Harbor v3.10.10, May 20 24

Harbor v3.10.10 published on Monday, May 20, 2024 by Pulumiverse

harbor.RobotAccount

Explore with Pulumi AI

Harbor v3.10.10 published on Monday, May 20, 2024 by Pulumiverse

pulumiverse/pulumi-harbor

Example Usage

System Level

Introduced in harbor 2.2.0, system level robot accounts can have basically all available permissions in harbor and are not dependent on a single project.

Global

resource "random_password" "password" {
  length  = 12
  special = false
}

resource "harbor_project" "main" {
    name = "main"
}

resource "harbor_robot_account" "system" {
  name        = "example-system"
  description = "system level robot account"
  level       = "system"
  secret      = resource.random_password.password.result
  permissions {
    access {
      action   = "create"
      resource = "label"
    }
    kind      = "system"
    namespace = "/"
  }
  permissions {
    access {
      action   = "push"
      resource = "repository"
    }
    kind      = "project"
    namespace = harbor_project.main.name
  }
  permissions {
    access {
      action   = "pull"
      resource = "repository"
    }
    kind      = "project"
    namespace = "*"
  }
}

The above example, creates a system level robot account with permissions to

permission to create labels on system level
pull repository across all projects
push repository to project “my-project-name”

Project

Other than system level robot accounts, project level robot accounts can interact on project level only. The available permissions are mostly the same as for system level robots.

resource "harbor_project" "main" {
    name = "main"
}

resource "harbor_robot_account" "project" {
  name        = "example-project"
  description = "project level robot account"
  level       = "project"
  permissions {
    access {
      action   = "pull"
      resource = "repository"
    }
    access {
      action   = "push"
      resource = "repository"
    }
    kind      = "project"
    namespace = harbor_project.main.name
  }
}

The above example creates a project level robot account with permissions to

pull repository on project “main”
push repository on project “main”

Create RobotAccount Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new RobotAccount(name: string, args: RobotAccountArgs, opts?: CustomResourceOptions);

@overload
def RobotAccount(resource_name: str,
                 args: RobotAccountArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def RobotAccount(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 level: Optional[str] = None,
                 permissions: Optional[Sequence[RobotAccountPermissionArgs]] = None,
                 description: Optional[str] = None,
                 disable: Optional[bool] = None,
                 duration: Optional[int] = None,
                 name: Optional[str] = None,
                 secret: Optional[str] = None)

func NewRobotAccount(ctx *Context, name string, args RobotAccountArgs, opts ...ResourceOption) (*RobotAccount, error)

public RobotAccount(string name, RobotAccountArgs args, CustomResourceOptions? opts = null)

public RobotAccount(String name, RobotAccountArgs args)
public RobotAccount(String name, RobotAccountArgs args, CustomResourceOptions options)

type: harbor:RobotAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args RobotAccountArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RobotAccountArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RobotAccountArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RobotAccountArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RobotAccountArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Example

The following reference example uses placeholder values for all input properties.

var robotAccountResource = new Harbor.RobotAccount("robotAccountResource", new()
{
    Level = "string",
    Permissions = new[]
    {
        new Harbor.Inputs.RobotAccountPermissionArgs
        {
            Accesses = new[]
            {
                new Harbor.Inputs.RobotAccountPermissionAccessArgs
                {
                    Action = "string",
                    Resource = "string",
                    Effect = "string",
                },
            },
            Kind = "string",
            Namespace = "string",
        },
    },
    Description = "string",
    Disable = false,
    Duration = 0,
    Name = "string",
    Secret = "string",
});

example, err := harbor.NewRobotAccount(ctx, "robotAccountResource", &harbor.RobotAccountArgs{
	Level: pulumi.String("string"),
	Permissions: harbor.RobotAccountPermissionArray{
		&harbor.RobotAccountPermissionArgs{
			Accesses: harbor.RobotAccountPermissionAccessArray{
				&harbor.RobotAccountPermissionAccessArgs{
					Action:   pulumi.String("string"),
					Resource: pulumi.String("string"),
					Effect:   pulumi.String("string"),
				},
			},
			Kind:      pulumi.String("string"),
			Namespace: pulumi.String("string"),
		},
	},
	Description: pulumi.String("string"),
	Disable:     pulumi.Bool(false),
	Duration:    pulumi.Int(0),
	Name:        pulumi.String("string"),
	Secret:      pulumi.String("string"),
})

var robotAccountResource = new RobotAccount("robotAccountResource", RobotAccountArgs.builder()
    .level("string")
    .permissions(RobotAccountPermissionArgs.builder()
        .accesses(RobotAccountPermissionAccessArgs.builder()
            .action("string")
            .resource("string")
            .effect("string")
            .build())
        .kind("string")
        .namespace("string")
        .build())
    .description("string")
    .disable(false)
    .duration(0)
    .name("string")
    .secret("string")
    .build());

robot_account_resource = harbor.RobotAccount("robotAccountResource",
    level="string",
    permissions=[harbor.RobotAccountPermissionArgs(
        accesses=[harbor.RobotAccountPermissionAccessArgs(
            action="string",
            resource="string",
            effect="string",
        )],
        kind="string",
        namespace="string",
    )],
    description="string",
    disable=False,
    duration=0,
    name="string",
    secret="string")

const robotAccountResource = new harbor.RobotAccount("robotAccountResource", {
    level: "string",
    permissions: [{
        accesses: [{
            action: "string",
            resource: "string",
            effect: "string",
        }],
        kind: "string",
        namespace: "string",
    }],
    description: "string",
    disable: false,
    duration: 0,
    name: "string",
    secret: "string",
});

type: harbor:RobotAccount
properties:
    description: string
    disable: false
    duration: 0
    level: string
    name: string
    permissions:
        - accesses:
            - action: string
              effect: string
              resource: string
          kind: string
          namespace: string
    secret: string

RobotAccount Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The RobotAccount resource accepts the following input properties:

Level string: Level of the robot account, currently either system or project.
Permissions List<Pulumiverse.Harbor.Inputs.RobotAccountPermission>
Description string: The description of the robot account will be displayed in harbor.
Disable bool: Disables the robot account when set to true.
Duration int: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
Name string: The name of the project that will be created in harbor.
Secret string: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

Level string: Level of the robot account, currently either system or project.
Permissions []RobotAccountPermissionArgs
Description string: The description of the robot account will be displayed in harbor.
Disable bool: Disables the robot account when set to true.
Duration int: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
Name string: The name of the project that will be created in harbor.
Secret string: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

level String: Level of the robot account, currently either system or project.
permissions List<RobotAccountPermission>
description String: The description of the robot account will be displayed in harbor.
disable Boolean: Disables the robot account when set to true.
duration Integer: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
name String: The name of the project that will be created in harbor.
secret String: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

level string: Level of the robot account, currently either system or project.
permissions RobotAccountPermission[]
description string: The description of the robot account will be displayed in harbor.
disable boolean: Disables the robot account when set to true.
duration number: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
name string: The name of the project that will be created in harbor.
secret string: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

level str: Level of the robot account, currently either system or project.
permissions Sequence[RobotAccountPermissionArgs]
description str: The description of the robot account will be displayed in harbor.
disable bool: Disables the robot account when set to true.
duration int: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
name str: The name of the project that will be created in harbor.
secret str: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

level String: Level of the robot account, currently either system or project.
permissions List<Property Map>
description String: The description of the robot account will be displayed in harbor.
disable Boolean: Disables the robot account when set to true.
duration Number: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
name String: The name of the project that will be created in harbor.
secret String: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

Outputs

All input properties are implicitly available as output properties. Additionally, the RobotAccount resource produces the following output properties:

FullName string
Id string: The provider-assigned unique ID for this managed resource.
RobotId string

FullName string
Id string: The provider-assigned unique ID for this managed resource.
RobotId string

fullName String
id String: The provider-assigned unique ID for this managed resource.
robotId String

fullName string
id string: The provider-assigned unique ID for this managed resource.
robotId string

full_name str
id str: The provider-assigned unique ID for this managed resource.
robot_id str

fullName String
id String: The provider-assigned unique ID for this managed resource.
robotId String

Look up Existing RobotAccount Resource

Get an existing RobotAccount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RobotAccountState, opts?: CustomResourceOptions): RobotAccount

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        disable: Optional[bool] = None,
        duration: Optional[int] = None,
        full_name: Optional[str] = None,
        level: Optional[str] = None,
        name: Optional[str] = None,
        permissions: Optional[Sequence[RobotAccountPermissionArgs]] = None,
        robot_id: Optional[str] = None,
        secret: Optional[str] = None) -> RobotAccount

func GetRobotAccount(ctx *Context, name string, id IDInput, state *RobotAccountState, opts ...ResourceOption) (*RobotAccount, error)

public static RobotAccount Get(string name, Input<string> id, RobotAccountState? state, CustomResourceOptions? opts = null)

public static RobotAccount get(String name, Output<String> id, RobotAccountState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Description string: The description of the robot account will be displayed in harbor.
Disable bool: Disables the robot account when set to true.
Duration int: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
FullName string
Level string: Level of the robot account, currently either system or project.
Name string: The name of the project that will be created in harbor.
Permissions List<Pulumiverse.Harbor.Inputs.RobotAccountPermission>
RobotId string
Secret string: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

Description string: The description of the robot account will be displayed in harbor.
Disable bool: Disables the robot account when set to true.
Duration int: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
FullName string
Level string: Level of the robot account, currently either system or project.
Name string: The name of the project that will be created in harbor.
Permissions []RobotAccountPermissionArgs
RobotId string
Secret string: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

description String: The description of the robot account will be displayed in harbor.
disable Boolean: Disables the robot account when set to true.
duration Integer: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
fullName String
level String: Level of the robot account, currently either system or project.
name String: The name of the project that will be created in harbor.
permissions List<RobotAccountPermission>
robotId String
secret String: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

description string: The description of the robot account will be displayed in harbor.
disable boolean: Disables the robot account when set to true.
duration number: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
fullName string
level string: Level of the robot account, currently either system or project.
name string: The name of the project that will be created in harbor.
permissions RobotAccountPermission[]
robotId string
secret string: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

description str: The description of the robot account will be displayed in harbor.
disable bool: Disables the robot account when set to true.
duration int: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
full_name str
level str: Level of the robot account, currently either system or project.
name str: The name of the project that will be created in harbor.
permissions Sequence[RobotAccountPermissionArgs]
robot_id str
secret str: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

description String: The description of the robot account will be displayed in harbor.
disable Boolean: Disables the robot account when set to true.
duration Number: By default, the robot account will not expire. Set it to the amount of days until the account should expire.
fullName String
level String: Level of the robot account, currently either system or project.
name String: The name of the project that will be created in harbor.
permissions List<Property Map>
robotId String
secret String: The secret of the robot account used for authentication. Defaults to random generated string from Harbor.

Supporting Types

RobotAccountPermission, RobotAccountPermissionArgs

Accesses List<Pulumiverse.Harbor.Inputs.RobotAccountPermissionAccess>
Kind string: Either system or project.
Namespace string: namespace is the name of your project. For kind system permissions, always use / as namespace. Use * to match all projects.

Accesses []RobotAccountPermissionAccess
Kind string: Either system or project.
Namespace string: namespace is the name of your project. For kind system permissions, always use / as namespace. Use * to match all projects.

accesses List<RobotAccountPermissionAccess>
kind String: Either system or project.
namespace String: namespace is the name of your project. For kind system permissions, always use / as namespace. Use * to match all projects.

accesses RobotAccountPermissionAccess[]
kind string: Either system or project.
namespace string: namespace is the name of your project. For kind system permissions, always use / as namespace. Use * to match all projects.

accesses Sequence[RobotAccountPermissionAccess]
kind str: Either system or project.
namespace str: namespace is the name of your project. For kind system permissions, always use / as namespace. Use * to match all projects.

accesses List<Property Map>
kind String: Either system or project.
namespace String: namespace is the name of your project. For kind system permissions, always use / as namespace. Use * to match all projects.

RobotAccountPermissionAccess, RobotAccountPermissionAccessArgs

Action string: Eg. push, pull, read, etc. Check available actions.
Resource string: Eg. repository, labels, etc. Check available resources.
Effect string: Either allow or deny. Defaults to allow.

Action string: Eg. push, pull, read, etc. Check available actions.
Resource string: Eg. repository, labels, etc. Check available resources.
Effect string: Either allow or deny. Defaults to allow.

action String: Eg. push, pull, read, etc. Check available actions.
resource String: Eg. repository, labels, etc. Check available resources.
effect String: Either allow or deny. Defaults to allow.

action string: Eg. push, pull, read, etc. Check available actions.
resource string: Eg. repository, labels, etc. Check available resources.
effect string: Either allow or deny. Defaults to allow.

action str: Eg. push, pull, read, etc. Check available actions.
resource str: Eg. repository, labels, etc. Check available resources.
effect str: Either allow or deny. Defaults to allow.

action String: Eg. push, pull, read, etc. Check available actions.
resource String: Eg. repository, labels, etc. Check available resources.
effect String: Either allow or deny. Defaults to allow.

Import

$ pulumi import harbor:index/robotAccount:RobotAccount system /robots/123

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: harbor pulumiverse/pulumi-harbor
License: Apache-2.0
Notes: This Pulumi package is based on the harbor Terraform Provider.

Harbor v3.10.10 published on Monday, May 20, 2024 by Pulumiverse

pulumiverse/pulumi-harbor

harbor.RobotAccount

On this page

On this page

Example Usage

System Level

Global

Project

Create RobotAccount Resource

Constructor syntax

Parameters

Example

RobotAccount Resource Properties

Inputs

Outputs

Look up Existing RobotAccount Resource

Supporting Types

RobotAccountPermission, RobotAccountPermissionArgs

RobotAccountPermissionAccess, RobotAccountPermissionAccessArgs

Import

Package Details

On this page

On this page