This provider is currently in preview.
Viewing docs for Pulumi Cloud v0.39.0
published on Tuesday, Apr 28, 2026 by Pulumi
published on Tuesday, Apr 28, 2026 by Pulumi
This provider is currently in preview.
Viewing docs for Pulumi Cloud v0.39.0
published on Tuesday, Apr 28, 2026 by Pulumi
published on Tuesday, Apr 28, 2026 by Pulumi
Builds an OrganizationRole.permissions descriptor that grants the supplied scopes only on the named environment. Pair with Environment.environmentId (or the getEnvironment data source) to avoid hand-rolling the on: modifier yourself. The result is directly assignable to OrganizationRole.permissions. To grant scopes on more than one entity in a single role, hand-roll a group whose entries list pulls the output of each helper.
Using buildEnvironmentScopedPermissions
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function buildEnvironmentScopedPermissions(args: BuildEnvironmentScopedPermissionsArgs, opts?: InvokeOptions): Promise<BuildEnvironmentScopedPermissionsResult>
function buildEnvironmentScopedPermissionsOutput(args: BuildEnvironmentScopedPermissionsOutputArgs, opts?: InvokeOptions): Output<BuildEnvironmentScopedPermissionsResult>def build_environment_scoped_permissions(environment_id: Optional[str] = None,
permissions: Optional[Sequence[str]] = None,
opts: Optional[InvokeOptions] = None) -> BuildEnvironmentScopedPermissionsResult
def build_environment_scoped_permissions_output(environment_id: Optional[pulumi.Input[str]] = None,
permissions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[BuildEnvironmentScopedPermissionsResult]func BuildEnvironmentScopedPermissions(ctx *Context, args *BuildEnvironmentScopedPermissionsArgs, opts ...InvokeOption) (*BuildEnvironmentScopedPermissionsResult, error)
func BuildEnvironmentScopedPermissionsOutput(ctx *Context, args *BuildEnvironmentScopedPermissionsOutputArgs, opts ...InvokeOption) BuildEnvironmentScopedPermissionsResultOutput> Note: This function is named BuildEnvironmentScopedPermissions in the Go SDK.
public static class BuildEnvironmentScopedPermissions
{
public static Task<BuildEnvironmentScopedPermissionsResult> InvokeAsync(BuildEnvironmentScopedPermissionsArgs args, InvokeOptions? opts = null)
public static Output<BuildEnvironmentScopedPermissionsResult> Invoke(BuildEnvironmentScopedPermissionsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<BuildEnvironmentScopedPermissionsResult> buildEnvironmentScopedPermissions(BuildEnvironmentScopedPermissionsArgs args, InvokeOptions options)
public static Output<BuildEnvironmentScopedPermissionsResult> buildEnvironmentScopedPermissions(BuildEnvironmentScopedPermissionsArgs args, InvokeOptions options)
fn::invoke:
function: pulumiservice:buildEnvironmentScopedPermissions
arguments:
# arguments dictionaryThe following arguments are supported:
- Environment
Id string - The target environment's UUID. Use the
environmentIdoutput of anEnvironmentresource or thegetEnvironmentdata source. - Permissions List<string>
- The set of
environment:*scopes to grant on the target environment (e.g.environment:read,environment:open,environment:update). Discover valid scope names via thegetOrganizationRoleScopesdata source.
- Environment
Id string - The target environment's UUID. Use the
environmentIdoutput of anEnvironmentresource or thegetEnvironmentdata source. - Permissions []string
- The set of
environment:*scopes to grant on the target environment (e.g.environment:read,environment:open,environment:update). Discover valid scope names via thegetOrganizationRoleScopesdata source.
- environment
Id String - The target environment's UUID. Use the
environmentIdoutput of anEnvironmentresource or thegetEnvironmentdata source. - permissions List<String>
- The set of
environment:*scopes to grant on the target environment (e.g.environment:read,environment:open,environment:update). Discover valid scope names via thegetOrganizationRoleScopesdata source.
- environment
Id string - The target environment's UUID. Use the
environmentIdoutput of anEnvironmentresource or thegetEnvironmentdata source. - permissions string[]
- The set of
environment:*scopes to grant on the target environment (e.g.environment:read,environment:open,environment:update). Discover valid scope names via thegetOrganizationRoleScopesdata source.
- environment_
id str - The target environment's UUID. Use the
environmentIdoutput of anEnvironmentresource or thegetEnvironmentdata source. - permissions Sequence[str]
- The set of
environment:*scopes to grant on the target environment (e.g.environment:read,environment:open,environment:update). Discover valid scope names via thegetOrganizationRoleScopesdata source.
- environment
Id String - The target environment's UUID. Use the
environmentIdoutput of anEnvironmentresource or thegetEnvironmentdata source. - permissions List<String>
- The set of
environment:*scopes to grant on the target environment (e.g.environment:read,environment:open,environment:update). Discover valid scope names via thegetOrganizationRoleScopesdata source.
buildEnvironmentScopedPermissions Result
The following output properties are available:
- Permissions Dictionary<string, object>
- A
kind: allowdescriptor with anon: { environment: <uuid> }modifier, ready to assign toOrganizationRole.permissions.
- Permissions map[string]interface{}
- A
kind: allowdescriptor with anon: { environment: <uuid> }modifier, ready to assign toOrganizationRole.permissions.
- permissions Map<String,Object>
- A
kind: allowdescriptor with anon: { environment: <uuid> }modifier, ready to assign toOrganizationRole.permissions.
- permissions {[key: string]: any}
- A
kind: allowdescriptor with anon: { environment: <uuid> }modifier, ready to assign toOrganizationRole.permissions.
- permissions Mapping[str, Any]
- A
kind: allowdescriptor with anon: { environment: <uuid> }modifier, ready to assign toOrganizationRole.permissions.
- permissions Map<Any>
- A
kind: allowdescriptor with anon: { environment: <uuid> }modifier, ready to assign toOrganizationRole.permissions.
Package Details
- Repository
- pulumiservice pulumi/pulumi-pulumiservice
- License
- Apache-2.0
This provider is currently in preview.
Viewing docs for Pulumi Cloud v0.39.0
published on Tuesday, Apr 28, 2026 by Pulumi
published on Tuesday, Apr 28, 2026 by Pulumi
