harbor.RobotAccount
Explore with Pulumi AI
# Resource: harbor.RobotAccount
Harbor supports different levels of robot accounts. Currently system
and project
level robot accounts are supported.
Example Usage
System Level
Introduced in harbor 2.2.0, system level robot accounts can have basically all available permissions in harbor and are not dependent on a single project.
resource "random_password" "password" {
length = 12
special = false
}
resource "harbor_project" "main" {
name = "main"
}
resource "harbor_robot_account" "system" {
name = "example-system"
description = "system level robot account"
level = "system"
secret = resource.random_password.password.result
permissions {
access {
action = "create"
resource = "labels"
}
kind = "system"
namespace = "/"
}
permissions {
access {
action = "push"
resource = "repository"
}
kind = "project"
namespace = harbor_project.main.name
}
permissions {
access {
action = "pull"
resource = "repository"
}
kind = "project"
namespace = "*"
}
}
The above example, creates a system level robot account with permissions to
- permission to create labels on system level
- pull repository across all projects
- push repository to project “my-project-name”
Project Level
Other than system level robot accounts, project level robot accounts can interact on project level only. The available permissions are mostly the same as for system level robots.
resource "harbor_project" "main" {
name = "main"
}
resource "harbor_robot_account" "project" {
name = "example-project"
description = "project level robot account"
level = "project"
permissions {
access {
action = "pull"
resource = "repository"
}
access {
action = "push"
resource = "repository"
}
kind = "project"
namespace = harbor_project.main.name
}
}
The above example creates a project level robot account with permissions to
- pull repository on project “main”
- push repository on project “main”
Create RobotAccount Resource
new RobotAccount(name: string, args: RobotAccountArgs, opts?: CustomResourceOptions);
@overload
def RobotAccount(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
disable: Optional[bool] = None,
duration: Optional[int] = None,
level: Optional[str] = None,
name: Optional[str] = None,
permissions: Optional[Sequence[RobotAccountPermissionArgs]] = None,
secret: Optional[str] = None)
@overload
def RobotAccount(resource_name: str,
args: RobotAccountArgs,
opts: Optional[ResourceOptions] = None)
func NewRobotAccount(ctx *Context, name string, args RobotAccountArgs, opts ...ResourceOption) (*RobotAccount, error)
public RobotAccount(string name, RobotAccountArgs args, CustomResourceOptions? opts = null)
public RobotAccount(String name, RobotAccountArgs args)
public RobotAccount(String name, RobotAccountArgs args, CustomResourceOptions options)
type: harbor:RobotAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RobotAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RobotAccountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RobotAccountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RobotAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RobotAccountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
RobotAccount Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The RobotAccount resource accepts the following input properties:
- Level string
- Permissions
List<Pulumiverse.
Harbor. Inputs. Robot Account Permission> - Description string
- Disable bool
- Duration int
- Name string
- Secret string
- Level string
- Permissions
[]Robot
Account Permission Args - Description string
- Disable bool
- Duration int
- Name string
- Secret string
- level String
- permissions
List<Robot
Account Permission> - description String
- disable Boolean
- duration Integer
- name String
- secret String
- level string
- permissions
Robot
Account Permission[] - description string
- disable boolean
- duration number
- name string
- secret string
- level str
- permissions
Sequence[Robot
Account Permission Args] - description str
- disable bool
- duration int
- name str
- secret str
- level String
- permissions List<Property Map>
- description String
- disable Boolean
- duration Number
- name String
- secret String
Outputs
All input properties are implicitly available as output properties. Additionally, the RobotAccount resource produces the following output properties:
Look up Existing RobotAccount Resource
Get an existing RobotAccount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RobotAccountState, opts?: CustomResourceOptions): RobotAccount
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
disable: Optional[bool] = None,
duration: Optional[int] = None,
full_name: Optional[str] = None,
level: Optional[str] = None,
name: Optional[str] = None,
permissions: Optional[Sequence[RobotAccountPermissionArgs]] = None,
robot_id: Optional[str] = None,
secret: Optional[str] = None) -> RobotAccount
func GetRobotAccount(ctx *Context, name string, id IDInput, state *RobotAccountState, opts ...ResourceOption) (*RobotAccount, error)
public static RobotAccount Get(string name, Input<string> id, RobotAccountState? state, CustomResourceOptions? opts = null)
public static RobotAccount get(String name, Output<String> id, RobotAccountState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- Disable bool
- Duration int
- Full
Name string - Level string
- Name string
- Permissions
List<Pulumiverse.
Harbor. Inputs. Robot Account Permission> - Robot
Id string - Secret string
- Description string
- Disable bool
- Duration int
- Full
Name string - Level string
- Name string
- Permissions
[]Robot
Account Permission Args - Robot
Id string - Secret string
- description String
- disable Boolean
- duration Integer
- full
Name String - level String
- name String
- permissions
List<Robot
Account Permission> - robot
Id String - secret String
- description string
- disable boolean
- duration number
- full
Name string - level string
- name string
- permissions
Robot
Account Permission[] - robot
Id string - secret string
- description str
- disable bool
- duration int
- full_
name str - level str
- name str
- permissions
Sequence[Robot
Account Permission Args] - robot_
id str - secret str
- description String
- disable Boolean
- duration Number
- full
Name String - level String
- name String
- permissions List<Property Map>
- robot
Id String - secret String
Supporting Types
RobotAccountPermission, RobotAccountPermissionArgs
- Accesses
[]Robot
Account Permission Access - Kind string
- Namespace string
- accesses
List<Robot
Account Permission Access> - kind String
- namespace String
- accesses
Robot
Account Permission Access[] - kind string
- namespace string
- accesses List<Property Map>
- kind String
- namespace String
RobotAccountPermissionAccess, RobotAccountPermissionAccessArgs
Import
Harbor robot account can be imported using the robot account id
eg,<break><break> ```sh<break> $ pulumi import harbor:index/robotAccount:RobotAccount system /robots/123 <break>```<break><break>
Package Details
- Repository
- harbor pulumiverse/pulumi-harbor
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
harbor
Terraform Provider.