NS1 v3.6.3, May 8 25

NS1 v3.6.3 published on Thursday, May 8, 2025 by Pulumi

ns1.APIKey

Explore with Pulumi AI

NS1 v3.6.3 published on Thursday, May 8, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as ns1 from "@pulumi/ns1";

const example = new ns1.Team("example", {name: "Example team"});
const exampleAPIKey = new ns1.APIKey("example", {
    name: "Example key",
    teams: [example.id],
    ipWhitelists: [
        "1.1.1.1",
        "2.2.2.2",
    ],
    dnsViewZones: false,
    accountManageUsers: false,
});

import pulumi
import pulumi_ns1 as ns1

example = ns1.Team("example", name="Example team")
example_api_key = ns1.APIKey("example",
    name="Example key",
    teams=[example.id],
    ip_whitelists=[
        "1.1.1.1",
        "2.2.2.2",
    ],
    dns_view_zones=False,
    account_manage_users=False)

package main

import (
	"github.com/pulumi/pulumi-ns1/sdk/v3/go/ns1"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := ns1.NewTeam(ctx, "example", &ns1.TeamArgs{
			Name: pulumi.String("Example team"),
		})
		if err != nil {
			return err
		}
		_, err = ns1.NewAPIKey(ctx, "example", &ns1.APIKeyArgs{
			Name: pulumi.String("Example key"),
			Teams: pulumi.StringArray{
				example.ID(),
			},
			IpWhitelists: pulumi.StringArray{
				pulumi.String("1.1.1.1"),
				pulumi.String("2.2.2.2"),
			},
			DnsViewZones:       pulumi.Bool(false),
			AccountManageUsers: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ns1 = Pulumi.Ns1;

return await Deployment.RunAsync(() => 
{
    var example = new Ns1.Team("example", new()
    {
        Name = "Example team",
    });

    var exampleAPIKey = new Ns1.APIKey("example", new()
    {
        Name = "Example key",
        Teams = new[]
        {
            example.Id,
        },
        IpWhitelists = new[]
        {
            "1.1.1.1",
            "2.2.2.2",
        },
        DnsViewZones = false,
        AccountManageUsers = false,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ns1.Team;
import com.pulumi.ns1.TeamArgs;
import com.pulumi.ns1.APIKey;
import com.pulumi.ns1.APIKeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new Team("example", TeamArgs.builder()
            .name("Example team")
            .build());

        var exampleAPIKey = new APIKey("exampleAPIKey", APIKeyArgs.builder()
            .name("Example key")
            .teams(example.id())
            .ipWhitelists(            
                "1.1.1.1",
                "2.2.2.2")
            .dnsViewZones(false)
            .accountManageUsers(false)
            .build());

    }
}

resources:
  example:
    type: ns1:Team
    properties:
      name: Example team
  exampleAPIKey:
    type: ns1:APIKey
    name: example
    properties:
      name: Example key
      teams:
        - ${example.id}
      ipWhitelists:
        - 1.1.1.1
        - 2.2.2.2
      dnsViewZones: false
      accountManageUsers: false

Permissions

An API key will inherit permissions from the teams it is assigned to. If a key is assigned to a team and also has individual permissions set on the key, the individual permissions will be overridden by the inherited team permissions. In a future release, setting permissions on a key that is part of a team will be explicitly disabled.

When a key is removed from all teams completely, it will inherit whatever permissions it had previously. If a key is removed from all it’s teams, it will probably be necessary to run pulumi up a second time to update the keys permissions from it’s old team permissions to new key-specific permissions.

See the NS1 API docs for an overview of permission semantics or for more details about the individual permission flags.

NS1 Documentation

ApiKeys Api Doc

Create APIKey Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new APIKey(name: string, args?: APIKeyArgs, opts?: CustomResourceOptions);

@overload
def APIKey(resource_name: str,
           args: Optional[APIKeyArgs] = None,
           opts: Optional[ResourceOptions] = None)

@overload
def APIKey(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           account_manage_account_settings: Optional[bool] = None,
           account_manage_apikeys: Optional[bool] = None,
           account_manage_ip_whitelist: Optional[bool] = None,
           account_manage_payment_methods: Optional[bool] = None,
           account_manage_plan: Optional[bool] = None,
           account_manage_teams: Optional[bool] = None,
           account_manage_users: Optional[bool] = None,
           account_view_activity_log: Optional[bool] = None,
           account_view_invoices: Optional[bool] = None,
           data_manage_datafeeds: Optional[bool] = None,
           data_manage_datasources: Optional[bool] = None,
           data_push_to_datafeeds: Optional[bool] = None,
           dns_manage_zones: Optional[bool] = None,
           dns_records_allows: Optional[Sequence[APIKeyDnsRecordsAllowArgs]] = None,
           dns_records_denies: Optional[Sequence[APIKeyDnsRecordsDenyArgs]] = None,
           dns_view_zones: Optional[bool] = None,
           dns_zones_allow_by_default: Optional[bool] = None,
           dns_zones_allows: Optional[Sequence[str]] = None,
           dns_zones_denies: Optional[Sequence[str]] = None,
           ip_whitelist_strict: Optional[bool] = None,
           ip_whitelists: Optional[Sequence[str]] = None,
           monitoring_create_jobs: Optional[bool] = None,
           monitoring_delete_jobs: Optional[bool] = None,
           monitoring_manage_jobs: Optional[bool] = None,
           monitoring_manage_lists: Optional[bool] = None,
           monitoring_update_jobs: Optional[bool] = None,
           monitoring_view_jobs: Optional[bool] = None,
           name: Optional[str] = None,
           security_manage_active_directory: Optional[bool] = None,
           security_manage_global2fa: Optional[bool] = None,
           teams: Optional[Sequence[str]] = None)

func NewAPIKey(ctx *Context, name string, args *APIKeyArgs, opts ...ResourceOption) (*APIKey, error)

public APIKey(string name, APIKeyArgs? args = null, CustomResourceOptions? opts = null)

public APIKey(String name, APIKeyArgs args)
public APIKey(String name, APIKeyArgs args, CustomResourceOptions options)

type: ns1:APIKey
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args APIKeyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args APIKeyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args APIKeyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args APIKeyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args APIKeyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var apikeyResource = new Ns1.APIKey("apikeyResource", new()
{
    AccountManageAccountSettings = false,
    AccountManageApikeys = false,
    AccountManageIpWhitelist = false,
    AccountManagePaymentMethods = false,
    AccountManageTeams = false,
    AccountManageUsers = false,
    AccountViewActivityLog = false,
    AccountViewInvoices = false,
    DataManageDatafeeds = false,
    DataManageDatasources = false,
    DataPushToDatafeeds = false,
    DnsManageZones = false,
    DnsRecordsAllows = new[]
    {
        new Ns1.Inputs.APIKeyDnsRecordsAllowArgs
        {
            Domain = "string",
            IncludeSubdomains = false,
            Type = "string",
            Zone = "string",
        },
    },
    DnsRecordsDenies = new[]
    {
        new Ns1.Inputs.APIKeyDnsRecordsDenyArgs
        {
            Domain = "string",
            IncludeSubdomains = false,
            Type = "string",
            Zone = "string",
        },
    },
    DnsViewZones = false,
    DnsZonesAllowByDefault = false,
    DnsZonesAllows = new[]
    {
        "string",
    },
    DnsZonesDenies = new[]
    {
        "string",
    },
    IpWhitelistStrict = false,
    IpWhitelists = new[]
    {
        "string",
    },
    MonitoringCreateJobs = false,
    MonitoringDeleteJobs = false,
    MonitoringManageJobs = false,
    MonitoringManageLists = false,
    MonitoringUpdateJobs = false,
    MonitoringViewJobs = false,
    Name = "string",
    SecurityManageActiveDirectory = false,
    SecurityManageGlobal2fa = false,
    Teams = new[]
    {
        "string",
    },
});

example, err := ns1.NewAPIKey(ctx, "apikeyResource", &ns1.APIKeyArgs{
	AccountManageAccountSettings: pulumi.Bool(false),
	AccountManageApikeys:         pulumi.Bool(false),
	AccountManageIpWhitelist:     pulumi.Bool(false),
	AccountManagePaymentMethods:  pulumi.Bool(false),
	AccountManageTeams:           pulumi.Bool(false),
	AccountManageUsers:           pulumi.Bool(false),
	AccountViewActivityLog:       pulumi.Bool(false),
	AccountViewInvoices:          pulumi.Bool(false),
	DataManageDatafeeds:          pulumi.Bool(false),
	DataManageDatasources:        pulumi.Bool(false),
	DataPushToDatafeeds:          pulumi.Bool(false),
	DnsManageZones:               pulumi.Bool(false),
	DnsRecordsAllows: ns1.APIKeyDnsRecordsAllowArray{
		&ns1.APIKeyDnsRecordsAllowArgs{
			Domain:            pulumi.String("string"),
			IncludeSubdomains: pulumi.Bool(false),
			Type:              pulumi.String("string"),
			Zone:              pulumi.String("string"),
		},
	},
	DnsRecordsDenies: ns1.APIKeyDnsRecordsDenyArray{
		&ns1.APIKeyDnsRecordsDenyArgs{
			Domain:            pulumi.String("string"),
			IncludeSubdomains: pulumi.Bool(false),
			Type:              pulumi.String("string"),
			Zone:              pulumi.String("string"),
		},
	},
	DnsViewZones:           pulumi.Bool(false),
	DnsZonesAllowByDefault: pulumi.Bool(false),
	DnsZonesAllows: pulumi.StringArray{
		pulumi.String("string"),
	},
	DnsZonesDenies: pulumi.StringArray{
		pulumi.String("string"),
	},
	IpWhitelistStrict: pulumi.Bool(false),
	IpWhitelists: pulumi.StringArray{
		pulumi.String("string"),
	},
	MonitoringCreateJobs:          pulumi.Bool(false),
	MonitoringDeleteJobs:          pulumi.Bool(false),
	MonitoringManageJobs:          pulumi.Bool(false),
	MonitoringManageLists:         pulumi.Bool(false),
	MonitoringUpdateJobs:          pulumi.Bool(false),
	MonitoringViewJobs:            pulumi.Bool(false),
	Name:                          pulumi.String("string"),
	SecurityManageActiveDirectory: pulumi.Bool(false),
	SecurityManageGlobal2fa:       pulumi.Bool(false),
	Teams: pulumi.StringArray{
		pulumi.String("string"),
	},
})

var apikeyResource = new APIKey("apikeyResource", APIKeyArgs.builder()
    .accountManageAccountSettings(false)
    .accountManageApikeys(false)
    .accountManageIpWhitelist(false)
    .accountManagePaymentMethods(false)
    .accountManageTeams(false)
    .accountManageUsers(false)
    .accountViewActivityLog(false)
    .accountViewInvoices(false)
    .dataManageDatafeeds(false)
    .dataManageDatasources(false)
    .dataPushToDatafeeds(false)
    .dnsManageZones(false)
    .dnsRecordsAllows(APIKeyDnsRecordsAllowArgs.builder()
        .domain("string")
        .includeSubdomains(false)
        .type("string")
        .zone("string")
        .build())
    .dnsRecordsDenies(APIKeyDnsRecordsDenyArgs.builder()
        .domain("string")
        .includeSubdomains(false)
        .type("string")
        .zone("string")
        .build())
    .dnsViewZones(false)
    .dnsZonesAllowByDefault(false)
    .dnsZonesAllows("string")
    .dnsZonesDenies("string")
    .ipWhitelistStrict(false)
    .ipWhitelists("string")
    .monitoringCreateJobs(false)
    .monitoringDeleteJobs(false)
    .monitoringManageJobs(false)
    .monitoringManageLists(false)
    .monitoringUpdateJobs(false)
    .monitoringViewJobs(false)
    .name("string")
    .securityManageActiveDirectory(false)
    .securityManageGlobal2fa(false)
    .teams("string")
    .build());

apikey_resource = ns1.APIKey("apikeyResource",
    account_manage_account_settings=False,
    account_manage_apikeys=False,
    account_manage_ip_whitelist=False,
    account_manage_payment_methods=False,
    account_manage_teams=False,
    account_manage_users=False,
    account_view_activity_log=False,
    account_view_invoices=False,
    data_manage_datafeeds=False,
    data_manage_datasources=False,
    data_push_to_datafeeds=False,
    dns_manage_zones=False,
    dns_records_allows=[{
        "domain": "string",
        "include_subdomains": False,
        "type": "string",
        "zone": "string",
    }],
    dns_records_denies=[{
        "domain": "string",
        "include_subdomains": False,
        "type": "string",
        "zone": "string",
    }],
    dns_view_zones=False,
    dns_zones_allow_by_default=False,
    dns_zones_allows=["string"],
    dns_zones_denies=["string"],
    ip_whitelist_strict=False,
    ip_whitelists=["string"],
    monitoring_create_jobs=False,
    monitoring_delete_jobs=False,
    monitoring_manage_jobs=False,
    monitoring_manage_lists=False,
    monitoring_update_jobs=False,
    monitoring_view_jobs=False,
    name="string",
    security_manage_active_directory=False,
    security_manage_global2fa=False,
    teams=["string"])

const apikeyResource = new ns1.APIKey("apikeyResource", {
    accountManageAccountSettings: false,
    accountManageApikeys: false,
    accountManageIpWhitelist: false,
    accountManagePaymentMethods: false,
    accountManageTeams: false,
    accountManageUsers: false,
    accountViewActivityLog: false,
    accountViewInvoices: false,
    dataManageDatafeeds: false,
    dataManageDatasources: false,
    dataPushToDatafeeds: false,
    dnsManageZones: false,
    dnsRecordsAllows: [{
        domain: "string",
        includeSubdomains: false,
        type: "string",
        zone: "string",
    }],
    dnsRecordsDenies: [{
        domain: "string",
        includeSubdomains: false,
        type: "string",
        zone: "string",
    }],
    dnsViewZones: false,
    dnsZonesAllowByDefault: false,
    dnsZonesAllows: ["string"],
    dnsZonesDenies: ["string"],
    ipWhitelistStrict: false,
    ipWhitelists: ["string"],
    monitoringCreateJobs: false,
    monitoringDeleteJobs: false,
    monitoringManageJobs: false,
    monitoringManageLists: false,
    monitoringUpdateJobs: false,
    monitoringViewJobs: false,
    name: "string",
    securityManageActiveDirectory: false,
    securityManageGlobal2fa: false,
    teams: ["string"],
});

type: ns1:APIKey
properties:
    accountManageAccountSettings: false
    accountManageApikeys: false
    accountManageIpWhitelist: false
    accountManagePaymentMethods: false
    accountManageTeams: false
    accountManageUsers: false
    accountViewActivityLog: false
    accountViewInvoices: false
    dataManageDatafeeds: false
    dataManageDatasources: false
    dataPushToDatafeeds: false
    dnsManageZones: false
    dnsRecordsAllows:
        - domain: string
          includeSubdomains: false
          type: string
          zone: string
    dnsRecordsDenies:
        - domain: string
          includeSubdomains: false
          type: string
          zone: string
    dnsViewZones: false
    dnsZonesAllowByDefault: false
    dnsZonesAllows:
        - string
    dnsZonesDenies:
        - string
    ipWhitelistStrict: false
    ipWhitelists:
        - string
    monitoringCreateJobs: false
    monitoringDeleteJobs: false
    monitoringManageJobs: false
    monitoringManageLists: false
    monitoringUpdateJobs: false
    monitoringViewJobs: false
    name: string
    securityManageActiveDirectory: false
    securityManageGlobal2fa: false
    teams:
        - string

APIKey Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The APIKey resource accepts the following input properties:

AccountManageAccountSettings bool: Whether the apikey can modify account settings.
AccountManageApikeys bool: Whether the apikey can modify account apikeys.
AccountManageIpWhitelist bool: Whether the apikey can manage ip whitelist.
AccountManagePaymentMethods bool: Whether the apikey can modify account payment methods.
AccountManagePlan bool: No longer in use.
Deprecated: obsolete, should no longer be used
AccountManageTeams bool: Whether the apikey can modify other teams in the account.
AccountManageUsers bool: Whether the apikey can modify account users.
AccountViewActivityLog bool: Whether the apikey can view activity logs.
AccountViewInvoices bool: Whether the apikey can view invoices.
DataManageDatafeeds bool: Whether the apikey can modify data feeds.
DataManageDatasources bool: Whether the apikey can modify data sources.
DataPushToDatafeeds bool: Whether the apikey can publish to data feeds.
DnsManageZones bool: Whether the apikey can modify the accounts zones.
DnsRecordsAllows List<APIKeyDnsRecordsAllow>: List of records that the apikey may access.
DnsRecordsDenies List<APIKeyDnsRecordsDeny>: List of records that the apikey may not access.
DnsViewZones bool: Whether the apikey can view the accounts zones.
DnsZonesAllowByDefault bool: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
DnsZonesAllows List<string>: List of zones that the apikey may access.
DnsZonesDenies List<string>: List of zones that the apikey may not access.
IpWhitelistStrict bool: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
IpWhitelists List<string>: Array of IP addresses/networks to which to grant the API key access.
MonitoringCreateJobs bool: Whether the user can create monitoring jobs when manage_jobs is not set to true.
MonitoringDeleteJobs bool: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
MonitoringManageJobs bool: Whether the user can create, update, and delete monitoring jobs.
MonitoringManageLists bool: Whether the apikey can modify notification lists.
MonitoringUpdateJobs bool: Whether the user can update monitoring jobs when manage_jobs is not set to true.
MonitoringViewJobs bool: Whether the apikey can view monitoring jobs.
Name string: The free form name of the apikey.
SecurityManageActiveDirectory bool: Whether the apikey can manage global active directory. Only relevant for the DDI product.
SecurityManageGlobal2fa bool: Whether the apikey can manage global two factor authentication.
Teams List<string>: The teams that the apikey belongs to.

AccountManageAccountSettings bool: Whether the apikey can modify account settings.
AccountManageApikeys bool: Whether the apikey can modify account apikeys.
AccountManageIpWhitelist bool: Whether the apikey can manage ip whitelist.
AccountManagePaymentMethods bool: Whether the apikey can modify account payment methods.
AccountManagePlan bool: No longer in use.
Deprecated: obsolete, should no longer be used
AccountManageTeams bool: Whether the apikey can modify other teams in the account.
AccountManageUsers bool: Whether the apikey can modify account users.
AccountViewActivityLog bool: Whether the apikey can view activity logs.
AccountViewInvoices bool: Whether the apikey can view invoices.
DataManageDatafeeds bool: Whether the apikey can modify data feeds.
DataManageDatasources bool: Whether the apikey can modify data sources.
DataPushToDatafeeds bool: Whether the apikey can publish to data feeds.
DnsManageZones bool: Whether the apikey can modify the accounts zones.
DnsRecordsAllows []APIKeyDnsRecordsAllowArgs: List of records that the apikey may access.
DnsRecordsDenies []APIKeyDnsRecordsDenyArgs: List of records that the apikey may not access.
DnsViewZones bool: Whether the apikey can view the accounts zones.
DnsZonesAllowByDefault bool: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
DnsZonesAllows []string: List of zones that the apikey may access.
DnsZonesDenies []string: List of zones that the apikey may not access.
IpWhitelistStrict bool: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
IpWhitelists []string: Array of IP addresses/networks to which to grant the API key access.
MonitoringCreateJobs bool: Whether the user can create monitoring jobs when manage_jobs is not set to true.
MonitoringDeleteJobs bool: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
MonitoringManageJobs bool: Whether the user can create, update, and delete monitoring jobs.
MonitoringManageLists bool: Whether the apikey can modify notification lists.
MonitoringUpdateJobs bool: Whether the user can update monitoring jobs when manage_jobs is not set to true.
MonitoringViewJobs bool: Whether the apikey can view monitoring jobs.
Name string: The free form name of the apikey.
SecurityManageActiveDirectory bool: Whether the apikey can manage global active directory. Only relevant for the DDI product.
SecurityManageGlobal2fa bool: Whether the apikey can manage global two factor authentication.
Teams []string: The teams that the apikey belongs to.

accountManageAccountSettings Boolean: Whether the apikey can modify account settings.
accountManageApikeys Boolean: Whether the apikey can modify account apikeys.
accountManageIpWhitelist Boolean: Whether the apikey can manage ip whitelist.
accountManagePaymentMethods Boolean: Whether the apikey can modify account payment methods.
accountManagePlan Boolean: No longer in use.
Deprecated: obsolete, should no longer be used
accountManageTeams Boolean: Whether the apikey can modify other teams in the account.
accountManageUsers Boolean: Whether the apikey can modify account users.
accountViewActivityLog Boolean: Whether the apikey can view activity logs.
accountViewInvoices Boolean: Whether the apikey can view invoices.
dataManageDatafeeds Boolean: Whether the apikey can modify data feeds.
dataManageDatasources Boolean: Whether the apikey can modify data sources.
dataPushToDatafeeds Boolean: Whether the apikey can publish to data feeds.
dnsManageZones Boolean: Whether the apikey can modify the accounts zones.
dnsRecordsAllows List<APIKeyDnsRecordsAllow>: List of records that the apikey may access.
dnsRecordsDenies List<APIKeyDnsRecordsDeny>: List of records that the apikey may not access.
dnsViewZones Boolean: Whether the apikey can view the accounts zones.
dnsZonesAllowByDefault Boolean: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dnsZonesAllows List<String>: List of zones that the apikey may access.
dnsZonesDenies List<String>: List of zones that the apikey may not access.
ipWhitelistStrict Boolean: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ipWhitelists List<String>: Array of IP addresses/networks to which to grant the API key access.
monitoringCreateJobs Boolean: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoringDeleteJobs Boolean: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoringManageJobs Boolean: Whether the user can create, update, and delete monitoring jobs.
monitoringManageLists Boolean: Whether the apikey can modify notification lists.
monitoringUpdateJobs Boolean: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoringViewJobs Boolean: Whether the apikey can view monitoring jobs.
name String: The free form name of the apikey.
securityManageActiveDirectory Boolean: Whether the apikey can manage global active directory. Only relevant for the DDI product.
securityManageGlobal2fa Boolean: Whether the apikey can manage global two factor authentication.
teams List<String>: The teams that the apikey belongs to.

accountManageAccountSettings boolean: Whether the apikey can modify account settings.
accountManageApikeys boolean: Whether the apikey can modify account apikeys.
accountManageIpWhitelist boolean: Whether the apikey can manage ip whitelist.
accountManagePaymentMethods boolean: Whether the apikey can modify account payment methods.
accountManagePlan boolean: No longer in use.
Deprecated: obsolete, should no longer be used
accountManageTeams boolean: Whether the apikey can modify other teams in the account.
accountManageUsers boolean: Whether the apikey can modify account users.
accountViewActivityLog boolean: Whether the apikey can view activity logs.
accountViewInvoices boolean: Whether the apikey can view invoices.
dataManageDatafeeds boolean: Whether the apikey can modify data feeds.
dataManageDatasources boolean: Whether the apikey can modify data sources.
dataPushToDatafeeds boolean: Whether the apikey can publish to data feeds.
dnsManageZones boolean: Whether the apikey can modify the accounts zones.
dnsRecordsAllows APIKeyDnsRecordsAllow[]: List of records that the apikey may access.
dnsRecordsDenies APIKeyDnsRecordsDeny[]: List of records that the apikey may not access.
dnsViewZones boolean: Whether the apikey can view the accounts zones.
dnsZonesAllowByDefault boolean: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dnsZonesAllows string[]: List of zones that the apikey may access.
dnsZonesDenies string[]: List of zones that the apikey may not access.
ipWhitelistStrict boolean: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ipWhitelists string[]: Array of IP addresses/networks to which to grant the API key access.
monitoringCreateJobs boolean: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoringDeleteJobs boolean: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoringManageJobs boolean: Whether the user can create, update, and delete monitoring jobs.
monitoringManageLists boolean: Whether the apikey can modify notification lists.
monitoringUpdateJobs boolean: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoringViewJobs boolean: Whether the apikey can view monitoring jobs.
name string: The free form name of the apikey.
securityManageActiveDirectory boolean: Whether the apikey can manage global active directory. Only relevant for the DDI product.
securityManageGlobal2fa boolean: Whether the apikey can manage global two factor authentication.
teams string[]: The teams that the apikey belongs to.

account_manage_account_settings bool: Whether the apikey can modify account settings.
account_manage_apikeys bool: Whether the apikey can modify account apikeys.
account_manage_ip_whitelist bool: Whether the apikey can manage ip whitelist.
account_manage_payment_methods bool: Whether the apikey can modify account payment methods.
account_manage_plan bool: No longer in use.
Deprecated: obsolete, should no longer be used
account_manage_teams bool: Whether the apikey can modify other teams in the account.
account_manage_users bool: Whether the apikey can modify account users.
account_view_activity_log bool: Whether the apikey can view activity logs.
account_view_invoices bool: Whether the apikey can view invoices.
data_manage_datafeeds bool: Whether the apikey can modify data feeds.
data_manage_datasources bool: Whether the apikey can modify data sources.
data_push_to_datafeeds bool: Whether the apikey can publish to data feeds.
dns_manage_zones bool: Whether the apikey can modify the accounts zones.
dns_records_allows Sequence[APIKeyDnsRecordsAllowArgs]: List of records that the apikey may access.
dns_records_denies Sequence[APIKeyDnsRecordsDenyArgs]: List of records that the apikey may not access.
dns_view_zones bool: Whether the apikey can view the accounts zones.
dns_zones_allow_by_default bool: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dns_zones_allows Sequence[str]: List of zones that the apikey may access.
dns_zones_denies Sequence[str]: List of zones that the apikey may not access.
ip_whitelist_strict bool: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ip_whitelists Sequence[str]: Array of IP addresses/networks to which to grant the API key access.
monitoring_create_jobs bool: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoring_delete_jobs bool: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoring_manage_jobs bool: Whether the user can create, update, and delete monitoring jobs.
monitoring_manage_lists bool: Whether the apikey can modify notification lists.
monitoring_update_jobs bool: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoring_view_jobs bool: Whether the apikey can view monitoring jobs.
name str: The free form name of the apikey.
security_manage_active_directory bool: Whether the apikey can manage global active directory. Only relevant for the DDI product.
security_manage_global2fa bool: Whether the apikey can manage global two factor authentication.
teams Sequence[str]: The teams that the apikey belongs to.

accountManageAccountSettings Boolean: Whether the apikey can modify account settings.
accountManageApikeys Boolean: Whether the apikey can modify account apikeys.
accountManageIpWhitelist Boolean: Whether the apikey can manage ip whitelist.
accountManagePaymentMethods Boolean: Whether the apikey can modify account payment methods.
accountManagePlan Boolean: No longer in use.
Deprecated: obsolete, should no longer be used
accountManageTeams Boolean: Whether the apikey can modify other teams in the account.
accountManageUsers Boolean: Whether the apikey can modify account users.
accountViewActivityLog Boolean: Whether the apikey can view activity logs.
accountViewInvoices Boolean: Whether the apikey can view invoices.
dataManageDatafeeds Boolean: Whether the apikey can modify data feeds.
dataManageDatasources Boolean: Whether the apikey can modify data sources.
dataPushToDatafeeds Boolean: Whether the apikey can publish to data feeds.
dnsManageZones Boolean: Whether the apikey can modify the accounts zones.
dnsRecordsAllows List<Property Map>: List of records that the apikey may access.
dnsRecordsDenies List<Property Map>: List of records that the apikey may not access.
dnsViewZones Boolean: Whether the apikey can view the accounts zones.
dnsZonesAllowByDefault Boolean: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dnsZonesAllows List<String>: List of zones that the apikey may access.
dnsZonesDenies List<String>: List of zones that the apikey may not access.
ipWhitelistStrict Boolean: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ipWhitelists List<String>: Array of IP addresses/networks to which to grant the API key access.
monitoringCreateJobs Boolean: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoringDeleteJobs Boolean: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoringManageJobs Boolean: Whether the user can create, update, and delete monitoring jobs.
monitoringManageLists Boolean: Whether the apikey can modify notification lists.
monitoringUpdateJobs Boolean: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoringViewJobs Boolean: Whether the apikey can view monitoring jobs.
name String: The free form name of the apikey.
securityManageActiveDirectory Boolean: Whether the apikey can manage global active directory. Only relevant for the DDI product.
securityManageGlobal2fa Boolean: Whether the apikey can manage global two factor authentication.
teams List<String>: The teams that the apikey belongs to.

Outputs

All input properties are implicitly available as output properties. Additionally, the APIKey resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Key string: (Computed) The apikeys authentication token.

Id string: The provider-assigned unique ID for this managed resource.
Key string: (Computed) The apikeys authentication token.

id String: The provider-assigned unique ID for this managed resource.
key String: (Computed) The apikeys authentication token.

id string: The provider-assigned unique ID for this managed resource.
key string: (Computed) The apikeys authentication token.

id str: The provider-assigned unique ID for this managed resource.
key str: (Computed) The apikeys authentication token.

id String: The provider-assigned unique ID for this managed resource.
key String: (Computed) The apikeys authentication token.

Look up Existing APIKey Resource

Get an existing APIKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: APIKeyState, opts?: CustomResourceOptions): APIKey

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_manage_account_settings: Optional[bool] = None,
        account_manage_apikeys: Optional[bool] = None,
        account_manage_ip_whitelist: Optional[bool] = None,
        account_manage_payment_methods: Optional[bool] = None,
        account_manage_plan: Optional[bool] = None,
        account_manage_teams: Optional[bool] = None,
        account_manage_users: Optional[bool] = None,
        account_view_activity_log: Optional[bool] = None,
        account_view_invoices: Optional[bool] = None,
        data_manage_datafeeds: Optional[bool] = None,
        data_manage_datasources: Optional[bool] = None,
        data_push_to_datafeeds: Optional[bool] = None,
        dns_manage_zones: Optional[bool] = None,
        dns_records_allows: Optional[Sequence[APIKeyDnsRecordsAllowArgs]] = None,
        dns_records_denies: Optional[Sequence[APIKeyDnsRecordsDenyArgs]] = None,
        dns_view_zones: Optional[bool] = None,
        dns_zones_allow_by_default: Optional[bool] = None,
        dns_zones_allows: Optional[Sequence[str]] = None,
        dns_zones_denies: Optional[Sequence[str]] = None,
        ip_whitelist_strict: Optional[bool] = None,
        ip_whitelists: Optional[Sequence[str]] = None,
        key: Optional[str] = None,
        monitoring_create_jobs: Optional[bool] = None,
        monitoring_delete_jobs: Optional[bool] = None,
        monitoring_manage_jobs: Optional[bool] = None,
        monitoring_manage_lists: Optional[bool] = None,
        monitoring_update_jobs: Optional[bool] = None,
        monitoring_view_jobs: Optional[bool] = None,
        name: Optional[str] = None,
        security_manage_active_directory: Optional[bool] = None,
        security_manage_global2fa: Optional[bool] = None,
        teams: Optional[Sequence[str]] = None) -> APIKey

func GetAPIKey(ctx *Context, name string, id IDInput, state *APIKeyState, opts ...ResourceOption) (*APIKey, error)

public static APIKey Get(string name, Input<string> id, APIKeyState? state, CustomResourceOptions? opts = null)

public static APIKey get(String name, Output<String> id, APIKeyState state, CustomResourceOptions options)

resources:  _:    type: ns1:APIKey    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountManageAccountSettings bool: Whether the apikey can modify account settings.
AccountManageApikeys bool: Whether the apikey can modify account apikeys.
AccountManageIpWhitelist bool: Whether the apikey can manage ip whitelist.
AccountManagePaymentMethods bool: Whether the apikey can modify account payment methods.
AccountManagePlan bool: No longer in use.
Deprecated: obsolete, should no longer be used
AccountManageTeams bool: Whether the apikey can modify other teams in the account.
AccountManageUsers bool: Whether the apikey can modify account users.
AccountViewActivityLog bool: Whether the apikey can view activity logs.
AccountViewInvoices bool: Whether the apikey can view invoices.
DataManageDatafeeds bool: Whether the apikey can modify data feeds.
DataManageDatasources bool: Whether the apikey can modify data sources.
DataPushToDatafeeds bool: Whether the apikey can publish to data feeds.
DnsManageZones bool: Whether the apikey can modify the accounts zones.
DnsRecordsAllows List<APIKeyDnsRecordsAllow>: List of records that the apikey may access.
DnsRecordsDenies List<APIKeyDnsRecordsDeny>: List of records that the apikey may not access.
DnsViewZones bool: Whether the apikey can view the accounts zones.
DnsZonesAllowByDefault bool: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
DnsZonesAllows List<string>: List of zones that the apikey may access.
DnsZonesDenies List<string>: List of zones that the apikey may not access.
IpWhitelistStrict bool: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
IpWhitelists List<string>: Array of IP addresses/networks to which to grant the API key access.
Key string: (Computed) The apikeys authentication token.
MonitoringCreateJobs bool: Whether the user can create monitoring jobs when manage_jobs is not set to true.
MonitoringDeleteJobs bool: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
MonitoringManageJobs bool: Whether the user can create, update, and delete monitoring jobs.
MonitoringManageLists bool: Whether the apikey can modify notification lists.
MonitoringUpdateJobs bool: Whether the user can update monitoring jobs when manage_jobs is not set to true.
MonitoringViewJobs bool: Whether the apikey can view monitoring jobs.
Name string: The free form name of the apikey.
SecurityManageActiveDirectory bool: Whether the apikey can manage global active directory. Only relevant for the DDI product.
SecurityManageGlobal2fa bool: Whether the apikey can manage global two factor authentication.
Teams List<string>: The teams that the apikey belongs to.

AccountManageAccountSettings bool: Whether the apikey can modify account settings.
AccountManageApikeys bool: Whether the apikey can modify account apikeys.
AccountManageIpWhitelist bool: Whether the apikey can manage ip whitelist.
AccountManagePaymentMethods bool: Whether the apikey can modify account payment methods.
AccountManagePlan bool: No longer in use.
Deprecated: obsolete, should no longer be used
AccountManageTeams bool: Whether the apikey can modify other teams in the account.
AccountManageUsers bool: Whether the apikey can modify account users.
AccountViewActivityLog bool: Whether the apikey can view activity logs.
AccountViewInvoices bool: Whether the apikey can view invoices.
DataManageDatafeeds bool: Whether the apikey can modify data feeds.
DataManageDatasources bool: Whether the apikey can modify data sources.
DataPushToDatafeeds bool: Whether the apikey can publish to data feeds.
DnsManageZones bool: Whether the apikey can modify the accounts zones.
DnsRecordsAllows []APIKeyDnsRecordsAllowArgs: List of records that the apikey may access.
DnsRecordsDenies []APIKeyDnsRecordsDenyArgs: List of records that the apikey may not access.
DnsViewZones bool: Whether the apikey can view the accounts zones.
DnsZonesAllowByDefault bool: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
DnsZonesAllows []string: List of zones that the apikey may access.
DnsZonesDenies []string: List of zones that the apikey may not access.
IpWhitelistStrict bool: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
IpWhitelists []string: Array of IP addresses/networks to which to grant the API key access.
Key string: (Computed) The apikeys authentication token.
MonitoringCreateJobs bool: Whether the user can create monitoring jobs when manage_jobs is not set to true.
MonitoringDeleteJobs bool: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
MonitoringManageJobs bool: Whether the user can create, update, and delete monitoring jobs.
MonitoringManageLists bool: Whether the apikey can modify notification lists.
MonitoringUpdateJobs bool: Whether the user can update monitoring jobs when manage_jobs is not set to true.
MonitoringViewJobs bool: Whether the apikey can view monitoring jobs.
Name string: The free form name of the apikey.
SecurityManageActiveDirectory bool: Whether the apikey can manage global active directory. Only relevant for the DDI product.
SecurityManageGlobal2fa bool: Whether the apikey can manage global two factor authentication.
Teams []string: The teams that the apikey belongs to.

accountManageAccountSettings Boolean: Whether the apikey can modify account settings.
accountManageApikeys Boolean: Whether the apikey can modify account apikeys.
accountManageIpWhitelist Boolean: Whether the apikey can manage ip whitelist.
accountManagePaymentMethods Boolean: Whether the apikey can modify account payment methods.
accountManagePlan Boolean: No longer in use.
Deprecated: obsolete, should no longer be used
accountManageTeams Boolean: Whether the apikey can modify other teams in the account.
accountManageUsers Boolean: Whether the apikey can modify account users.
accountViewActivityLog Boolean: Whether the apikey can view activity logs.
accountViewInvoices Boolean: Whether the apikey can view invoices.
dataManageDatafeeds Boolean: Whether the apikey can modify data feeds.
dataManageDatasources Boolean: Whether the apikey can modify data sources.
dataPushToDatafeeds Boolean: Whether the apikey can publish to data feeds.
dnsManageZones Boolean: Whether the apikey can modify the accounts zones.
dnsRecordsAllows List<APIKeyDnsRecordsAllow>: List of records that the apikey may access.
dnsRecordsDenies List<APIKeyDnsRecordsDeny>: List of records that the apikey may not access.
dnsViewZones Boolean: Whether the apikey can view the accounts zones.
dnsZonesAllowByDefault Boolean: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dnsZonesAllows List<String>: List of zones that the apikey may access.
dnsZonesDenies List<String>: List of zones that the apikey may not access.
ipWhitelistStrict Boolean: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ipWhitelists List<String>: Array of IP addresses/networks to which to grant the API key access.
key String: (Computed) The apikeys authentication token.
monitoringCreateJobs Boolean: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoringDeleteJobs Boolean: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoringManageJobs Boolean: Whether the user can create, update, and delete monitoring jobs.
monitoringManageLists Boolean: Whether the apikey can modify notification lists.
monitoringUpdateJobs Boolean: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoringViewJobs Boolean: Whether the apikey can view monitoring jobs.
name String: The free form name of the apikey.
securityManageActiveDirectory Boolean: Whether the apikey can manage global active directory. Only relevant for the DDI product.
securityManageGlobal2fa Boolean: Whether the apikey can manage global two factor authentication.
teams List<String>: The teams that the apikey belongs to.

accountManageAccountSettings boolean: Whether the apikey can modify account settings.
accountManageApikeys boolean: Whether the apikey can modify account apikeys.
accountManageIpWhitelist boolean: Whether the apikey can manage ip whitelist.
accountManagePaymentMethods boolean: Whether the apikey can modify account payment methods.
accountManagePlan boolean: No longer in use.
Deprecated: obsolete, should no longer be used
accountManageTeams boolean: Whether the apikey can modify other teams in the account.
accountManageUsers boolean: Whether the apikey can modify account users.
accountViewActivityLog boolean: Whether the apikey can view activity logs.
accountViewInvoices boolean: Whether the apikey can view invoices.
dataManageDatafeeds boolean: Whether the apikey can modify data feeds.
dataManageDatasources boolean: Whether the apikey can modify data sources.
dataPushToDatafeeds boolean: Whether the apikey can publish to data feeds.
dnsManageZones boolean: Whether the apikey can modify the accounts zones.
dnsRecordsAllows APIKeyDnsRecordsAllow[]: List of records that the apikey may access.
dnsRecordsDenies APIKeyDnsRecordsDeny[]: List of records that the apikey may not access.
dnsViewZones boolean: Whether the apikey can view the accounts zones.
dnsZonesAllowByDefault boolean: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dnsZonesAllows string[]: List of zones that the apikey may access.
dnsZonesDenies string[]: List of zones that the apikey may not access.
ipWhitelistStrict boolean: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ipWhitelists string[]: Array of IP addresses/networks to which to grant the API key access.
key string: (Computed) The apikeys authentication token.
monitoringCreateJobs boolean: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoringDeleteJobs boolean: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoringManageJobs boolean: Whether the user can create, update, and delete monitoring jobs.
monitoringManageLists boolean: Whether the apikey can modify notification lists.
monitoringUpdateJobs boolean: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoringViewJobs boolean: Whether the apikey can view monitoring jobs.
name string: The free form name of the apikey.
securityManageActiveDirectory boolean: Whether the apikey can manage global active directory. Only relevant for the DDI product.
securityManageGlobal2fa boolean: Whether the apikey can manage global two factor authentication.
teams string[]: The teams that the apikey belongs to.

account_manage_account_settings bool: Whether the apikey can modify account settings.
account_manage_apikeys bool: Whether the apikey can modify account apikeys.
account_manage_ip_whitelist bool: Whether the apikey can manage ip whitelist.
account_manage_payment_methods bool: Whether the apikey can modify account payment methods.
account_manage_plan bool: No longer in use.
Deprecated: obsolete, should no longer be used
account_manage_teams bool: Whether the apikey can modify other teams in the account.
account_manage_users bool: Whether the apikey can modify account users.
account_view_activity_log bool: Whether the apikey can view activity logs.
account_view_invoices bool: Whether the apikey can view invoices.
data_manage_datafeeds bool: Whether the apikey can modify data feeds.
data_manage_datasources bool: Whether the apikey can modify data sources.
data_push_to_datafeeds bool: Whether the apikey can publish to data feeds.
dns_manage_zones bool: Whether the apikey can modify the accounts zones.
dns_records_allows Sequence[APIKeyDnsRecordsAllowArgs]: List of records that the apikey may access.
dns_records_denies Sequence[APIKeyDnsRecordsDenyArgs]: List of records that the apikey may not access.
dns_view_zones bool: Whether the apikey can view the accounts zones.
dns_zones_allow_by_default bool: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dns_zones_allows Sequence[str]: List of zones that the apikey may access.
dns_zones_denies Sequence[str]: List of zones that the apikey may not access.
ip_whitelist_strict bool: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ip_whitelists Sequence[str]: Array of IP addresses/networks to which to grant the API key access.
key str: (Computed) The apikeys authentication token.
monitoring_create_jobs bool: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoring_delete_jobs bool: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoring_manage_jobs bool: Whether the user can create, update, and delete monitoring jobs.
monitoring_manage_lists bool: Whether the apikey can modify notification lists.
monitoring_update_jobs bool: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoring_view_jobs bool: Whether the apikey can view monitoring jobs.
name str: The free form name of the apikey.
security_manage_active_directory bool: Whether the apikey can manage global active directory. Only relevant for the DDI product.
security_manage_global2fa bool: Whether the apikey can manage global two factor authentication.
teams Sequence[str]: The teams that the apikey belongs to.

accountManageAccountSettings Boolean: Whether the apikey can modify account settings.
accountManageApikeys Boolean: Whether the apikey can modify account apikeys.
accountManageIpWhitelist Boolean: Whether the apikey can manage ip whitelist.
accountManagePaymentMethods Boolean: Whether the apikey can modify account payment methods.
accountManagePlan Boolean: No longer in use.
Deprecated: obsolete, should no longer be used
accountManageTeams Boolean: Whether the apikey can modify other teams in the account.
accountManageUsers Boolean: Whether the apikey can modify account users.
accountViewActivityLog Boolean: Whether the apikey can view activity logs.
accountViewInvoices Boolean: Whether the apikey can view invoices.
dataManageDatafeeds Boolean: Whether the apikey can modify data feeds.
dataManageDatasources Boolean: Whether the apikey can modify data sources.
dataPushToDatafeeds Boolean: Whether the apikey can publish to data feeds.
dnsManageZones Boolean: Whether the apikey can modify the accounts zones.
dnsRecordsAllows List<Property Map>: List of records that the apikey may access.
dnsRecordsDenies List<Property Map>: List of records that the apikey may not access.
dnsViewZones Boolean: Whether the apikey can view the accounts zones.
dnsZonesAllowByDefault Boolean: If true, enable the dns_zones_allow list, otherwise enable the dns_zones_deny list.
dnsZonesAllows List<String>: List of zones that the apikey may access.
dnsZonesDenies List<String>: List of zones that the apikey may not access.
ipWhitelistStrict Boolean: Set to true to restrict access to only those IP addresses and networks listed in the ip_whitelist field.
ipWhitelists List<String>: Array of IP addresses/networks to which to grant the API key access.
key String: (Computed) The apikeys authentication token.
monitoringCreateJobs Boolean: Whether the user can create monitoring jobs when manage_jobs is not set to true.
monitoringDeleteJobs Boolean: Whether the user can delete monitoring jobs when manage_jobs is not set to true.
monitoringManageJobs Boolean: Whether the user can create, update, and delete monitoring jobs.
monitoringManageLists Boolean: Whether the apikey can modify notification lists.
monitoringUpdateJobs Boolean: Whether the user can update monitoring jobs when manage_jobs is not set to true.
monitoringViewJobs Boolean: Whether the apikey can view monitoring jobs.
name String: The free form name of the apikey.
securityManageActiveDirectory Boolean: Whether the apikey can manage global active directory. Only relevant for the DDI product.
securityManageGlobal2fa Boolean: Whether the apikey can manage global two factor authentication.
teams List<String>: The teams that the apikey belongs to.

Supporting Types

APIKeyDnsRecordsAllow, APIKeyDnsRecordsAllowArgs

Domain string
IncludeSubdomains bool
Type string
Zone string

Domain string
IncludeSubdomains bool
Type string
Zone string

domain String
includeSubdomains Boolean
type String
zone String

domain string
includeSubdomains boolean
type string
zone string

domain str
include_subdomains bool
type str
zone str

domain String
includeSubdomains Boolean
type String
zone String

APIKeyDnsRecordsDeny, APIKeyDnsRecordsDenyArgs

Domain string
IncludeSubdomains bool
Type string
Zone string

Domain string
IncludeSubdomains bool
Type string
Zone string

domain String
includeSubdomains Boolean
type String
zone String

domain string
includeSubdomains boolean
type string
zone string

domain str
include_subdomains bool
type str
zone str

domain String
includeSubdomains Boolean
type String
zone String

Import

-> Imported keys will not have their key stored in the state file.

$ pulumi import ns1:index/aPIKey:APIKey `ns1_apikey`

So for the example above:

$ pulumi import ns1:index/aPIKey:APIKey example <ID>`

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: NS1 pulumi/pulumi-ns1
License: Apache-2.0
Notes: This Pulumi package is based on the ns1 Terraform Provider.

NS1 v3.6.3 published on Thursday, May 8, 2025 by Pulumi

pulumi/pulumi-ns1

ns1.APIKey

On this page

On this page

Example Usage

Permissions

NS1 Documentation

Create APIKey Resource

Constructor syntax

Parameters

Constructor example

APIKey Resource Properties

Inputs

Outputs

Look up Existing APIKey Resource

Supporting Types

APIKeyDnsRecordsAllow, APIKeyDnsRecordsAllowArgs

APIKeyDnsRecordsDeny, APIKeyDnsRecordsDenyArgs

Import

Package Details

On this page

On this page