitHub repository
- allowed
Actions string - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled boolean
- Should GitHub actions be enabled on this repository?
- repository str
- The GitHub repository
- allowed_
actions str - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed_
actions_ Actionsconfig Repository Permissions Allowed Actions Config Args - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled bool
- Should GitHub actions be enabled on this repository?
- repository String
- The GitHub repository
- allowed
Actions String - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed
Actions Property MapConfig - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled Boolean
- Should GitHub actions be enabled on this repository?
Outputs
All input properties are implicitly available as output properties. Additionally, the ActionsRepositoryPermissions resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ActionsRepositoryPermissions Resource
Get an existing ActionsRepositoryPermissions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ActionsRepositoryPermissionsState, opts?: CustomResourceOptions): ActionsRepositoryPermissions@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allowed_actions: Optional[str] = None,
allowed_actions_config: Optional[ActionsRepositoryPermissionsAllowedActionsConfigArgs] = None,
enabled: Optional[bool] = None,
repository: Optional[str] = None) -> ActionsRepositoryPermissionsfunc GetActionsRepositoryPermissions(ctx *Context, name string, id IDInput, state *ActionsRepositoryPermissionsState, opts ...ResourceOption) (*ActionsRepositoryPermissions, error)public static ActionsRepositoryPermissions Get(string name, Input<string> id, ActionsRepositoryPermissionsState? state, CustomResourceOptions? opts = null)public static ActionsRepositoryPermissions get(String name, Output<String> id, ActionsRepositoryPermissionsState state, CustomResourceOptions options)resources: _: type: github:ActionsRepositoryPermissions get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allowed
Actions string - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - Allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - Enabled bool
- Should GitHub actions be enabled on this repository?
- Repository string
- The GitHub repository
- Allowed
Actions string - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - Allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config Args - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - Enabled bool
- Should GitHub actions be enabled on this repository?
- Repository string
- The GitHub repository
- allowed
Actions String - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled Boolean
- Should GitHub actions be enabled on this repository?
- repository String
- The GitHub repository
- allowed
Actions string - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed
Actions ActionsConfig Repository Permissions Allowed Actions Config - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled boolean
- Should GitHub actions be enabled on this repository?
- repository string
- The GitHub repository
- allowed_
actions str - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed_
actions_ Actionsconfig Repository Permissions Allowed Actions Config Args - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled bool
- Should GitHub actions be enabled on this repository?
- repository str
- The GitHub repository
- allowed
Actions String - The permissions policy that controls the actions that are allowed to run. Can be one of:
all,local_only, orselected. - allowed
Actions Property MapConfig - Sets the actions that are allowed in an repository. Only available when
allowed_actions=selected. See Allowed Actions Config below for details. - enabled Boolean
- Should GitHub actions be enabled on this repository?
- repository String
- The GitHub repository
Supporting Types
ActionsRepositoryPermissionsAllowedActionsConfig, ActionsRepositoryPermissionsAllowedActionsConfigArgs
- Github
Owned boolAllowed - Whether GitHub-owned actions are allowed in the repository.
- Patterns
Alloweds List<string> - Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- Verified
Allowed bool - Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- Github
Owned boolAllowed - Whether GitHub-owned actions are allowed in the repository.
- Patterns
Alloweds []string - Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- Verified
Allowed bool - Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github
Owned BooleanAllowed - Whether GitHub-owned actions are allowed in the repository.
- patterns
Alloweds List<String> - Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified
Allowed Boolean - Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github
Owned booleanAllowed - Whether GitHub-owned actions are allowed in the repository.
- patterns
Alloweds string[] - Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified
Allowed boolean - Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github_
owned_ boolallowed - Whether GitHub-owned actions are allowed in the repository.
- patterns_
alloweds Sequence[str] - Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified_
allowed bool - Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
- github
Owned BooleanAllowed - Whether GitHub-owned actions are allowed in the repository.
- patterns
Alloweds List<String> - Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@, monalisa/octocat@v2, monalisa/."
- verified
Allowed Boolean - Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
Import
This resource can be imported using the name of the GitHub repository:
$ pulumi import github:index/actionsRepositoryPermissions:ActionsRepositoryPermissions test my-repository
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- GitHub pulumi/pulumi-github
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
githubTerraform Provider.