Organization
This resource allows you to create and manage custom roles in a GitHub Organization for use in repositories.
Note: Custom roles are currently only available in GitHub Enterprise Cloud.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as github from "@pulumi/github";
const example = new github.OrganizationCustomRole("example", {
name: "example",
description: "Example custom role that uses the read role as its base",
baseRole: "read",
permissions: [
"add_assignee",
"add_label",
"bypass_branch_protection",
"close_issue",
"close_pull_request",
"mark_as_duplicate",
"create_tag",
"delete_issue",
"delete_tag",
"manage_deploy_keys",
"push_protected_branch",
"read_code_scanning",
"reopen_issue",
"reopen_pull_request",
"request_pr_review",
"resolve_dependabot_alerts",
"resolve_secret_scanning_alerts",
"view_secret_scanning_alerts",
"write_code_scanning",
],
});Content copied to clipboard
import pulumi
import pulumi_github as github
example = github.OrganizationCustomRole("example",
name="example",
description="Example custom role that uses the read role as its base",
base_role="read",
permissions=[
"add_assignee",
"add_label",
"bypass_branch_protection",
"close_issue",
"close_pull_request",
"mark_as_duplicate",
"create_tag",
"delete_issue",
"delete_tag",
"manage_deploy_keys",
"push_protected_branch",
"read_code_scanning",
"reopen_issue",
"reopen_pull_request",
"request_pr_review",
"resolve_dependabot_alerts",
"resolve_secret_scanning_alerts",
"view_secret_scanning_alerts",
"write_code_scanning",
])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Github = Pulumi.Github;
return await Deployment.RunAsync(() =>
{
var example = new Github.OrganizationCustomRole("example", new()
{
Name = "example",
Description = "Example custom role that uses the read role as its base",
BaseRole = "read",
Permissions = new[]
{
"add_assignee",
"add_label",
"bypass_branch_protection",
"close_issue",
"close_pull_request",
"mark_as_duplicate",
"create_tag",
"delete_issue",
"delete_tag",
"manage_deploy_keys",
"push_protected_branch",
"read_code_scanning",
"reopen_issue",
"reopen_pull_request",
"request_pr_review",
"resolve_dependabot_alerts",
"resolve_secret_scanning_alerts",
"view_secret_scanning_alerts",
"write_code_scanning",
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-github/sdk/v6/go/github"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := github.NewOrganizationCustomRole(ctx, "example", &github.OrganizationCustomRoleArgs{
Name: pulumi.String("example"),
Description: pulumi.String("Example custom role that uses the read role as its base"),
BaseRole: pulumi.String("read"),
Permissions: pulumi.StringArray{
pulumi.String("add_assignee"),
pulumi.String("add_label"),
pulumi.String("bypass_branch_protection"),
pulumi.String("close_issue"),
pulumi.String("close_pull_request"),
pulumi.String("mark_as_duplicate"),
pulumi.String("create_tag"),
pulumi.String("delete_issue"),
pulumi.String("delete_tag"),
pulumi.String("manage_deploy_keys"),
pulumi.String("push_protected_branch"),
pulumi.String("read_code_scanning"),
pulumi.String("reopen_issue"),
pulumi.String("reopen_pull_request"),
pulumi.String("request_pr_review"),
pulumi.String("resolve_dependabot_alerts"),
pulumi.String("resolve_secret_scanning_alerts"),
pulumi.String("view_secret_scanning_alerts"),
pulumi.String("write_code_scanning"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.github.OrganizationCustomRole;
import com.pulumi.github.OrganizationCustomRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new OrganizationCustomRole("example", OrganizationCustomRoleArgs.builder()
.name("example")
.description("Example custom role that uses the read role as its base")
.baseRole("read")
.permissions(
"add_assignee",
"add_label",
"bypass_branch_protection",
"close_issue",
"close_pull_request",
"mark_as_duplicate",
"create_tag",
"delete_issue",
"delete_tag",
"manage_deploy_keys",
"push_protected_branch",
"read_code_scanning",
"reopen_issue",
"reopen_pull_request",
"request_pr_review",
"resolve_dependabot_alerts",
"resolve_secret_scanning_alerts",
"view_secret_scanning_alerts",
"write_code_scanning")
.build());
}
}Content copied to clipboard
resources:
example:
type: github:OrganizationCustomRole
properties:
name: example
description: Example custom role that uses the read role as its base
baseRole: read
permissions:
- add_assignee
- add_label
- bypass_branch_protection
- close_issue
- close_pull_request
- mark_as_duplicate
- create_tag
- delete_issue
- delete_tag
- manage_deploy_keys
- push_protected_branch
- read_code_scanning
- reopen_issue
- reopen_pull_request
- request_pr_review
- resolve_dependabot_alerts
- resolve_secret_scanning_alerts
- view_secret_scanning_alerts
- write_code_scanningContent copied to clipboard
Import
Custom roles can be imported using the id of the role. The id of the custom role can be found using the list custom roles in an organization API.
$ pulumi import github:index/organizationCustomRole:OrganizationCustomRole example 1234Content copied to clipboard
Properties
Link copied to clipboard
The description for the custom role.
Link copied to clipboard
A list of additional permissions included in this role. Must have a minimum of 1 additional permission. The list of available permissions can be found using the list repository fine-grained permissions for an organization API.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard