1. Packages
  2. OVH
  3. API Docs
  4. CloudProject
  5. ContainerRegistryOIDC
OVHCloud v0.42.0 published on Tuesday, Apr 9, 2024 by OVHcloud

ovh.CloudProject.ContainerRegistryOIDC

Explore with Pulumi AI

ovh logo
OVHCloud v0.42.0 published on Tuesday, Apr 9, 2024 by OVHcloud

    Creates an OIDC configuration in an OVHcloud Managed Private Registry.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as ovh from "@ovhcloud/pulumi-ovh";
    
    const my_oidc = new ovh.cloudproject.ContainerRegistryOIDC("my-oidc", {
        serviceName: "XXXXXX",
        registryId: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
        oidcName: "my-oidc-provider",
        oidcEndpoint: "https://xxxx.yyy.com",
        oidcClientId: "xxx",
        oidcClientSecret: "xxx",
        oidcScope: "openid,profile,email,offline_access",
        oidcGroupsClaim: "groups",
        oidcAdminGroup: "harbor-admin",
        oidcVerifyCert: true,
        oidcAutoOnboard: true,
        oidcUserClaim: "preferred_username",
        deleteUsers: false,
    });
    export const oidcClientSecret = my_oidc.oidcClientSecret;
    
    import pulumi
    import pulumi_ovh as ovh
    
    my_oidc = ovh.cloud_project.ContainerRegistryOIDC("my-oidc",
        service_name="XXXXXX",
        registry_id="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
        oidc_name="my-oidc-provider",
        oidc_endpoint="https://xxxx.yyy.com",
        oidc_client_id="xxx",
        oidc_client_secret="xxx",
        oidc_scope="openid,profile,email,offline_access",
        oidc_groups_claim="groups",
        oidc_admin_group="harbor-admin",
        oidc_verify_cert=True,
        oidc_auto_onboard=True,
        oidc_user_claim="preferred_username",
        delete_users=False)
    pulumi.export("oidcClientSecret", my_oidc.oidc_client_secret)
    
    package main
    
    import (
    	"github.com/ovh/pulumi-ovh/sdk/go/ovh/CloudProject"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := CloudProject.NewContainerRegistryOIDC(ctx, "my-oidc", &CloudProject.ContainerRegistryOIDCArgs{
    			ServiceName:      pulumi.String("XXXXXX"),
    			RegistryId:       pulumi.String("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx"),
    			OidcName:         pulumi.String("my-oidc-provider"),
    			OidcEndpoint:     pulumi.String("https://xxxx.yyy.com"),
    			OidcClientId:     pulumi.String("xxx"),
    			OidcClientSecret: pulumi.String("xxx"),
    			OidcScope:        pulumi.String("openid,profile,email,offline_access"),
    			OidcGroupsClaim:  pulumi.String("groups"),
    			OidcAdminGroup:   pulumi.String("harbor-admin"),
    			OidcVerifyCert:   pulumi.Bool(true),
    			OidcAutoOnboard:  pulumi.Bool(true),
    			OidcUserClaim:    pulumi.String("preferred_username"),
    			DeleteUsers:      pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		ctx.Export("oidcClientSecret", my_oidc.OidcClientSecret)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Ovh = Pulumi.Ovh;
    
    return await Deployment.RunAsync(() => 
    {
        var my_oidc = new Ovh.CloudProject.ContainerRegistryOIDC("my-oidc", new()
        {
            ServiceName = "XXXXXX",
            RegistryId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
            OidcName = "my-oidc-provider",
            OidcEndpoint = "https://xxxx.yyy.com",
            OidcClientId = "xxx",
            OidcClientSecret = "xxx",
            OidcScope = "openid,profile,email,offline_access",
            OidcGroupsClaim = "groups",
            OidcAdminGroup = "harbor-admin",
            OidcVerifyCert = true,
            OidcAutoOnboard = true,
            OidcUserClaim = "preferred_username",
            DeleteUsers = false,
        });
    
        return new Dictionary<string, object?>
        {
            ["oidcClientSecret"] = my_oidc.OidcClientSecret,
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.ovh.CloudProject.ContainerRegistryOIDC;
    import com.pulumi.ovh.CloudProject.ContainerRegistryOIDCArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var my_oidc = new ContainerRegistryOIDC("my-oidc", ContainerRegistryOIDCArgs.builder()        
                .serviceName("XXXXXX")
                .registryId("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx")
                .oidcName("my-oidc-provider")
                .oidcEndpoint("https://xxxx.yyy.com")
                .oidcClientId("xxx")
                .oidcClientSecret("xxx")
                .oidcScope("openid,profile,email,offline_access")
                .oidcGroupsClaim("groups")
                .oidcAdminGroup("harbor-admin")
                .oidcVerifyCert(true)
                .oidcAutoOnboard(true)
                .oidcUserClaim("preferred_username")
                .deleteUsers(false)
                .build());
    
            ctx.export("oidcClientSecret", my_oidc.oidcClientSecret());
        }
    }
    
    resources:
      my-oidc:
        type: ovh:CloudProject:ContainerRegistryOIDC
        properties:
          serviceName: XXXXXX
          registryId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
          #required field
          oidcName: my-oidc-provider
          oidcEndpoint: https://xxxx.yyy.com
          oidcClientId: xxx
          oidcClientSecret: xxx
          oidcScope: openid,profile,email,offline_access
          #optional field
          oidcGroupsClaim: groups
          oidcAdminGroup: harbor-admin
          oidcVerifyCert: true
          oidcAutoOnboard: true
          oidcUserClaim: preferred_username
          deleteUsers: false
    outputs:
      oidcClientSecret: ${["my-oidc"].oidcClientSecret}
    

    Create ContainerRegistryOIDC Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ContainerRegistryOIDC(name: string, args: ContainerRegistryOIDCArgs, opts?: CustomResourceOptions);
    @overload
    def ContainerRegistryOIDC(resource_name: str,
                              args: ContainerRegistryOIDCArgs,
                              opts: Optional[ResourceOptions] = None)
    
    @overload
    def ContainerRegistryOIDC(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              oidc_name: Optional[str] = None,
                              service_name: Optional[str] = None,
                              registry_id: Optional[str] = None,
                              oidc_client_id: Optional[str] = None,
                              oidc_client_secret: Optional[str] = None,
                              oidc_endpoint: Optional[str] = None,
                              oidc_scope: Optional[str] = None,
                              oidc_groups_claim: Optional[str] = None,
                              delete_users: Optional[bool] = None,
                              oidc_user_claim: Optional[str] = None,
                              oidc_verify_cert: Optional[bool] = None,
                              oidc_auto_onboard: Optional[bool] = None,
                              oidc_admin_group: Optional[str] = None)
    func NewContainerRegistryOIDC(ctx *Context, name string, args ContainerRegistryOIDCArgs, opts ...ResourceOption) (*ContainerRegistryOIDC, error)
    public ContainerRegistryOIDC(string name, ContainerRegistryOIDCArgs args, CustomResourceOptions? opts = null)
    public ContainerRegistryOIDC(String name, ContainerRegistryOIDCArgs args)
    public ContainerRegistryOIDC(String name, ContainerRegistryOIDCArgs args, CustomResourceOptions options)
    
    type: ovh:CloudProject:ContainerRegistryOIDC
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ContainerRegistryOIDCArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ContainerRegistryOIDCArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ContainerRegistryOIDCArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ContainerRegistryOIDCArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ContainerRegistryOIDCArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var containerRegistryOIDCResource = new Ovh.CloudProject.ContainerRegistryOIDC("containerRegistryOIDCResource", new()
    {
        OidcName = "string",
        ServiceName = "string",
        RegistryId = "string",
        OidcClientId = "string",
        OidcClientSecret = "string",
        OidcEndpoint = "string",
        OidcScope = "string",
        OidcGroupsClaim = "string",
        DeleteUsers = false,
        OidcUserClaim = "string",
        OidcVerifyCert = false,
        OidcAutoOnboard = false,
        OidcAdminGroup = "string",
    });
    
    example, err := CloudProject.NewContainerRegistryOIDC(ctx, "containerRegistryOIDCResource", &CloudProject.ContainerRegistryOIDCArgs{
    	OidcName:         pulumi.String("string"),
    	ServiceName:      pulumi.String("string"),
    	RegistryId:       pulumi.String("string"),
    	OidcClientId:     pulumi.String("string"),
    	OidcClientSecret: pulumi.String("string"),
    	OidcEndpoint:     pulumi.String("string"),
    	OidcScope:        pulumi.String("string"),
    	OidcGroupsClaim:  pulumi.String("string"),
    	DeleteUsers:      pulumi.Bool(false),
    	OidcUserClaim:    pulumi.String("string"),
    	OidcVerifyCert:   pulumi.Bool(false),
    	OidcAutoOnboard:  pulumi.Bool(false),
    	OidcAdminGroup:   pulumi.String("string"),
    })
    
    var containerRegistryOIDCResource = new ContainerRegistryOIDC("containerRegistryOIDCResource", ContainerRegistryOIDCArgs.builder()        
        .oidcName("string")
        .serviceName("string")
        .registryId("string")
        .oidcClientId("string")
        .oidcClientSecret("string")
        .oidcEndpoint("string")
        .oidcScope("string")
        .oidcGroupsClaim("string")
        .deleteUsers(false)
        .oidcUserClaim("string")
        .oidcVerifyCert(false)
        .oidcAutoOnboard(false)
        .oidcAdminGroup("string")
        .build());
    
    container_registry_oidc_resource = ovh.cloud_project.ContainerRegistryOIDC("containerRegistryOIDCResource",
        oidc_name="string",
        service_name="string",
        registry_id="string",
        oidc_client_id="string",
        oidc_client_secret="string",
        oidc_endpoint="string",
        oidc_scope="string",
        oidc_groups_claim="string",
        delete_users=False,
        oidc_user_claim="string",
        oidc_verify_cert=False,
        oidc_auto_onboard=False,
        oidc_admin_group="string")
    
    const containerRegistryOIDCResource = new ovh.cloudproject.ContainerRegistryOIDC("containerRegistryOIDCResource", {
        oidcName: "string",
        serviceName: "string",
        registryId: "string",
        oidcClientId: "string",
        oidcClientSecret: "string",
        oidcEndpoint: "string",
        oidcScope: "string",
        oidcGroupsClaim: "string",
        deleteUsers: false,
        oidcUserClaim: "string",
        oidcVerifyCert: false,
        oidcAutoOnboard: false,
        oidcAdminGroup: "string",
    });
    
    type: ovh:CloudProject:ContainerRegistryOIDC
    properties:
        deleteUsers: false
        oidcAdminGroup: string
        oidcAutoOnboard: false
        oidcClientId: string
        oidcClientSecret: string
        oidcEndpoint: string
        oidcGroupsClaim: string
        oidcName: string
        oidcScope: string
        oidcUserClaim: string
        oidcVerifyCert: false
        registryId: string
        serviceName: string
    

    ContainerRegistryOIDC Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ContainerRegistryOIDC resource accepts the following input properties:

    OidcClientId string
    The client ID with which Harbor is registered as client application with the OIDC provider.
    OidcClientSecret string
    The secret for the Harbor client application.
    OidcEndpoint string
    The URL of an OIDC-compliant server.
    OidcName string
    The name of the OIDC provider.
    OidcScope string
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    RegistryId string
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    ServiceName string
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    DeleteUsers bool
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    OidcAdminGroup string
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    OidcAutoOnboard bool
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    OidcGroupsClaim string
    The name of Claim in the ID token whose value is the list of group names.
    OidcUserClaim string
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    OidcVerifyCert bool
    Set it to false if your OIDC server is hosted via self-signed certificate.
    OidcClientId string
    The client ID with which Harbor is registered as client application with the OIDC provider.
    OidcClientSecret string
    The secret for the Harbor client application.
    OidcEndpoint string
    The URL of an OIDC-compliant server.
    OidcName string
    The name of the OIDC provider.
    OidcScope string
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    RegistryId string
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    ServiceName string
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    DeleteUsers bool
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    OidcAdminGroup string
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    OidcAutoOnboard bool
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    OidcGroupsClaim string
    The name of Claim in the ID token whose value is the list of group names.
    OidcUserClaim string
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    OidcVerifyCert bool
    Set it to false if your OIDC server is hosted via self-signed certificate.
    oidcClientId String
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidcClientSecret String
    The secret for the Harbor client application.
    oidcEndpoint String
    The URL of an OIDC-compliant server.
    oidcName String
    The name of the OIDC provider.
    oidcScope String
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    registryId String
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    serviceName String
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    deleteUsers Boolean
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidcAdminGroup String
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidcAutoOnboard Boolean
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidcGroupsClaim String
    The name of Claim in the ID token whose value is the list of group names.
    oidcUserClaim String
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidcVerifyCert Boolean
    Set it to false if your OIDC server is hosted via self-signed certificate.
    oidcClientId string
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidcClientSecret string
    The secret for the Harbor client application.
    oidcEndpoint string
    The URL of an OIDC-compliant server.
    oidcName string
    The name of the OIDC provider.
    oidcScope string
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    registryId string
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    serviceName string
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    deleteUsers boolean
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidcAdminGroup string
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidcAutoOnboard boolean
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidcGroupsClaim string
    The name of Claim in the ID token whose value is the list of group names.
    oidcUserClaim string
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidcVerifyCert boolean
    Set it to false if your OIDC server is hosted via self-signed certificate.
    oidc_client_id str
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidc_client_secret str
    The secret for the Harbor client application.
    oidc_endpoint str
    The URL of an OIDC-compliant server.
    oidc_name str
    The name of the OIDC provider.
    oidc_scope str
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    registry_id str
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    service_name str
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    delete_users bool
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidc_admin_group str
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidc_auto_onboard bool
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidc_groups_claim str
    The name of Claim in the ID token whose value is the list of group names.
    oidc_user_claim str
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidc_verify_cert bool
    Set it to false if your OIDC server is hosted via self-signed certificate.
    oidcClientId String
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidcClientSecret String
    The secret for the Harbor client application.
    oidcEndpoint String
    The URL of an OIDC-compliant server.
    oidcName String
    The name of the OIDC provider.
    oidcScope String
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    registryId String
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    serviceName String
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    deleteUsers Boolean
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidcAdminGroup String
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidcAutoOnboard Boolean
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidcGroupsClaim String
    The name of Claim in the ID token whose value is the list of group names.
    oidcUserClaim String
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidcVerifyCert Boolean
    Set it to false if your OIDC server is hosted via self-signed certificate.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ContainerRegistryOIDC resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing ContainerRegistryOIDC Resource

    Get an existing ContainerRegistryOIDC resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ContainerRegistryOIDCState, opts?: CustomResourceOptions): ContainerRegistryOIDC
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            delete_users: Optional[bool] = None,
            oidc_admin_group: Optional[str] = None,
            oidc_auto_onboard: Optional[bool] = None,
            oidc_client_id: Optional[str] = None,
            oidc_client_secret: Optional[str] = None,
            oidc_endpoint: Optional[str] = None,
            oidc_groups_claim: Optional[str] = None,
            oidc_name: Optional[str] = None,
            oidc_scope: Optional[str] = None,
            oidc_user_claim: Optional[str] = None,
            oidc_verify_cert: Optional[bool] = None,
            registry_id: Optional[str] = None,
            service_name: Optional[str] = None) -> ContainerRegistryOIDC
    func GetContainerRegistryOIDC(ctx *Context, name string, id IDInput, state *ContainerRegistryOIDCState, opts ...ResourceOption) (*ContainerRegistryOIDC, error)
    public static ContainerRegistryOIDC Get(string name, Input<string> id, ContainerRegistryOIDCState? state, CustomResourceOptions? opts = null)
    public static ContainerRegistryOIDC get(String name, Output<String> id, ContainerRegistryOIDCState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    DeleteUsers bool
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    OidcAdminGroup string
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    OidcAutoOnboard bool
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    OidcClientId string
    The client ID with which Harbor is registered as client application with the OIDC provider.
    OidcClientSecret string
    The secret for the Harbor client application.
    OidcEndpoint string
    The URL of an OIDC-compliant server.
    OidcGroupsClaim string
    The name of Claim in the ID token whose value is the list of group names.
    OidcName string
    The name of the OIDC provider.
    OidcScope string
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    OidcUserClaim string
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    OidcVerifyCert bool
    Set it to false if your OIDC server is hosted via self-signed certificate.
    RegistryId string
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    ServiceName string
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    DeleteUsers bool
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    OidcAdminGroup string
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    OidcAutoOnboard bool
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    OidcClientId string
    The client ID with which Harbor is registered as client application with the OIDC provider.
    OidcClientSecret string
    The secret for the Harbor client application.
    OidcEndpoint string
    The URL of an OIDC-compliant server.
    OidcGroupsClaim string
    The name of Claim in the ID token whose value is the list of group names.
    OidcName string
    The name of the OIDC provider.
    OidcScope string
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    OidcUserClaim string
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    OidcVerifyCert bool
    Set it to false if your OIDC server is hosted via self-signed certificate.
    RegistryId string
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    ServiceName string
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    deleteUsers Boolean
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidcAdminGroup String
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidcAutoOnboard Boolean
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidcClientId String
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidcClientSecret String
    The secret for the Harbor client application.
    oidcEndpoint String
    The URL of an OIDC-compliant server.
    oidcGroupsClaim String
    The name of Claim in the ID token whose value is the list of group names.
    oidcName String
    The name of the OIDC provider.
    oidcScope String
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    oidcUserClaim String
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidcVerifyCert Boolean
    Set it to false if your OIDC server is hosted via self-signed certificate.
    registryId String
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    serviceName String
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    deleteUsers boolean
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidcAdminGroup string
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidcAutoOnboard boolean
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidcClientId string
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidcClientSecret string
    The secret for the Harbor client application.
    oidcEndpoint string
    The URL of an OIDC-compliant server.
    oidcGroupsClaim string
    The name of Claim in the ID token whose value is the list of group names.
    oidcName string
    The name of the OIDC provider.
    oidcScope string
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    oidcUserClaim string
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidcVerifyCert boolean
    Set it to false if your OIDC server is hosted via self-signed certificate.
    registryId string
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    serviceName string
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    delete_users bool
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidc_admin_group str
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidc_auto_onboard bool
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidc_client_id str
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidc_client_secret str
    The secret for the Harbor client application.
    oidc_endpoint str
    The URL of an OIDC-compliant server.
    oidc_groups_claim str
    The name of Claim in the ID token whose value is the list of group names.
    oidc_name str
    The name of the OIDC provider.
    oidc_scope str
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    oidc_user_claim str
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidc_verify_cert bool
    Set it to false if your OIDC server is hosted via self-signed certificate.
    registry_id str
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    service_name str
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.
    deleteUsers Boolean
    Delete existing users from Harbor. OIDC can't be enabled if there is at least one user already created. This parameter is only used at OIDC configuration creation. Changing this value recreates the resource.
    oidcAdminGroup String
    Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
    oidcAutoOnboard Boolean
    Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
    oidcClientId String
    The client ID with which Harbor is registered as client application with the OIDC provider.
    oidcClientSecret String
    The secret for the Harbor client application.
    oidcEndpoint String
    The URL of an OIDC-compliant server.
    oidcGroupsClaim String
    The name of Claim in the ID token whose value is the list of group names.
    oidcName String
    The name of the OIDC provider.
    oidcScope String
    The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
    oidcUserClaim String
    The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
    oidcVerifyCert Boolean
    Set it to false if your OIDC server is hosted via self-signed certificate.
    registryId String
    The ID of the Managed Private Registry. Changing this value recreates the resource.
    serviceName String
    The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICE environment variable is used. Changing this value recreates the resource.

    Import

    OVHcloud Managed Private Registry OIDC can be imported using the tenant service_name and registry id registry_id separated by “/” E.g.,

    bash

    $ pulumi import ovh:CloudProject/containerRegistryOIDC:ContainerRegistryOIDC my-oidc service_name/registry_id
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    ovh ovh/pulumi-ovh
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the ovh Terraform Provider.
    ovh logo
    OVHCloud v0.42.0 published on Tuesday, Apr 9, 2024 by OVHcloud