gitlab.UserImpersonationToken
Explore with Pulumi AI
The gitlab.UserImpersonationToken
resource allows to manage impersonation tokens of users.
Requires administrator access. Token values are returned once. You are only able to create impersonation tokens to impersonate the user and perform both API calls and Git reads and writes. The user can’t see these tokens in their profile settings page.
Upstream API: GitLab REST API docs
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as gitlab from "@pulumi/gitlab";
const _this = new gitlab.UserImpersonationToken("this", {
userId: 12345,
name: "token_name",
scopes: ["api"],
expiresAt: "2024-08-27",
});
import pulumi
import pulumi_gitlab as gitlab
this = gitlab.UserImpersonationToken("this",
user_id=12345,
name="token_name",
scopes=["api"],
expires_at="2024-08-27")
package main
import (
"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := gitlab.NewUserImpersonationToken(ctx, "this", &gitlab.UserImpersonationTokenArgs{
UserId: pulumi.Int(12345),
Name: pulumi.String("token_name"),
Scopes: pulumi.StringArray{
pulumi.String("api"),
},
ExpiresAt: pulumi.String("2024-08-27"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using GitLab = Pulumi.GitLab;
return await Deployment.RunAsync(() =>
{
var @this = new GitLab.UserImpersonationToken("this", new()
{
UserId = 12345,
Name = "token_name",
Scopes = new[]
{
"api",
},
ExpiresAt = "2024-08-27",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gitlab.UserImpersonationToken;
import com.pulumi.gitlab.UserImpersonationTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var this_ = new UserImpersonationToken("this", UserImpersonationTokenArgs.builder()
.userId(12345)
.name("token_name")
.scopes("api")
.expiresAt("2024-08-27")
.build());
}
}
resources:
this:
type: gitlab:UserImpersonationToken
properties:
userId: 12345
name: token_name
scopes:
- api
expiresAt: 2024-08-27
Create UserImpersonationToken Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new UserImpersonationToken(name: string, args: UserImpersonationTokenArgs, opts?: CustomResourceOptions);
@overload
def UserImpersonationToken(resource_name: str,
args: UserImpersonationTokenArgs,
opts: Optional[ResourceOptions] = None)
@overload
def UserImpersonationToken(resource_name: str,
opts: Optional[ResourceOptions] = None,
expires_at: Optional[str] = None,
scopes: Optional[Sequence[str]] = None,
user_id: Optional[int] = None,
name: Optional[str] = None)
func NewUserImpersonationToken(ctx *Context, name string, args UserImpersonationTokenArgs, opts ...ResourceOption) (*UserImpersonationToken, error)
public UserImpersonationToken(string name, UserImpersonationTokenArgs args, CustomResourceOptions? opts = null)
public UserImpersonationToken(String name, UserImpersonationTokenArgs args)
public UserImpersonationToken(String name, UserImpersonationTokenArgs args, CustomResourceOptions options)
type: gitlab:UserImpersonationToken
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args UserImpersonationTokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args UserImpersonationTokenArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args UserImpersonationTokenArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args UserImpersonationTokenArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args UserImpersonationTokenArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var userImpersonationTokenResource = new GitLab.UserImpersonationToken("userImpersonationTokenResource", new()
{
ExpiresAt = "string",
Scopes = new[]
{
"string",
},
UserId = 0,
Name = "string",
});
example, err := gitlab.NewUserImpersonationToken(ctx, "userImpersonationTokenResource", &gitlab.UserImpersonationTokenArgs{
ExpiresAt: pulumi.String("string"),
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
UserId: pulumi.Int(0),
Name: pulumi.String("string"),
})
var userImpersonationTokenResource = new UserImpersonationToken("userImpersonationTokenResource", UserImpersonationTokenArgs.builder()
.expiresAt("string")
.scopes("string")
.userId(0)
.name("string")
.build());
user_impersonation_token_resource = gitlab.UserImpersonationToken("userImpersonationTokenResource",
expires_at="string",
scopes=["string"],
user_id=0,
name="string")
const userImpersonationTokenResource = new gitlab.UserImpersonationToken("userImpersonationTokenResource", {
expiresAt: "string",
scopes: ["string"],
userId: 0,
name: "string",
});
type: gitlab:UserImpersonationToken
properties:
expiresAt: string
name: string
scopes:
- string
userId: 0
UserImpersonationToken Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The UserImpersonationToken resource accepts the following input properties:
- Expires
At string - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- Scopes List<string>
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- User
Id int - The ID of the user.
- Name string
- The name of the impersonation token.
- Expires
At string - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- Scopes []string
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- User
Id int - The ID of the user.
- Name string
- The name of the impersonation token.
- expires
At String - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- scopes List<String>
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- user
Id Integer - The ID of the user.
- name String
- The name of the impersonation token.
- expires
At string - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- scopes string[]
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- user
Id number - The ID of the user.
- name string
- The name of the impersonation token.
- expires_
at str - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- scopes Sequence[str]
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- user_
id int - The ID of the user.
- name str
- The name of the impersonation token.
- expires
At String - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- scopes List<String>
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- user
Id Number - The ID of the user.
- name String
- The name of the impersonation token.
Outputs
All input properties are implicitly available as output properties. Additionally, the UserImpersonationToken resource produces the following output properties:
- Active bool
- True if the token is active.
- Created
At string - Time the token has been created, RFC3339 format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Impersonation bool
- True as the token is always an impersonation token.
- Revoked bool
- True if the token is revoked.
- Token string
- The token of the user impersonation token. Note: the token is not available for imported resources.
- Token
Id int - ID of the impersonation token.
- Active bool
- True if the token is active.
- Created
At string - Time the token has been created, RFC3339 format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Impersonation bool
- True as the token is always an impersonation token.
- Revoked bool
- True if the token is revoked.
- Token string
- The token of the user impersonation token. Note: the token is not available for imported resources.
- Token
Id int - ID of the impersonation token.
- active Boolean
- True if the token is active.
- created
At String - Time the token has been created, RFC3339 format.
- id String
- The provider-assigned unique ID for this managed resource.
- impersonation Boolean
- True as the token is always an impersonation token.
- revoked Boolean
- True if the token is revoked.
- token String
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token
Id Integer - ID of the impersonation token.
- active boolean
- True if the token is active.
- created
At string - Time the token has been created, RFC3339 format.
- id string
- The provider-assigned unique ID for this managed resource.
- impersonation boolean
- True as the token is always an impersonation token.
- revoked boolean
- True if the token is revoked.
- token string
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token
Id number - ID of the impersonation token.
- active bool
- True if the token is active.
- created_
at str - Time the token has been created, RFC3339 format.
- id str
- The provider-assigned unique ID for this managed resource.
- impersonation bool
- True as the token is always an impersonation token.
- revoked bool
- True if the token is revoked.
- token str
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token_
id int - ID of the impersonation token.
- active Boolean
- True if the token is active.
- created
At String - Time the token has been created, RFC3339 format.
- id String
- The provider-assigned unique ID for this managed resource.
- impersonation Boolean
- True as the token is always an impersonation token.
- revoked Boolean
- True if the token is revoked.
- token String
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token
Id Number - ID of the impersonation token.
Look up Existing UserImpersonationToken Resource
Get an existing UserImpersonationToken resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: UserImpersonationTokenState, opts?: CustomResourceOptions): UserImpersonationToken
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
active: Optional[bool] = None,
created_at: Optional[str] = None,
expires_at: Optional[str] = None,
impersonation: Optional[bool] = None,
name: Optional[str] = None,
revoked: Optional[bool] = None,
scopes: Optional[Sequence[str]] = None,
token: Optional[str] = None,
token_id: Optional[int] = None,
user_id: Optional[int] = None) -> UserImpersonationToken
func GetUserImpersonationToken(ctx *Context, name string, id IDInput, state *UserImpersonationTokenState, opts ...ResourceOption) (*UserImpersonationToken, error)
public static UserImpersonationToken Get(string name, Input<string> id, UserImpersonationTokenState? state, CustomResourceOptions? opts = null)
public static UserImpersonationToken get(String name, Output<String> id, UserImpersonationTokenState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Active bool
- True if the token is active.
- Created
At string - Time the token has been created, RFC3339 format.
- Expires
At string - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- Impersonation bool
- True as the token is always an impersonation token.
- Name string
- The name of the impersonation token.
- Revoked bool
- True if the token is revoked.
- Scopes List<string>
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- Token string
- The token of the user impersonation token. Note: the token is not available for imported resources.
- Token
Id int - ID of the impersonation token.
- User
Id int - The ID of the user.
- Active bool
- True if the token is active.
- Created
At string - Time the token has been created, RFC3339 format.
- Expires
At string - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- Impersonation bool
- True as the token is always an impersonation token.
- Name string
- The name of the impersonation token.
- Revoked bool
- True if the token is revoked.
- Scopes []string
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- Token string
- The token of the user impersonation token. Note: the token is not available for imported resources.
- Token
Id int - ID of the impersonation token.
- User
Id int - The ID of the user.
- active Boolean
- True if the token is active.
- created
At String - Time the token has been created, RFC3339 format.
- expires
At String - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- impersonation Boolean
- True as the token is always an impersonation token.
- name String
- The name of the impersonation token.
- revoked Boolean
- True if the token is revoked.
- scopes List<String>
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- token String
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token
Id Integer - ID of the impersonation token.
- user
Id Integer - The ID of the user.
- active boolean
- True if the token is active.
- created
At string - Time the token has been created, RFC3339 format.
- expires
At string - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- impersonation boolean
- True as the token is always an impersonation token.
- name string
- The name of the impersonation token.
- revoked boolean
- True if the token is revoked.
- scopes string[]
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- token string
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token
Id number - ID of the impersonation token.
- user
Id number - The ID of the user.
- active bool
- True if the token is active.
- created_
at str - Time the token has been created, RFC3339 format.
- expires_
at str - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- impersonation bool
- True as the token is always an impersonation token.
- name str
- The name of the impersonation token.
- revoked bool
- True if the token is revoked.
- scopes Sequence[str]
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- token str
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token_
id int - ID of the impersonation token.
- user_
id int - The ID of the user.
- active Boolean
- True if the token is active.
- created
At String - Time the token has been created, RFC3339 format.
- expires
At String - Expiration date of the impersonation token in ISO format (YYYY-MM-DD).
- impersonation Boolean
- True as the token is always an impersonation token.
- name String
- The name of the impersonation token.
- revoked Boolean
- True if the token is revoked.
- scopes List<String>
- Array of scopes of the impersonation token. valid values are:
api
,read_user
,read_api
,read_repository
,write_repository
,read_registry
,write_registry
,sudo
,admin_mode
,create_runner
,manage_runner
,ai_features
,k8s_proxy
,read_service_ping
- token String
- The token of the user impersonation token. Note: the token is not available for imported resources.
- token
Id Number - ID of the impersonation token.
- user
Id Number - The ID of the user.
Import
A GitLab User Impersonation Token can be imported using a key composed of <user-id>:<token-id>
, e.g.
$ pulumi import gitlab:index/userImpersonationToken:UserImpersonationToken example "12345:1"
NOTE: the token
resource attribute is not available for imported resources as this information cannot be read from the GitLab API.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- GitLab pulumi/pulumi-gitlab
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
gitlab
Terraform Provider.