Docs Home
Packages
GitLab v8.4.1 published on Tuesday, Sep 24, 2024 by Pulumi
gitlab.MemberRole
Explore with Pulumi AI
The gitlab.MemberRole resource allows to manage the lifecycle of a custom member role.
Custom roles allow an organization to create user roles with the precise privileges and permissions required for that organization’s needs.
This resource requires an Ultimate license.
Most custom roles are considered billable users that use a seat. Custom roles billing and seat usage
There can be only 10 custom roles on your instance or namespace. See issue 450929 for more details.
Upstream API: GitLab GraphQL API docs
Create MemberRole Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MemberRole(name: string, args: MemberRoleArgs, opts?: CustomResourceOptions);@overload
def MemberRole(resource_name: str,
args: MemberRoleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MemberRole(resource_name: str,
opts: Optional[ResourceOptions] = None,
base_access_level: Optional[str] = None,
enabled_permissions: Optional[Sequence[str]] = None,
description: Optional[str] = None,
group_path: Optional[str] = None,
name: Optional[str] = None)func NewMemberRole(ctx *Context, name string, args MemberRoleArgs, opts ...ResourceOption) (*MemberRole, error)public MemberRole(string name, MemberRoleArgs args, CustomResourceOptions? opts = null)
public MemberRole(String name, MemberRoleArgs args)
public MemberRole(String name, MemberRoleArgs args, CustomResourceOptions options)
type: gitlab:MemberRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args MemberRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args MemberRoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args MemberRoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args MemberRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args MemberRoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var memberRoleResource = new GitLab.MemberRole("memberRoleResource", new()
{
BaseAccessLevel = "string",
EnabledPermissions = new[]
{
"string",
},
Description = "string",
GroupPath = "string",
Name = "string",
});
example, err := gitlab.NewMemberRole(ctx, "memberRoleResource", &gitlab.MemberRoleArgs{
BaseAccessLevel: pulumi.String("string"),
EnabledPermissions: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
GroupPath: pulumi.String("string"),
Name: pulumi.String("string"),
})
var memberRoleResource = new MemberRole("memberRoleResource", MemberRoleArgs.builder()
.baseAccessLevel("string")
.enabledPermissions("string")
.description("string")
.groupPath("string")
.name("string")
.build());
member_role_resource = gitlab.MemberRole("memberRoleResource",
base_access_level="string",
enabled_permissions=["string"],
description="string",
group_path="string",
name="string")
const memberRoleResource = new gitlab.MemberRole("memberRoleResource", {
baseAccessLevel: "string",
enabledPermissions: ["string"],
description: "string",
groupPath: "string",
name: "string",
});
type: gitlab:MemberRole
properties:
baseAccessLevel: string
description: string
enabledPermissions:
- string
groupPath: string
name: string
MemberRole Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The MemberRole resource accepts the following input properties:
- Base
Access stringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - Enabled
Permissions List<string> - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - Description string
- Description for the member role.
- Group
Path string - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- Name string
- Name for the member role.
- Base
Access stringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - Enabled
Permissions []string - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - Description string
- Description for the member role.
- Group
Path string - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- Name string
- Name for the member role.
- base
Access StringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - enabled
Permissions List<String> - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - description String
- Description for the member role.
- group
Path String - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- name String
- Name for the member role.
- base
Access stringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - enabled
Permissions string[] - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - description string
- Description for the member role.
- group
Path string - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- name string
- Name for the member role.
- base_
access_ strlevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - enabled_
permissions Sequence[str] - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - description str
- Description for the member role.
- group_
path str - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- name str
- Name for the member role.
- base
Access StringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - enabled
Permissions List<String> - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - description String
- Description for the member role.
- group
Path String - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- name String
- Name for the member role.
Outputs
All input properties are implicitly available as output properties. Additionally, the MemberRole resource produces the following output properties:
- created_
at str - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- edit_
path str - The Web UI path to edit the member role
- id str
- The provider-assigned unique ID for this managed resource.
- iid int
- The id integer value extracted from the
idattribute
Look up Existing MemberRole Resource
Get an existing MemberRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: MemberRoleState, opts?: CustomResourceOptions): MemberRole@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
base_access_level: Optional[str] = None,
created_at: Optional[str] = None,
description: Optional[str] = None,
edit_path: Optional[str] = None,
enabled_permissions: Optional[Sequence[str]] = None,
group_path: Optional[str] = None,
iid: Optional[int] = None,
name: Optional[str] = None) -> MemberRolefunc GetMemberRole(ctx *Context, name string, id IDInput, state *MemberRoleState, opts ...ResourceOption) (*MemberRole, error)public static MemberRole Get(string name, Input<string> id, MemberRoleState? state, CustomResourceOptions? opts = null)public static MemberRole get(String name, Output<String> id, MemberRoleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Base
Access stringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - Created
At string - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- Description string
- Description for the member role.
- Edit
Path string - The Web UI path to edit the member role
- Enabled
Permissions List<string> - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - Group
Path string - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- Iid int
- The id integer value extracted from the
idattribute - Name string
- Name for the member role.
- Base
Access stringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - Created
At string - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- Description string
- Description for the member role.
- Edit
Path string - The Web UI path to edit the member role
- Enabled
Permissions []string - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - Group
Path string - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- Iid int
- The id integer value extracted from the
idattribute - Name string
- Name for the member role.
- base
Access StringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - created
At String - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- description String
- Description for the member role.
- edit
Path String - The Web UI path to edit the member role
- enabled
Permissions List<String> - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - group
Path String - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- iid Integer
- The id integer value extracted from the
idattribute - name String
- Name for the member role.
- base
Access stringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - created
At string - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- description string
- Description for the member role.
- edit
Path string - The Web UI path to edit the member role
- enabled
Permissions string[] - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - group
Path string - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- iid number
- The id integer value extracted from the
idattribute - name string
- Name for the member role.
- base_
access_ strlevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - created_
at str - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- description str
- Description for the member role.
- edit_
path str - The Web UI path to edit the member role
- enabled_
permissions Sequence[str] - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - group_
path str - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- iid int
- The id integer value extracted from the
idattribute - name str
- Name for the member role.
- base
Access StringLevel - The base access level for the custom role. Valid values are:
DEVELOPER,GUEST,MAINTAINER,MINIMAL_ACCESS,OWNER,REPORTER - created
At String - Timestamp of when the member role was created. Only available with GitLab version 17.3 or higher.
- description String
- Description for the member role.
- edit
Path String - The Web UI path to edit the member role
- enabled
Permissions List<String> - All permissions enabled for the custom role. Valid values are:
ADMIN_CICD_VARIABLES,ADMIN_COMPLIANCE_FRAMEWORK,ADMIN_GROUP_MEMBER,ADMIN_INTEGRATIONS,ADMIN_MERGE_REQUEST,ADMIN_PUSH_RULES,ADMIN_RUNNERS,ADMIN_TERRAFORM_STATE,ADMIN_VULNERABILITY,ADMIN_WEB_HOOK,ARCHIVE_PROJECT,MANAGE_DEPLOY_TOKENS,MANAGE_GROUP_ACCESS_TOKENS,MANAGE_MERGE_REQUEST_SETTINGS,MANAGE_PROJECT_ACCESS_TOKENS,MANAGE_SECURITY_POLICY_LINK,READ_CODE,READ_CRM_CONTACT,READ_DEPENDENCY,READ_RUNNERS,READ_VULNERABILITY,REMOVE_GROUP,REMOVE_PROJECT - group
Path String - Full path of the namespace to create the member role in. Required for SAAS Not allowed for self-managed
- iid Number
- The id integer value extracted from the
idattribute - name String
- Name for the member role.
Package Details
- Repository
- GitLab pulumi/pulumi-gitlab
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
gitlabTerraform Provider.