Docs Home
Rancher 2 v8.1.2 published on Thursday, Mar 13, 2025 by Pulumi
rancher2.GlobalRole
Explore with Pulumi AI
Provides a Rancher v2 Global Role resource. This can be used to create Global Role for Rancher v2 and retrieve their information.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";
// Create a new rancher2 Global Role
const foo = new rancher2.GlobalRole("foo", {
name: "foo",
newUserDefault: true,
description: "Terraform global role acceptance test",
rules: [{
apiGroups: ["*"],
resources: ["secrets"],
verbs: ["create"],
}],
});
import pulumi
import pulumi_rancher2 as rancher2
# Create a new rancher2 Global Role
foo = rancher2.GlobalRole("foo",
name="foo",
new_user_default=True,
description="Terraform global role acceptance test",
rules=[{
"api_groups": ["*"],
"resources": ["secrets"],
"verbs": ["create"],
}])
package main
import (
"github.com/pulumi/pulumi-rancher2/sdk/v8/go/rancher2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Create a new rancher2 Global Role
_, err := rancher2.NewGlobalRole(ctx, "foo", &rancher2.GlobalRoleArgs{
Name: pulumi.String("foo"),
NewUserDefault: pulumi.Bool(true),
Description: pulumi.String("Terraform global role acceptance test"),
Rules: rancher2.GlobalRoleRuleArray{
&rancher2.GlobalRoleRuleArgs{
ApiGroups: pulumi.StringArray{
pulumi.String("*"),
},
Resources: pulumi.StringArray{
pulumi.String("secrets"),
},
Verbs: pulumi.StringArray{
pulumi.String("create"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Rancher2 = Pulumi.Rancher2;
return await Deployment.RunAsync(() =>
{
// Create a new rancher2 Global Role
var foo = new Rancher2.GlobalRole("foo", new()
{
Name = "foo",
NewUserDefault = true,
Description = "Terraform global role acceptance test",
Rules = new[]
{
new Rancher2.Inputs.GlobalRoleRuleArgs
{
ApiGroups = new[]
{
"*",
},
Resources = new[]
{
"secrets",
},
Verbs = new[]
{
"create",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.rancher2.GlobalRole;
import com.pulumi.rancher2.GlobalRoleArgs;
import com.pulumi.rancher2.inputs.GlobalRoleRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Create a new rancher2 Global Role
var foo = new GlobalRole("foo", GlobalRoleArgs.builder()
.name("foo")
.newUserDefault(true)
.description("Terraform global role acceptance test")
.rules(GlobalRoleRuleArgs.builder()
.apiGroups("*")
.resources("secrets")
.verbs("create")
.build())
.build());
}
}
resources:
# Create a new rancher2 Global Role
foo:
type: rancher2:GlobalRole
properties:
name: foo
newUserDefault: true
description: Terraform global role acceptance test
rules:
- apiGroups:
- '*'
resources:
- secrets
verbs:
- create
Create GlobalRole Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GlobalRole(name: string, args?: GlobalRoleArgs, opts?: CustomResourceOptions);@overload
def GlobalRole(resource_name: str,
args: Optional[GlobalRoleArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def GlobalRole(resource_name: str,
opts: Optional[ResourceOptions] = None,
annotations: Optional[Mapping[str, str]] = None,
description: Optional[str] = None,
inherited_cluster_roles: Optional[Sequence[str]] = None,
labels: Optional[Mapping[str, str]] = None,
name: Optional[str] = None,
new_user_default: Optional[bool] = None,
rules: Optional[Sequence[GlobalRoleRuleArgs]] = None)func NewGlobalRole(ctx *Context, name string, args *GlobalRoleArgs, opts ...ResourceOption) (*GlobalRole, error)public GlobalRole(string name, GlobalRoleArgs? args = null, CustomResourceOptions? opts = null)
public GlobalRole(String name, GlobalRoleArgs args)
public GlobalRole(String name, GlobalRoleArgs args, CustomResourceOptions options)
type: rancher2:GlobalRole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GlobalRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GlobalRoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GlobalRoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GlobalRoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GlobalRoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var globalRoleResource = new Rancher2.GlobalRole("globalRoleResource", new()
{
Annotations =
{
{ "string", "string" },
},
Description = "string",
InheritedClusterRoles = new[]
{
"string",
},
Labels =
{
{ "string", "string" },
},
Name = "string",
NewUserDefault = false,
Rules = new[]
{
new Rancher2.Inputs.GlobalRoleRuleArgs
{
ApiGroups = new[]
{
"string",
},
NonResourceUrls = new[]
{
"string",
},
ResourceNames = new[]
{
"string",
},
Resources = new[]
{
"string",
},
Verbs = new[]
{
"string",
},
},
},
});
example, err := rancher2.NewGlobalRole(ctx, "globalRoleResource", &rancher2.GlobalRoleArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
Description: pulumi.String("string"),
InheritedClusterRoles: pulumi.StringArray{
pulumi.String("string"),
},
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Name: pulumi.String("string"),
NewUserDefault: pulumi.Bool(false),
Rules: rancher2.GlobalRoleRuleArray{
&rancher2.GlobalRoleRuleArgs{
ApiGroups: pulumi.StringArray{
pulumi.String("string"),
},
NonResourceUrls: pulumi.StringArray{
pulumi.String("string"),
},
ResourceNames: pulumi.StringArray{
pulumi.String("string"),
},
Resources: pulumi.StringArray{
pulumi.String("string"),
},
Verbs: pulumi.StringArray{
pulumi.String("string"),
},
},
},
})
var globalRoleResource = new GlobalRole("globalRoleResource", GlobalRoleArgs.builder()
.annotations(Map.of("string", "string"))
.description("string")
.inheritedClusterRoles("string")
.labels(Map.of("string", "string"))
.name("string")
.newUserDefault(false)
.rules(GlobalRoleRuleArgs.builder()
.apiGroups("string")
.nonResourceUrls("string")
.resourceNames("string")
.resources("string")
.verbs("string")
.build())
.build());
global_role_resource = rancher2.GlobalRole("globalRoleResource",
annotations={
"string": "string",
},
description="string",
inherited_cluster_roles=["string"],
labels={
"string": "string",
},
name="string",
new_user_default=False,
rules=[{
"api_groups": ["string"],
"non_resource_urls": ["string"],
"resource_names": ["string"],
"resources": ["string"],
"verbs": ["string"],
}])
const globalRoleResource = new rancher2.GlobalRole("globalRoleResource", {
annotations: {
string: "string",
},
description: "string",
inheritedClusterRoles: ["string"],
labels: {
string: "string",
},
name: "string",
newUserDefault: false,
rules: [{
apiGroups: ["string"],
nonResourceUrls: ["string"],
resourceNames: ["string"],
resources: ["string"],
verbs: ["string"],
}],
});
type: rancher2:GlobalRole
properties:
annotations:
string: string
description: string
inheritedClusterRoles:
- string
labels:
string: string
name: string
newUserDefault: false
rules:
- apiGroups:
- string
nonResourceUrls:
- string
resourceNames:
- string
resources:
- string
verbs:
- string
GlobalRole Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The GlobalRole resource accepts the following input properties:
- Annotations Dictionary<string, string>
- Annotations for global role object (map)
- Description string
- Global role description (string)
- Inherited
Cluster List<string>Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- Labels Dictionary<string, string>
- Labels for global role object (map)
- Name string
- Global role name (string)
- New
User boolDefault - Whether or not this role should be added to new users. Default
false(bool) - Rules
List<Global
Role Rule> - Global role policy rules (list)
- Annotations map[string]string
- Annotations for global role object (map)
- Description string
- Global role description (string)
- Inherited
Cluster []stringRoles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- Labels map[string]string
- Labels for global role object (map)
- Name string
- Global role name (string)
- New
User boolDefault - Whether or not this role should be added to new users. Default
false(bool) - Rules
[]Global
Role Rule Args - Global role policy rules (list)
- annotations Map<String,String>
- Annotations for global role object (map)
- description String
- Global role description (string)
- inherited
Cluster List<String>Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels Map<String,String>
- Labels for global role object (map)
- name String
- Global role name (string)
- new
User BooleanDefault - Whether or not this role should be added to new users. Default
false(bool) - rules
List<Global
Role Rule> - Global role policy rules (list)
- annotations {[key: string]: string}
- Annotations for global role object (map)
- description string
- Global role description (string)
- inherited
Cluster string[]Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels {[key: string]: string}
- Labels for global role object (map)
- name string
- Global role name (string)
- new
User booleanDefault - Whether or not this role should be added to new users. Default
false(bool) - rules
Global
Role Rule[] - Global role policy rules (list)
- annotations Mapping[str, str]
- Annotations for global role object (map)
- description str
- Global role description (string)
- inherited_
cluster_ Sequence[str]roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels Mapping[str, str]
- Labels for global role object (map)
- name str
- Global role name (string)
- new_
user_ booldefault - Whether or not this role should be added to new users. Default
false(bool) - rules
Sequence[Global
Role Rule Args] - Global role policy rules (list)
- annotations Map<String>
- Annotations for global role object (map)
- description String
- Global role description (string)
- inherited
Cluster List<String>Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels Map<String>
- Labels for global role object (map)
- name String
- Global role name (string)
- new
User BooleanDefault - Whether or not this role should be added to new users. Default
false(bool) - rules List<Property Map>
- Global role policy rules (list)
Outputs
All input properties are implicitly available as output properties. Additionally, the GlobalRole resource produces the following output properties:
Look up Existing GlobalRole Resource
Get an existing GlobalRole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GlobalRoleState, opts?: CustomResourceOptions): GlobalRole@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
annotations: Optional[Mapping[str, str]] = None,
builtin: Optional[bool] = None,
description: Optional[str] = None,
inherited_cluster_roles: Optional[Sequence[str]] = None,
labels: Optional[Mapping[str, str]] = None,
name: Optional[str] = None,
new_user_default: Optional[bool] = None,
rules: Optional[Sequence[GlobalRoleRuleArgs]] = None) -> GlobalRolefunc GetGlobalRole(ctx *Context, name string, id IDInput, state *GlobalRoleState, opts ...ResourceOption) (*GlobalRole, error)public static GlobalRole Get(string name, Input<string> id, GlobalRoleState? state, CustomResourceOptions? opts = null)public static GlobalRole get(String name, Output<String> id, GlobalRoleState state, CustomResourceOptions options)resources: _: type: rancher2:GlobalRole get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Annotations Dictionary<string, string>
- Annotations for global role object (map)
- Builtin bool
- (Computed) Builtin global role (bool)
- Description string
- Global role description (string)
- Inherited
Cluster List<string>Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- Labels Dictionary<string, string>
- Labels for global role object (map)
- Name string
- Global role name (string)
- New
User boolDefault - Whether or not this role should be added to new users. Default
false(bool) - Rules
List<Global
Role Rule> - Global role policy rules (list)
- Annotations map[string]string
- Annotations for global role object (map)
- Builtin bool
- (Computed) Builtin global role (bool)
- Description string
- Global role description (string)
- Inherited
Cluster []stringRoles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- Labels map[string]string
- Labels for global role object (map)
- Name string
- Global role name (string)
- New
User boolDefault - Whether or not this role should be added to new users. Default
false(bool) - Rules
[]Global
Role Rule Args - Global role policy rules (list)
- annotations Map<String,String>
- Annotations for global role object (map)
- builtin Boolean
- (Computed) Builtin global role (bool)
- description String
- Global role description (string)
- inherited
Cluster List<String>Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels Map<String,String>
- Labels for global role object (map)
- name String
- Global role name (string)
- new
User BooleanDefault - Whether or not this role should be added to new users. Default
false(bool) - rules
List<Global
Role Rule> - Global role policy rules (list)
- annotations {[key: string]: string}
- Annotations for global role object (map)
- builtin boolean
- (Computed) Builtin global role (bool)
- description string
- Global role description (string)
- inherited
Cluster string[]Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels {[key: string]: string}
- Labels for global role object (map)
- name string
- Global role name (string)
- new
User booleanDefault - Whether or not this role should be added to new users. Default
false(bool) - rules
Global
Role Rule[] - Global role policy rules (list)
- annotations Mapping[str, str]
- Annotations for global role object (map)
- builtin bool
- (Computed) Builtin global role (bool)
- description str
- Global role description (string)
- inherited_
cluster_ Sequence[str]roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels Mapping[str, str]
- Labels for global role object (map)
- name str
- Global role name (string)
- new_
user_ booldefault - Whether or not this role should be added to new users. Default
false(bool) - rules
Sequence[Global
Role Rule Args] - Global role policy rules (list)
- annotations Map<String>
- Annotations for global role object (map)
- builtin Boolean
- (Computed) Builtin global role (bool)
- description String
- Global role description (string)
- inherited
Cluster List<String>Roles - Names of role templates whose permissions are granted by this global role in every cluster besides the local cluster (list)
- labels Map<String>
- Labels for global role object (map)
- name String
- Global role name (string)
- new
User BooleanDefault - Whether or not this role should be added to new users. Default
false(bool) - rules List<Property Map>
- Global role policy rules (list)
Supporting Types
GlobalRoleRule, GlobalRoleRuleArgs
- Api
Groups List<string> - Policy rule api groups
- Non
Resource List<string>Urls - Policy rule non resource urls
- Resource
Names List<string> - Policy rule resource names
- Resources List<string>
- Policy rule resources
- Verbs List<string>
- Policy rule verbs
- Api
Groups []string - Policy rule api groups
- Non
Resource []stringUrls - Policy rule non resource urls
- Resource
Names []string - Policy rule resource names
- Resources []string
- Policy rule resources
- Verbs []string
- Policy rule verbs
- api
Groups List<String> - Policy rule api groups
- non
Resource List<String>Urls - Policy rule non resource urls
- resource
Names List<String> - Policy rule resource names
- resources List<String>
- Policy rule resources
- verbs List<String>
- Policy rule verbs
- api
Groups string[] - Policy rule api groups
- non
Resource string[]Urls - Policy rule non resource urls
- resource
Names string[] - Policy rule resource names
- resources string[]
- Policy rule resources
- verbs string[]
- Policy rule verbs
- api_
groups Sequence[str] - Policy rule api groups
- non_
resource_ Sequence[str]urls - Policy rule non resource urls
- resource_
names Sequence[str] - Policy rule resource names
- resources Sequence[str]
- Policy rule resources
- verbs Sequence[str]
- Policy rule verbs
- api
Groups List<String> - Policy rule api groups
- non
Resource List<String>Urls - Policy rule non resource urls
- resource
Names List<String> - Policy rule resource names
- resources List<String>
- Policy rule resources
- verbs List<String>
- Policy rule verbs
Import
Global Role can be imported using the Rancher Global Role ID
$ pulumi import rancher2:index/globalRole:GlobalRole foo <global_role_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Rancher2 pulumi/pulumi-rancher2
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
rancher2Terraform Provider.