diff --git a/provider/cmd/pulumi-resource-github/bridge-metadata.json b/provider/cmd/pulumi-resource-github/bridge-metadata.json
index 4bb1e3c9..2602c568 100644
--- a/provider/cmd/pulumi-resource-github/bridge-metadata.json
+++ b/provider/cmd/pulumi-resource-github/bridge-metadata.json
@@ -307,6 +307,32 @@
"current": "github:index/emuGroupMapping:EmuGroupMapping",
"majorVersion": 6
},
+ "github_enterprise_actions_permissions": {
+ "current": "github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions",
+ "majorVersion": 6,
+ "fields": {
+ "allowed_actions_config": {
+ "maxItemsOne": true,
+ "elem": {
+ "fields": {
+ "patterns_allowed": {
+ "maxItemsOne": false
+ }
+ }
+ }
+ },
+ "enabled_organizations_config": {
+ "maxItemsOne": true,
+ "elem": {
+ "fields": {
+ "organization_ids": {
+ "maxItemsOne": false
+ }
+ }
+ }
+ }
+ }
+ },
"github_enterprise_organization": {
"current": "github:index/enterpriseOrganization:EnterpriseOrganization",
"majorVersion": 6,
diff --git a/provider/cmd/pulumi-resource-github/schema.json b/provider/cmd/pulumi-resource-github/schema.json
index b49c2693..6d9ab840 100644
--- a/provider/cmd/pulumi-resource-github/schema.json
+++ b/provider/cmd/pulumi-resource-github/schema.json
@@ -403,6 +403,44 @@
},
"type": "object"
},
+ "github:index/EnterpriseActionsPermissionsAllowedActionsConfig:EnterpriseActionsPermissionsAllowedActionsConfig": {
+ "properties": {
+ "githubOwnedAllowed": {
+ "type": "boolean",
+ "description": "Whether GitHub-owned actions are allowed in the organization.\n"
+ },
+ "patternsAlloweds": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "description": "Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*.\"\n"
+ },
+ "verifiedAllowed": {
+ "type": "boolean",
+ "description": "Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.\n"
+ }
+ },
+ "type": "object",
+ "required": [
+ "githubOwnedAllowed"
+ ]
+ },
+ "github:index/EnterpriseActionsPermissionsEnabledOrganizationsConfig:EnterpriseActionsPermissionsEnabledOrganizationsConfig": {
+ "properties": {
+ "organizationIds": {
+ "type": "array",
+ "items": {
+ "type": "integer"
+ },
+ "description": "List of organization IDs to enable for GitHub Actions.\n"
+ }
+ },
+ "type": "object",
+ "required": [
+ "organizationIds"
+ ]
+ },
"github:index/IssueLabelsLabel:IssueLabelsLabel": {
"properties": {
"color": {
@@ -5416,6 +5454,89 @@
"type": "object"
}
},
+ "github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions": {
+ "description": "This resource allows you to create and manage GitHub Actions permissions within your GitHub enterprise.\nYou must have admin access to an enterprise to use this resource.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as github from \"@pulumi/github\";\n\nconst example-enterprise = github.getEnterprise({\n slug: \"my-enterprise\",\n});\nconst example-org = github.getOrganization({\n name: \"my-org\",\n});\nconst test = new github.EnterpriseActionsPermissions(\"test\", {\n enterpriseId: example_enterprise.then(example_enterprise =\u003e example_enterprise.slug),\n allowedActions: \"selected\",\n enabledOrganizations: \"selected\",\n allowedActionsConfig: {\n githubOwnedAllowed: true,\n patternsAlloweds: [\n \"actions/cache@*\",\n \"actions/checkout@*\",\n ],\n verifiedAllowed: true,\n },\n enabledOrganizationsConfig: {\n organizationIds: [example_org.then(example_org =\u003e example_org.id)],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_github as github\n\nexample_enterprise = github.get_enterprise(slug=\"my-enterprise\")\nexample_org = github.get_organization(name=\"my-org\")\ntest = github.EnterpriseActionsPermissions(\"test\",\n enterprise_id=example_enterprise.slug,\n allowed_actions=\"selected\",\n enabled_organizations=\"selected\",\n allowed_actions_config=github.EnterpriseActionsPermissionsAllowedActionsConfigArgs(\n github_owned_allowed=True,\n patterns_alloweds=[\n \"actions/cache@*\",\n \"actions/checkout@*\",\n ],\n verified_allowed=True,\n ),\n enabled_organizations_config=github.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs(\n organization_ids=[example_org.id],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Github = Pulumi.Github;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example_enterprise = Github.GetEnterprise.Invoke(new()\n {\n Slug = \"my-enterprise\",\n });\n\n var example_org = Github.GetOrganization.Invoke(new()\n {\n Name = \"my-org\",\n });\n\n var test = new Github.EnterpriseActionsPermissions(\"test\", new()\n {\n EnterpriseId = example_enterprise.Apply(example_enterprise =\u003e example_enterprise.Apply(getEnterpriseResult =\u003e getEnterpriseResult.Slug)),\n AllowedActions = \"selected\",\n EnabledOrganizations = \"selected\",\n AllowedActionsConfig = new Github.Inputs.EnterpriseActionsPermissionsAllowedActionsConfigArgs\n {\n GithubOwnedAllowed = true,\n PatternsAlloweds = new[]\n {\n \"actions/cache@*\",\n \"actions/checkout@*\",\n },\n VerifiedAllowed = true,\n },\n EnabledOrganizationsConfig = new Github.Inputs.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs\n {\n OrganizationIds = new[]\n {\n example_org.Apply(example_org =\u003e example_org.Apply(getOrganizationResult =\u003e getOrganizationResult.Id)),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-github/sdk/v6/go/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample_enterprise, err := github.GetEnterprise(ctx, \u0026github.GetEnterpriseArgs{\n\t\t\tSlug: \"my-enterprise\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample_org, err := github.GetOrganization(ctx, \u0026github.GetOrganizationArgs{\n\t\t\tName: \"my-org\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = github.NewEnterpriseActionsPermissions(ctx, \"test\", \u0026github.EnterpriseActionsPermissionsArgs{\n\t\t\tEnterpriseId: *pulumi.String(example_enterprise.Slug),\n\t\t\tAllowedActions: pulumi.String(\"selected\"),\n\t\t\tEnabledOrganizations: pulumi.String(\"selected\"),\n\t\t\tAllowedActionsConfig: \u0026github.EnterpriseActionsPermissionsAllowedActionsConfigArgs{\n\t\t\t\tGithubOwnedAllowed: pulumi.Bool(true),\n\t\t\t\tPatternsAlloweds: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"actions/cache@*\"),\n\t\t\t\t\tpulumi.String(\"actions/checkout@*\"),\n\t\t\t\t},\n\t\t\t\tVerifiedAllowed: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEnabledOrganizationsConfig: \u0026github.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs{\n\t\t\t\tOrganizationIds: pulumi.IntArray{\n\t\t\t\t\t*pulumi.String(example_org.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.github.GithubFunctions;\nimport com.pulumi.github.inputs.GetEnterpriseArgs;\nimport com.pulumi.github.inputs.GetOrganizationArgs;\nimport com.pulumi.github.EnterpriseActionsPermissions;\nimport com.pulumi.github.EnterpriseActionsPermissionsArgs;\nimport com.pulumi.github.inputs.EnterpriseActionsPermissionsAllowedActionsConfigArgs;\nimport com.pulumi.github.inputs.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example-enterprise = GithubFunctions.getEnterprise(GetEnterpriseArgs.builder()\n .slug(\"my-enterprise\")\n .build());\n\n final var example-org = GithubFunctions.getOrganization(GetOrganizationArgs.builder()\n .name(\"my-org\")\n .build());\n\n var test = new EnterpriseActionsPermissions(\"test\", EnterpriseActionsPermissionsArgs.builder() \n .enterpriseId(example_enterprise.slug())\n .allowedActions(\"selected\")\n .enabledOrganizations(\"selected\")\n .allowedActionsConfig(EnterpriseActionsPermissionsAllowedActionsConfigArgs.builder()\n .githubOwnedAllowed(true)\n .patternsAlloweds( \n \"actions/cache@*\",\n \"actions/checkout@*\")\n .verifiedAllowed(true)\n .build())\n .enabledOrganizationsConfig(EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs.builder()\n .organizationIds(example_org.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: github:EnterpriseActionsPermissions\n properties:\n enterpriseId: ${[\"example-enterprise\"].slug}\n allowedActions: selected\n enabledOrganizations: selected\n allowedActionsConfig:\n githubOwnedAllowed: true\n patternsAlloweds:\n - actions/cache@*\n - actions/checkout@*\n verifiedAllowed: true\n enabledOrganizationsConfig:\n organizationIds:\n - ${[\"example-org\"].id}\nvariables:\n example-enterprise:\n fn::invoke:\n Function: github:getEnterprise\n Arguments:\n slug: my-enterprise\n example-org:\n fn::invoke:\n Function: github:getOrganization\n Arguments:\n name: my-org\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nThis resource can be imported using the name of the GitHub enterprise:\n\n```sh\n $ pulumi import github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions test github_enterprise_name\n```\n ",
+ "properties": {
+ "allowedActions": {
+ "type": "string",
+ "description": "The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.\n"
+ },
+ "allowedActionsConfig": {
+ "$ref": "#/types/github:index/EnterpriseActionsPermissionsAllowedActionsConfig:EnterpriseActionsPermissionsAllowedActionsConfig",
+ "description": "Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.\n"
+ },
+ "enabledOrganizations": {
+ "type": "string",
+ "description": "The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.\n"
+ },
+ "enabledOrganizationsConfig": {
+ "$ref": "#/types/github:index/EnterpriseActionsPermissionsEnabledOrganizationsConfig:EnterpriseActionsPermissionsEnabledOrganizationsConfig",
+ "description": "Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.\n"
+ },
+ "enterpriseId": {
+ "type": "string",
+ "description": "The ID of the enterprise.\n"
+ }
+ },
+ "required": [
+ "enabledOrganizations",
+ "enterpriseId"
+ ],
+ "inputProperties": {
+ "allowedActions": {
+ "type": "string",
+ "description": "The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.\n"
+ },
+ "allowedActionsConfig": {
+ "$ref": "#/types/github:index/EnterpriseActionsPermissionsAllowedActionsConfig:EnterpriseActionsPermissionsAllowedActionsConfig",
+ "description": "Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.\n"
+ },
+ "enabledOrganizations": {
+ "type": "string",
+ "description": "The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.\n"
+ },
+ "enabledOrganizationsConfig": {
+ "$ref": "#/types/github:index/EnterpriseActionsPermissionsEnabledOrganizationsConfig:EnterpriseActionsPermissionsEnabledOrganizationsConfig",
+ "description": "Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.\n"
+ },
+ "enterpriseId": {
+ "type": "string",
+ "description": "The ID of the enterprise.\n",
+ "willReplaceOnChanges": true
+ }
+ },
+ "requiredInputs": [
+ "enabledOrganizations",
+ "enterpriseId"
+ ],
+ "stateInputs": {
+ "description": "Input properties used for looking up and filtering EnterpriseActionsPermissions resources.\n",
+ "properties": {
+ "allowedActions": {
+ "type": "string",
+ "description": "The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.\n"
+ },
+ "allowedActionsConfig": {
+ "$ref": "#/types/github:index/EnterpriseActionsPermissionsAllowedActionsConfig:EnterpriseActionsPermissionsAllowedActionsConfig",
+ "description": "Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.\n"
+ },
+ "enabledOrganizations": {
+ "type": "string",
+ "description": "The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.\n"
+ },
+ "enabledOrganizationsConfig": {
+ "$ref": "#/types/github:index/EnterpriseActionsPermissionsEnabledOrganizationsConfig:EnterpriseActionsPermissionsEnabledOrganizationsConfig",
+ "description": "Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.\n"
+ },
+ "enterpriseId": {
+ "type": "string",
+ "description": "The ID of the enterprise.\n",
+ "willReplaceOnChanges": true
+ }
+ },
+ "type": "object"
+ }
+ },
"github:index/enterpriseOrganization:EnterpriseOrganization": {
"description": "This resource allows you to create and manage a GitHub enterprise organization.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as github from \"@pulumi/github\";\n\nconst org = new github.EnterpriseOrganization(\"org\", {\n enterpriseId: data.github_enterprise.enterprise.id,\n displayName: \"Some Awesome Org\",\n description: \"Organization created with terraform\",\n billingEmail: \"jon@winteriscoming.com\",\n adminLogins: [\"jon-snow\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_github as github\n\norg = github.EnterpriseOrganization(\"org\",\n enterprise_id=data[\"github_enterprise\"][\"enterprise\"][\"id\"],\n display_name=\"Some Awesome Org\",\n description=\"Organization created with terraform\",\n billing_email=\"jon@winteriscoming.com\",\n admin_logins=[\"jon-snow\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Github = Pulumi.Github;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var org = new Github.EnterpriseOrganization(\"org\", new()\n {\n EnterpriseId = data.Github_enterprise.Enterprise.Id,\n DisplayName = \"Some Awesome Org\",\n Description = \"Organization created with terraform\",\n BillingEmail = \"jon@winteriscoming.com\",\n AdminLogins = new[]\n {\n \"jon-snow\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-github/sdk/v6/go/github\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := github.NewEnterpriseOrganization(ctx, \"org\", \u0026github.EnterpriseOrganizationArgs{\n\t\t\tEnterpriseId: pulumi.Any(data.Github_enterprise.Enterprise.Id),\n\t\t\tDisplayName: pulumi.String(\"Some Awesome Org\"),\n\t\t\tDescription: pulumi.String(\"Organization created with terraform\"),\n\t\t\tBillingEmail: pulumi.String(\"jon@winteriscoming.com\"),\n\t\t\tAdminLogins: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"jon-snow\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.github.EnterpriseOrganization;\nimport com.pulumi.github.EnterpriseOrganizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var org = new EnterpriseOrganization(\"org\", EnterpriseOrganizationArgs.builder() \n .enterpriseId(data.github_enterprise().enterprise().id())\n .displayName(\"Some Awesome Org\")\n .description(\"Organization created with terraform\")\n .billingEmail(\"jon@winteriscoming.com\")\n .adminLogins(\"jon-snow\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n org:\n type: github:EnterpriseOrganization\n properties:\n enterpriseId: ${data.github_enterprise.enterprise.id}\n displayName: Some Awesome Org\n description: Organization created with terraform\n billingEmail: jon@winteriscoming.com\n adminLogins:\n - jon-snow\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nGitHub Enterprise Organization can be imported using the `slug` of the enterprise, combined with the `orgname` of the organization, separated by a `/` character.\n\n```sh\n $ pulumi import github:index/enterpriseOrganization:EnterpriseOrganization org enterp/some-awesome-org\n```\n ",
"properties": {
diff --git a/sdk/dotnet/EnterpriseActionsPermissions.cs b/sdk/dotnet/EnterpriseActionsPermissions.cs
new file mode 100644
index 00000000..60e86304
--- /dev/null
+++ b/sdk/dotnet/EnterpriseActionsPermissions.cs
@@ -0,0 +1,223 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github
+{
+ ///
+ /// This resource allows you to create and manage GitHub Actions permissions within your GitHub enterprise.
+ /// You must have admin access to an enterprise to use this resource.
+ ///
+ /// ## Example Usage
+ ///
+ /// ```csharp
+ /// using System.Collections.Generic;
+ /// using System.Linq;
+ /// using Pulumi;
+ /// using Github = Pulumi.Github;
+ ///
+ /// return await Deployment.RunAsync(() =>
+ /// {
+ /// var example_enterprise = Github.GetEnterprise.Invoke(new()
+ /// {
+ /// Slug = "my-enterprise",
+ /// });
+ ///
+ /// var example_org = Github.GetOrganization.Invoke(new()
+ /// {
+ /// Name = "my-org",
+ /// });
+ ///
+ /// var test = new Github.EnterpriseActionsPermissions("test", new()
+ /// {
+ /// EnterpriseId = example_enterprise.Apply(example_enterprise => example_enterprise.Apply(getEnterpriseResult => getEnterpriseResult.Slug)),
+ /// AllowedActions = "selected",
+ /// EnabledOrganizations = "selected",
+ /// AllowedActionsConfig = new Github.Inputs.EnterpriseActionsPermissionsAllowedActionsConfigArgs
+ /// {
+ /// GithubOwnedAllowed = true,
+ /// PatternsAlloweds = new[]
+ /// {
+ /// "actions/cache@*",
+ /// "actions/checkout@*",
+ /// },
+ /// VerifiedAllowed = true,
+ /// },
+ /// EnabledOrganizationsConfig = new Github.Inputs.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs
+ /// {
+ /// OrganizationIds = new[]
+ /// {
+ /// example_org.Apply(example_org => example_org.Apply(getOrganizationResult => getOrganizationResult.Id)),
+ /// },
+ /// },
+ /// });
+ ///
+ /// });
+ /// ```
+ ///
+ /// ## Import
+ ///
+ /// This resource can be imported using the name of the GitHub enterprise:
+ ///
+ /// ```sh
+ /// $ pulumi import github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions test github_enterprise_name
+ /// ```
+ ///
+ [GithubResourceType("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions")]
+ public partial class EnterpriseActionsPermissions : global::Pulumi.CustomResource
+ {
+ ///
+ /// The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ ///
+ [Output("allowedActions")]
+ public Output AllowedActions { get; private set; } = null!;
+
+ ///
+ /// Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
+ ///
+ [Output("allowedActionsConfig")]
+ public Output AllowedActionsConfig { get; private set; } = null!;
+
+ ///
+ /// The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ ///
+ [Output("enabledOrganizations")]
+ public Output EnabledOrganizations { get; private set; } = null!;
+
+ ///
+ /// Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.
+ ///
+ [Output("enabledOrganizationsConfig")]
+ public Output EnabledOrganizationsConfig { get; private set; } = null!;
+
+ ///
+ /// The ID of the enterprise.
+ ///
+ [Output("enterpriseId")]
+ public Output EnterpriseId { get; private set; } = null!;
+
+
+ ///
+ /// Create a EnterpriseActionsPermissions resource with the given unique name, arguments, and options.
+ ///
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public EnterpriseActionsPermissions(string name, EnterpriseActionsPermissionsArgs args, CustomResourceOptions? options = null)
+ : base("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions", name, args ?? new EnterpriseActionsPermissionsArgs(), MakeResourceOptions(options, ""))
+ {
+ }
+
+ private EnterpriseActionsPermissions(string name, Input id, EnterpriseActionsPermissionsState? state = null, CustomResourceOptions? options = null)
+ : base("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions", name, state, MakeResourceOptions(options, id))
+ {
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ var merged = CustomResourceOptions.Merge(defaultOptions, options);
+ // Override the ID if one was specified for consistency with other language SDKs.
+ merged.Id = id ?? merged.Id;
+ return merged;
+ }
+ ///
+ /// Get an existing EnterpriseActionsPermissions resource's state with the given name, ID, and optional extra
+ /// properties used to qualify the lookup.
+ ///
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// Any extra arguments used during the lookup.
+ /// A bag of options that control this resource's behavior
+ public static EnterpriseActionsPermissions Get(string name, Input id, EnterpriseActionsPermissionsState? state = null, CustomResourceOptions? options = null)
+ {
+ return new EnterpriseActionsPermissions(name, id, state, options);
+ }
+ }
+
+ public sealed class EnterpriseActionsPermissionsArgs : global::Pulumi.ResourceArgs
+ {
+ ///
+ /// The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ ///
+ [Input("allowedActions")]
+ public Input? AllowedActions { get; set; }
+
+ ///
+ /// Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
+ ///
+ [Input("allowedActionsConfig")]
+ public Input? AllowedActionsConfig { get; set; }
+
+ ///
+ /// The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ ///
+ [Input("enabledOrganizations", required: true)]
+ public Input EnabledOrganizations { get; set; } = null!;
+
+ ///
+ /// Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.
+ ///
+ [Input("enabledOrganizationsConfig")]
+ public Input? EnabledOrganizationsConfig { get; set; }
+
+ ///
+ /// The ID of the enterprise.
+ ///
+ [Input("enterpriseId", required: true)]
+ public Input EnterpriseId { get; set; } = null!;
+
+ public EnterpriseActionsPermissionsArgs()
+ {
+ }
+ public static new EnterpriseActionsPermissionsArgs Empty => new EnterpriseActionsPermissionsArgs();
+ }
+
+ public sealed class EnterpriseActionsPermissionsState : global::Pulumi.ResourceArgs
+ {
+ ///
+ /// The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ ///
+ [Input("allowedActions")]
+ public Input? AllowedActions { get; set; }
+
+ ///
+ /// Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
+ ///
+ [Input("allowedActionsConfig")]
+ public Input? AllowedActionsConfig { get; set; }
+
+ ///
+ /// The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ ///
+ [Input("enabledOrganizations")]
+ public Input? EnabledOrganizations { get; set; }
+
+ ///
+ /// Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.
+ ///
+ [Input("enabledOrganizationsConfig")]
+ public Input? EnabledOrganizationsConfig { get; set; }
+
+ ///
+ /// The ID of the enterprise.
+ ///
+ [Input("enterpriseId")]
+ public Input? EnterpriseId { get; set; }
+
+ public EnterpriseActionsPermissionsState()
+ {
+ }
+ public static new EnterpriseActionsPermissionsState Empty => new EnterpriseActionsPermissionsState();
+ }
+}
diff --git a/sdk/dotnet/Inputs/EnterpriseActionsPermissionsAllowedActionsConfigArgs.cs b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsAllowedActionsConfigArgs.cs
new file mode 100644
index 00000000..61128940
--- /dev/null
+++ b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsAllowedActionsConfigArgs.cs
@@ -0,0 +1,44 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github.Inputs
+{
+
+ public sealed class EnterpriseActionsPermissionsAllowedActionsConfigArgs : global::Pulumi.ResourceArgs
+ {
+ ///
+ /// Whether GitHub-owned actions are allowed in the organization.
+ ///
+ [Input("githubOwnedAllowed", required: true)]
+ public Input GithubOwnedAllowed { get; set; } = null!;
+
+ [Input("patternsAlloweds")]
+ private InputList? _patternsAlloweds;
+
+ ///
+ /// Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+ ///
+ public InputList PatternsAlloweds
+ {
+ get => _patternsAlloweds ?? (_patternsAlloweds = new InputList());
+ set => _patternsAlloweds = value;
+ }
+
+ ///
+ /// Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+ ///
+ [Input("verifiedAllowed")]
+ public Input? VerifiedAllowed { get; set; }
+
+ public EnterpriseActionsPermissionsAllowedActionsConfigArgs()
+ {
+ }
+ public static new EnterpriseActionsPermissionsAllowedActionsConfigArgs Empty => new EnterpriseActionsPermissionsAllowedActionsConfigArgs();
+ }
+}
diff --git a/sdk/dotnet/Inputs/EnterpriseActionsPermissionsAllowedActionsConfigGetArgs.cs b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsAllowedActionsConfigGetArgs.cs
new file mode 100644
index 00000000..a422f1f1
--- /dev/null
+++ b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsAllowedActionsConfigGetArgs.cs
@@ -0,0 +1,44 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github.Inputs
+{
+
+ public sealed class EnterpriseActionsPermissionsAllowedActionsConfigGetArgs : global::Pulumi.ResourceArgs
+ {
+ ///
+ /// Whether GitHub-owned actions are allowed in the organization.
+ ///
+ [Input("githubOwnedAllowed", required: true)]
+ public Input GithubOwnedAllowed { get; set; } = null!;
+
+ [Input("patternsAlloweds")]
+ private InputList? _patternsAlloweds;
+
+ ///
+ /// Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+ ///
+ public InputList PatternsAlloweds
+ {
+ get => _patternsAlloweds ?? (_patternsAlloweds = new InputList());
+ set => _patternsAlloweds = value;
+ }
+
+ ///
+ /// Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+ ///
+ [Input("verifiedAllowed")]
+ public Input? VerifiedAllowed { get; set; }
+
+ public EnterpriseActionsPermissionsAllowedActionsConfigGetArgs()
+ {
+ }
+ public static new EnterpriseActionsPermissionsAllowedActionsConfigGetArgs Empty => new EnterpriseActionsPermissionsAllowedActionsConfigGetArgs();
+ }
+}
diff --git a/sdk/dotnet/Inputs/EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs.cs b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs.cs
new file mode 100644
index 00000000..66e944ef
--- /dev/null
+++ b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs.cs
@@ -0,0 +1,32 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github.Inputs
+{
+
+ public sealed class EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs : global::Pulumi.ResourceArgs
+ {
+ [Input("organizationIds", required: true)]
+ private InputList? _organizationIds;
+
+ ///
+ /// List of organization IDs to enable for GitHub Actions.
+ ///
+ public InputList OrganizationIds
+ {
+ get => _organizationIds ?? (_organizationIds = new InputList());
+ set => _organizationIds = value;
+ }
+
+ public EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs()
+ {
+ }
+ public static new EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs Empty => new EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs();
+ }
+}
diff --git a/sdk/dotnet/Inputs/EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs.cs b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs.cs
new file mode 100644
index 00000000..f88b4fae
--- /dev/null
+++ b/sdk/dotnet/Inputs/EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs.cs
@@ -0,0 +1,32 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github.Inputs
+{
+
+ public sealed class EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs : global::Pulumi.ResourceArgs
+ {
+ [Input("organizationIds", required: true)]
+ private InputList? _organizationIds;
+
+ ///
+ /// List of organization IDs to enable for GitHub Actions.
+ ///
+ public InputList OrganizationIds
+ {
+ get => _organizationIds ?? (_organizationIds = new InputList());
+ set => _organizationIds = value;
+ }
+
+ public EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs()
+ {
+ }
+ public static new EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs Empty => new EnterpriseActionsPermissionsEnabledOrganizationsConfigGetArgs();
+ }
+}
diff --git a/sdk/dotnet/Outputs/EnterpriseActionsPermissionsAllowedActionsConfig.cs b/sdk/dotnet/Outputs/EnterpriseActionsPermissionsAllowedActionsConfig.cs
new file mode 100644
index 00000000..2dce8de0
--- /dev/null
+++ b/sdk/dotnet/Outputs/EnterpriseActionsPermissionsAllowedActionsConfig.cs
@@ -0,0 +1,42 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github.Outputs
+{
+
+ [OutputType]
+ public sealed class EnterpriseActionsPermissionsAllowedActionsConfig
+ {
+ ///
+ /// Whether GitHub-owned actions are allowed in the organization.
+ ///
+ public readonly bool GithubOwnedAllowed;
+ ///
+ /// Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+ ///
+ public readonly ImmutableArray PatternsAlloweds;
+ ///
+ /// Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+ ///
+ public readonly bool? VerifiedAllowed;
+
+ [OutputConstructor]
+ private EnterpriseActionsPermissionsAllowedActionsConfig(
+ bool githubOwnedAllowed,
+
+ ImmutableArray patternsAlloweds,
+
+ bool? verifiedAllowed)
+ {
+ GithubOwnedAllowed = githubOwnedAllowed;
+ PatternsAlloweds = patternsAlloweds;
+ VerifiedAllowed = verifiedAllowed;
+ }
+ }
+}
diff --git a/sdk/dotnet/Outputs/EnterpriseActionsPermissionsEnabledOrganizationsConfig.cs b/sdk/dotnet/Outputs/EnterpriseActionsPermissionsEnabledOrganizationsConfig.cs
new file mode 100644
index 00000000..1b1026fd
--- /dev/null
+++ b/sdk/dotnet/Outputs/EnterpriseActionsPermissionsEnabledOrganizationsConfig.cs
@@ -0,0 +1,27 @@
+// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System;
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Github.Outputs
+{
+
+ [OutputType]
+ public sealed class EnterpriseActionsPermissionsEnabledOrganizationsConfig
+ {
+ ///
+ /// List of organization IDs to enable for GitHub Actions.
+ ///
+ public readonly ImmutableArray OrganizationIds;
+
+ [OutputConstructor]
+ private EnterpriseActionsPermissionsEnabledOrganizationsConfig(ImmutableArray organizationIds)
+ {
+ OrganizationIds = organizationIds;
+ }
+ }
+}
diff --git a/sdk/go/github/enterpriseActionsPermissions.go b/sdk/go/github/enterpriseActionsPermissions.go
new file mode 100644
index 00000000..813bde66
--- /dev/null
+++ b/sdk/go/github/enterpriseActionsPermissions.go
@@ -0,0 +1,350 @@
+// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
+// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
+
+package github
+
+import (
+ "context"
+ "reflect"
+
+ "errors"
+ "github.com/pulumi/pulumi-github/sdk/v6/go/github/internal"
+ "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+)
+
+// This resource allows you to create and manage GitHub Actions permissions within your GitHub enterprise.
+// You must have admin access to an enterprise to use this resource.
+//
+// ## Example Usage
+//
+// ```go
+// package main
+//
+// import (
+//
+// "github.com/pulumi/pulumi-github/sdk/v6/go/github"
+// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+//
+// )
+//
+// func main() {
+// pulumi.Run(func(ctx *pulumi.Context) error {
+// example_enterprise, err := github.GetEnterprise(ctx, &github.GetEnterpriseArgs{
+// Slug: "my-enterprise",
+// }, nil)
+// if err != nil {
+// return err
+// }
+// example_org, err := github.GetOrganization(ctx, &github.GetOrganizationArgs{
+// Name: "my-org",
+// }, nil)
+// if err != nil {
+// return err
+// }
+// _, err = github.NewEnterpriseActionsPermissions(ctx, "test", &github.EnterpriseActionsPermissionsArgs{
+// EnterpriseId: *pulumi.String(example_enterprise.Slug),
+// AllowedActions: pulumi.String("selected"),
+// EnabledOrganizations: pulumi.String("selected"),
+// AllowedActionsConfig: &github.EnterpriseActionsPermissionsAllowedActionsConfigArgs{
+// GithubOwnedAllowed: pulumi.Bool(true),
+// PatternsAlloweds: pulumi.StringArray{
+// pulumi.String("actions/cache@*"),
+// pulumi.String("actions/checkout@*"),
+// },
+// VerifiedAllowed: pulumi.Bool(true),
+// },
+// EnabledOrganizationsConfig: &github.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs{
+// OrganizationIds: pulumi.IntArray{
+// *pulumi.String(example_org.Id),
+// },
+// },
+// })
+// if err != nil {
+// return err
+// }
+// return nil
+// })
+// }
+//
+// ```
+//
+// ## Import
+//
+// This resource can be imported using the name of the GitHub enterprise:
+//
+// ```sh
+//
+// $ pulumi import github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions test github_enterprise_name
+//
+// ```
+type EnterpriseActionsPermissions struct {
+ pulumi.CustomResourceState
+
+ // The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `localOnly`, or `selected`.
+ AllowedActions pulumi.StringPtrOutput `pulumi:"allowedActions"`
+ // Sets the actions that are allowed in an enterprise. Only available when `allowedActions` = `selected`. See Allowed Actions Config below for details.
+ AllowedActionsConfig EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput `pulumi:"allowedActionsConfig"`
+ // The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ EnabledOrganizations pulumi.StringOutput `pulumi:"enabledOrganizations"`
+ // Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabledOrganizations` = `selected`. See Enabled Organizations Config below for details.
+ EnabledOrganizationsConfig EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput `pulumi:"enabledOrganizationsConfig"`
+ // The ID of the enterprise.
+ EnterpriseId pulumi.StringOutput `pulumi:"enterpriseId"`
+}
+
+// NewEnterpriseActionsPermissions registers a new resource with the given unique name, arguments, and options.
+func NewEnterpriseActionsPermissions(ctx *pulumi.Context,
+ name string, args *EnterpriseActionsPermissionsArgs, opts ...pulumi.ResourceOption) (*EnterpriseActionsPermissions, error) {
+ if args == nil {
+ return nil, errors.New("missing one or more required arguments")
+ }
+
+ if args.EnabledOrganizations == nil {
+ return nil, errors.New("invalid value for required argument 'EnabledOrganizations'")
+ }
+ if args.EnterpriseId == nil {
+ return nil, errors.New("invalid value for required argument 'EnterpriseId'")
+ }
+ opts = internal.PkgResourceDefaultOpts(opts)
+ var resource EnterpriseActionsPermissions
+ err := ctx.RegisterResource("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions", name, args, &resource, opts...)
+ if err != nil {
+ return nil, err
+ }
+ return &resource, nil
+}
+
+// GetEnterpriseActionsPermissions gets an existing EnterpriseActionsPermissions resource's state with the given name, ID, and optional
+// state properties that are used to uniquely qualify the lookup (nil if not required).
+func GetEnterpriseActionsPermissions(ctx *pulumi.Context,
+ name string, id pulumi.IDInput, state *EnterpriseActionsPermissionsState, opts ...pulumi.ResourceOption) (*EnterpriseActionsPermissions, error) {
+ var resource EnterpriseActionsPermissions
+ err := ctx.ReadResource("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions", name, id, state, &resource, opts...)
+ if err != nil {
+ return nil, err
+ }
+ return &resource, nil
+}
+
+// Input properties used for looking up and filtering EnterpriseActionsPermissions resources.
+type enterpriseActionsPermissionsState struct {
+ // The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `localOnly`, or `selected`.
+ AllowedActions *string `pulumi:"allowedActions"`
+ // Sets the actions that are allowed in an enterprise. Only available when `allowedActions` = `selected`. See Allowed Actions Config below for details.
+ AllowedActionsConfig *EnterpriseActionsPermissionsAllowedActionsConfig `pulumi:"allowedActionsConfig"`
+ // The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ EnabledOrganizations *string `pulumi:"enabledOrganizations"`
+ // Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabledOrganizations` = `selected`. See Enabled Organizations Config below for details.
+ EnabledOrganizationsConfig *EnterpriseActionsPermissionsEnabledOrganizationsConfig `pulumi:"enabledOrganizationsConfig"`
+ // The ID of the enterprise.
+ EnterpriseId *string `pulumi:"enterpriseId"`
+}
+
+type EnterpriseActionsPermissionsState struct {
+ // The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `localOnly`, or `selected`.
+ AllowedActions pulumi.StringPtrInput
+ // Sets the actions that are allowed in an enterprise. Only available when `allowedActions` = `selected`. See Allowed Actions Config below for details.
+ AllowedActionsConfig EnterpriseActionsPermissionsAllowedActionsConfigPtrInput
+ // The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ EnabledOrganizations pulumi.StringPtrInput
+ // Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabledOrganizations` = `selected`. See Enabled Organizations Config below for details.
+ EnabledOrganizationsConfig EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput
+ // The ID of the enterprise.
+ EnterpriseId pulumi.StringPtrInput
+}
+
+func (EnterpriseActionsPermissionsState) ElementType() reflect.Type {
+ return reflect.TypeOf((*enterpriseActionsPermissionsState)(nil)).Elem()
+}
+
+type enterpriseActionsPermissionsArgs struct {
+ // The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `localOnly`, or `selected`.
+ AllowedActions *string `pulumi:"allowedActions"`
+ // Sets the actions that are allowed in an enterprise. Only available when `allowedActions` = `selected`. See Allowed Actions Config below for details.
+ AllowedActionsConfig *EnterpriseActionsPermissionsAllowedActionsConfig `pulumi:"allowedActionsConfig"`
+ // The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ EnabledOrganizations string `pulumi:"enabledOrganizations"`
+ // Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabledOrganizations` = `selected`. See Enabled Organizations Config below for details.
+ EnabledOrganizationsConfig *EnterpriseActionsPermissionsEnabledOrganizationsConfig `pulumi:"enabledOrganizationsConfig"`
+ // The ID of the enterprise.
+ EnterpriseId string `pulumi:"enterpriseId"`
+}
+
+// The set of arguments for constructing a EnterpriseActionsPermissions resource.
+type EnterpriseActionsPermissionsArgs struct {
+ // The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `localOnly`, or `selected`.
+ AllowedActions pulumi.StringPtrInput
+ // Sets the actions that are allowed in an enterprise. Only available when `allowedActions` = `selected`. See Allowed Actions Config below for details.
+ AllowedActionsConfig EnterpriseActionsPermissionsAllowedActionsConfigPtrInput
+ // The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ EnabledOrganizations pulumi.StringInput
+ // Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabledOrganizations` = `selected`. See Enabled Organizations Config below for details.
+ EnabledOrganizationsConfig EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput
+ // The ID of the enterprise.
+ EnterpriseId pulumi.StringInput
+}
+
+func (EnterpriseActionsPermissionsArgs) ElementType() reflect.Type {
+ return reflect.TypeOf((*enterpriseActionsPermissionsArgs)(nil)).Elem()
+}
+
+type EnterpriseActionsPermissionsInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsOutput() EnterpriseActionsPermissionsOutput
+ ToEnterpriseActionsPermissionsOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsOutput
+}
+
+func (*EnterpriseActionsPermissions) ElementType() reflect.Type {
+ return reflect.TypeOf((**EnterpriseActionsPermissions)(nil)).Elem()
+}
+
+func (i *EnterpriseActionsPermissions) ToEnterpriseActionsPermissionsOutput() EnterpriseActionsPermissionsOutput {
+ return i.ToEnterpriseActionsPermissionsOutputWithContext(context.Background())
+}
+
+func (i *EnterpriseActionsPermissions) ToEnterpriseActionsPermissionsOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsOutput)
+}
+
+// EnterpriseActionsPermissionsArrayInput is an input type that accepts EnterpriseActionsPermissionsArray and EnterpriseActionsPermissionsArrayOutput values.
+// You can construct a concrete instance of `EnterpriseActionsPermissionsArrayInput` via:
+//
+// EnterpriseActionsPermissionsArray{ EnterpriseActionsPermissionsArgs{...} }
+type EnterpriseActionsPermissionsArrayInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsArrayOutput() EnterpriseActionsPermissionsArrayOutput
+ ToEnterpriseActionsPermissionsArrayOutputWithContext(context.Context) EnterpriseActionsPermissionsArrayOutput
+}
+
+type EnterpriseActionsPermissionsArray []EnterpriseActionsPermissionsInput
+
+func (EnterpriseActionsPermissionsArray) ElementType() reflect.Type {
+ return reflect.TypeOf((*[]*EnterpriseActionsPermissions)(nil)).Elem()
+}
+
+func (i EnterpriseActionsPermissionsArray) ToEnterpriseActionsPermissionsArrayOutput() EnterpriseActionsPermissionsArrayOutput {
+ return i.ToEnterpriseActionsPermissionsArrayOutputWithContext(context.Background())
+}
+
+func (i EnterpriseActionsPermissionsArray) ToEnterpriseActionsPermissionsArrayOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsArrayOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsArrayOutput)
+}
+
+// EnterpriseActionsPermissionsMapInput is an input type that accepts EnterpriseActionsPermissionsMap and EnterpriseActionsPermissionsMapOutput values.
+// You can construct a concrete instance of `EnterpriseActionsPermissionsMapInput` via:
+//
+// EnterpriseActionsPermissionsMap{ "key": EnterpriseActionsPermissionsArgs{...} }
+type EnterpriseActionsPermissionsMapInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsMapOutput() EnterpriseActionsPermissionsMapOutput
+ ToEnterpriseActionsPermissionsMapOutputWithContext(context.Context) EnterpriseActionsPermissionsMapOutput
+}
+
+type EnterpriseActionsPermissionsMap map[string]EnterpriseActionsPermissionsInput
+
+func (EnterpriseActionsPermissionsMap) ElementType() reflect.Type {
+ return reflect.TypeOf((*map[string]*EnterpriseActionsPermissions)(nil)).Elem()
+}
+
+func (i EnterpriseActionsPermissionsMap) ToEnterpriseActionsPermissionsMapOutput() EnterpriseActionsPermissionsMapOutput {
+ return i.ToEnterpriseActionsPermissionsMapOutputWithContext(context.Background())
+}
+
+func (i EnterpriseActionsPermissionsMap) ToEnterpriseActionsPermissionsMapOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsMapOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsMapOutput)
+}
+
+type EnterpriseActionsPermissionsOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((**EnterpriseActionsPermissions)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsOutput) ToEnterpriseActionsPermissionsOutput() EnterpriseActionsPermissionsOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsOutput) ToEnterpriseActionsPermissionsOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsOutput {
+ return o
+}
+
+// The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `localOnly`, or `selected`.
+func (o EnterpriseActionsPermissionsOutput) AllowedActions() pulumi.StringPtrOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissions) pulumi.StringPtrOutput { return v.AllowedActions }).(pulumi.StringPtrOutput)
+}
+
+// Sets the actions that are allowed in an enterprise. Only available when `allowedActions` = `selected`. See Allowed Actions Config below for details.
+func (o EnterpriseActionsPermissionsOutput) AllowedActionsConfig() EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissions) EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return v.AllowedActionsConfig
+ }).(EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput)
+}
+
+// The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+func (o EnterpriseActionsPermissionsOutput) EnabledOrganizations() pulumi.StringOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissions) pulumi.StringOutput { return v.EnabledOrganizations }).(pulumi.StringOutput)
+}
+
+// Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabledOrganizations` = `selected`. See Enabled Organizations Config below for details.
+func (o EnterpriseActionsPermissionsOutput) EnabledOrganizationsConfig() EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissions) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return v.EnabledOrganizationsConfig
+ }).(EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput)
+}
+
+// The ID of the enterprise.
+func (o EnterpriseActionsPermissionsOutput) EnterpriseId() pulumi.StringOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissions) pulumi.StringOutput { return v.EnterpriseId }).(pulumi.StringOutput)
+}
+
+type EnterpriseActionsPermissionsArrayOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsArrayOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((*[]*EnterpriseActionsPermissions)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsArrayOutput) ToEnterpriseActionsPermissionsArrayOutput() EnterpriseActionsPermissionsArrayOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsArrayOutput) ToEnterpriseActionsPermissionsArrayOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsArrayOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsArrayOutput) Index(i pulumi.IntInput) EnterpriseActionsPermissionsOutput {
+ return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EnterpriseActionsPermissions {
+ return vs[0].([]*EnterpriseActionsPermissions)[vs[1].(int)]
+ }).(EnterpriseActionsPermissionsOutput)
+}
+
+type EnterpriseActionsPermissionsMapOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsMapOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((*map[string]*EnterpriseActionsPermissions)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsMapOutput) ToEnterpriseActionsPermissionsMapOutput() EnterpriseActionsPermissionsMapOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsMapOutput) ToEnterpriseActionsPermissionsMapOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsMapOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsMapOutput) MapIndex(k pulumi.StringInput) EnterpriseActionsPermissionsOutput {
+ return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EnterpriseActionsPermissions {
+ return vs[0].(map[string]*EnterpriseActionsPermissions)[vs[1].(string)]
+ }).(EnterpriseActionsPermissionsOutput)
+}
+
+func init() {
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsInput)(nil)).Elem(), &EnterpriseActionsPermissions{})
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsArrayInput)(nil)).Elem(), EnterpriseActionsPermissionsArray{})
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsMapInput)(nil)).Elem(), EnterpriseActionsPermissionsMap{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsOutput{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsArrayOutput{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsMapOutput{})
+}
diff --git a/sdk/go/github/init.go b/sdk/go/github/init.go
index 9ac983b5..5f4eab0a 100644
--- a/sdk/go/github/init.go
+++ b/sdk/go/github/init.go
@@ -75,6 +75,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi
r = &DependabotSecret{}
case "github:index/emuGroupMapping:EmuGroupMapping":
r = &EmuGroupMapping{}
+ case "github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions":
+ r = &EnterpriseActionsPermissions{}
case "github:index/enterpriseOrganization:EnterpriseOrganization":
r = &EnterpriseOrganization{}
case "github:index/issue:Issue":
@@ -323,6 +325,11 @@ func init() {
"index/emuGroupMapping",
&module{version},
)
+ pulumi.RegisterResourceModule(
+ "github",
+ "index/enterpriseActionsPermissions",
+ &module{version},
+ )
pulumi.RegisterResourceModule(
"github",
"index/enterpriseOrganization",
diff --git a/sdk/go/github/pulumiTypes.go b/sdk/go/github/pulumiTypes.go
index e4b22556..8f94bf20 100644
--- a/sdk/go/github/pulumiTypes.go
+++ b/sdk/go/github/pulumiTypes.go
@@ -1747,6 +1747,318 @@ func (o BranchProtectionV3RestrictionsPtrOutput) Users() pulumi.StringArrayOutpu
}).(pulumi.StringArrayOutput)
}
+type EnterpriseActionsPermissionsAllowedActionsConfig struct {
+ // Whether GitHub-owned actions are allowed in the organization.
+ GithubOwnedAllowed bool `pulumi:"githubOwnedAllowed"`
+ // Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+ PatternsAlloweds []string `pulumi:"patternsAlloweds"`
+ // Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+ VerifiedAllowed *bool `pulumi:"verifiedAllowed"`
+}
+
+// EnterpriseActionsPermissionsAllowedActionsConfigInput is an input type that accepts EnterpriseActionsPermissionsAllowedActionsConfigArgs and EnterpriseActionsPermissionsAllowedActionsConfigOutput values.
+// You can construct a concrete instance of `EnterpriseActionsPermissionsAllowedActionsConfigInput` via:
+//
+// EnterpriseActionsPermissionsAllowedActionsConfigArgs{...}
+type EnterpriseActionsPermissionsAllowedActionsConfigInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsAllowedActionsConfigOutput() EnterpriseActionsPermissionsAllowedActionsConfigOutput
+ ToEnterpriseActionsPermissionsAllowedActionsConfigOutputWithContext(context.Context) EnterpriseActionsPermissionsAllowedActionsConfigOutput
+}
+
+type EnterpriseActionsPermissionsAllowedActionsConfigArgs struct {
+ // Whether GitHub-owned actions are allowed in the organization.
+ GithubOwnedAllowed pulumi.BoolInput `pulumi:"githubOwnedAllowed"`
+ // Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+ PatternsAlloweds pulumi.StringArrayInput `pulumi:"patternsAlloweds"`
+ // Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+ VerifiedAllowed pulumi.BoolPtrInput `pulumi:"verifiedAllowed"`
+}
+
+func (EnterpriseActionsPermissionsAllowedActionsConfigArgs) ElementType() reflect.Type {
+ return reflect.TypeOf((*EnterpriseActionsPermissionsAllowedActionsConfig)(nil)).Elem()
+}
+
+func (i EnterpriseActionsPermissionsAllowedActionsConfigArgs) ToEnterpriseActionsPermissionsAllowedActionsConfigOutput() EnterpriseActionsPermissionsAllowedActionsConfigOutput {
+ return i.ToEnterpriseActionsPermissionsAllowedActionsConfigOutputWithContext(context.Background())
+}
+
+func (i EnterpriseActionsPermissionsAllowedActionsConfigArgs) ToEnterpriseActionsPermissionsAllowedActionsConfigOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsAllowedActionsConfigOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsAllowedActionsConfigOutput)
+}
+
+func (i EnterpriseActionsPermissionsAllowedActionsConfigArgs) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutput() EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return i.ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(context.Background())
+}
+
+func (i EnterpriseActionsPermissionsAllowedActionsConfigArgs) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsAllowedActionsConfigOutput).ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(ctx)
+}
+
+// EnterpriseActionsPermissionsAllowedActionsConfigPtrInput is an input type that accepts EnterpriseActionsPermissionsAllowedActionsConfigArgs, EnterpriseActionsPermissionsAllowedActionsConfigPtr and EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput values.
+// You can construct a concrete instance of `EnterpriseActionsPermissionsAllowedActionsConfigPtrInput` via:
+//
+// EnterpriseActionsPermissionsAllowedActionsConfigArgs{...}
+//
+// or:
+//
+// nil
+type EnterpriseActionsPermissionsAllowedActionsConfigPtrInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutput() EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput
+ ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(context.Context) EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput
+}
+
+type enterpriseActionsPermissionsAllowedActionsConfigPtrType EnterpriseActionsPermissionsAllowedActionsConfigArgs
+
+func EnterpriseActionsPermissionsAllowedActionsConfigPtr(v *EnterpriseActionsPermissionsAllowedActionsConfigArgs) EnterpriseActionsPermissionsAllowedActionsConfigPtrInput {
+ return (*enterpriseActionsPermissionsAllowedActionsConfigPtrType)(v)
+}
+
+func (*enterpriseActionsPermissionsAllowedActionsConfigPtrType) ElementType() reflect.Type {
+ return reflect.TypeOf((**EnterpriseActionsPermissionsAllowedActionsConfig)(nil)).Elem()
+}
+
+func (i *enterpriseActionsPermissionsAllowedActionsConfigPtrType) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutput() EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return i.ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(context.Background())
+}
+
+func (i *enterpriseActionsPermissionsAllowedActionsConfigPtrType) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput)
+}
+
+type EnterpriseActionsPermissionsAllowedActionsConfigOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsAllowedActionsConfigOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((*EnterpriseActionsPermissionsAllowedActionsConfig)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) ToEnterpriseActionsPermissionsAllowedActionsConfigOutput() EnterpriseActionsPermissionsAllowedActionsConfigOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) ToEnterpriseActionsPermissionsAllowedActionsConfigOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsAllowedActionsConfigOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutput() EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return o.ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(context.Background())
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return o.ApplyTWithContext(ctx, func(_ context.Context, v EnterpriseActionsPermissionsAllowedActionsConfig) *EnterpriseActionsPermissionsAllowedActionsConfig {
+ return &v
+ }).(EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput)
+}
+
+// Whether GitHub-owned actions are allowed in the organization.
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) GithubOwnedAllowed() pulumi.BoolOutput {
+ return o.ApplyT(func(v EnterpriseActionsPermissionsAllowedActionsConfig) bool { return v.GithubOwnedAllowed }).(pulumi.BoolOutput)
+}
+
+// Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) PatternsAlloweds() pulumi.StringArrayOutput {
+ return o.ApplyT(func(v EnterpriseActionsPermissionsAllowedActionsConfig) []string { return v.PatternsAlloweds }).(pulumi.StringArrayOutput)
+}
+
+// Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+func (o EnterpriseActionsPermissionsAllowedActionsConfigOutput) VerifiedAllowed() pulumi.BoolPtrOutput {
+ return o.ApplyT(func(v EnterpriseActionsPermissionsAllowedActionsConfig) *bool { return v.VerifiedAllowed }).(pulumi.BoolPtrOutput)
+}
+
+type EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((**EnterpriseActionsPermissionsAllowedActionsConfig)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutput() EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) ToEnterpriseActionsPermissionsAllowedActionsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) Elem() EnterpriseActionsPermissionsAllowedActionsConfigOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissionsAllowedActionsConfig) EnterpriseActionsPermissionsAllowedActionsConfig {
+ if v != nil {
+ return *v
+ }
+ var ret EnterpriseActionsPermissionsAllowedActionsConfig
+ return ret
+ }).(EnterpriseActionsPermissionsAllowedActionsConfigOutput)
+}
+
+// Whether GitHub-owned actions are allowed in the organization.
+func (o EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) GithubOwnedAllowed() pulumi.BoolPtrOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissionsAllowedActionsConfig) *bool {
+ if v == nil {
+ return nil
+ }
+ return &v.GithubOwnedAllowed
+ }).(pulumi.BoolPtrOutput)
+}
+
+// Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."
+func (o EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) PatternsAlloweds() pulumi.StringArrayOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissionsAllowedActionsConfig) []string {
+ if v == nil {
+ return nil
+ }
+ return v.PatternsAlloweds
+ }).(pulumi.StringArrayOutput)
+}
+
+// Whether actions in GitHub Marketplace from verified creators are allowed. Set to true to allow all GitHub Marketplace actions by verified creators.
+func (o EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput) VerifiedAllowed() pulumi.BoolPtrOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissionsAllowedActionsConfig) *bool {
+ if v == nil {
+ return nil
+ }
+ return v.VerifiedAllowed
+ }).(pulumi.BoolPtrOutput)
+}
+
+type EnterpriseActionsPermissionsEnabledOrganizationsConfig struct {
+ // List of organization IDs to enable for GitHub Actions.
+ OrganizationIds []int `pulumi:"organizationIds"`
+}
+
+// EnterpriseActionsPermissionsEnabledOrganizationsConfigInput is an input type that accepts EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs and EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput values.
+// You can construct a concrete instance of `EnterpriseActionsPermissionsEnabledOrganizationsConfigInput` via:
+//
+// EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs{...}
+type EnterpriseActionsPermissionsEnabledOrganizationsConfigInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput
+ ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutputWithContext(context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput
+}
+
+type EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs struct {
+ // List of organization IDs to enable for GitHub Actions.
+ OrganizationIds pulumi.IntArrayInput `pulumi:"organizationIds"`
+}
+
+func (EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs) ElementType() reflect.Type {
+ return reflect.TypeOf((*EnterpriseActionsPermissionsEnabledOrganizationsConfig)(nil)).Elem()
+}
+
+func (i EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput {
+ return i.ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutputWithContext(context.Background())
+}
+
+func (i EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput)
+}
+
+func (i EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return i.ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(context.Background())
+}
+
+func (i EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput).ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(ctx)
+}
+
+// EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput is an input type that accepts EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs, EnterpriseActionsPermissionsEnabledOrganizationsConfigPtr and EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput values.
+// You can construct a concrete instance of `EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput` via:
+//
+// EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs{...}
+//
+// or:
+//
+// nil
+type EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput interface {
+ pulumi.Input
+
+ ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput
+ ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput
+}
+
+type enterpriseActionsPermissionsEnabledOrganizationsConfigPtrType EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs
+
+func EnterpriseActionsPermissionsEnabledOrganizationsConfigPtr(v *EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput {
+ return (*enterpriseActionsPermissionsEnabledOrganizationsConfigPtrType)(v)
+}
+
+func (*enterpriseActionsPermissionsEnabledOrganizationsConfigPtrType) ElementType() reflect.Type {
+ return reflect.TypeOf((**EnterpriseActionsPermissionsEnabledOrganizationsConfig)(nil)).Elem()
+}
+
+func (i *enterpriseActionsPermissionsEnabledOrganizationsConfigPtrType) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return i.ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(context.Background())
+}
+
+func (i *enterpriseActionsPermissionsEnabledOrganizationsConfigPtrType) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return pulumi.ToOutputWithContext(ctx, i).(EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput)
+}
+
+type EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((*EnterpriseActionsPermissionsEnabledOrganizationsConfig)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return o.ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(context.Background())
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return o.ApplyTWithContext(ctx, func(_ context.Context, v EnterpriseActionsPermissionsEnabledOrganizationsConfig) *EnterpriseActionsPermissionsEnabledOrganizationsConfig {
+ return &v
+ }).(EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput)
+}
+
+// List of organization IDs to enable for GitHub Actions.
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput) OrganizationIds() pulumi.IntArrayOutput {
+ return o.ApplyT(func(v EnterpriseActionsPermissionsEnabledOrganizationsConfig) []int { return v.OrganizationIds }).(pulumi.IntArrayOutput)
+}
+
+type EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput struct{ *pulumi.OutputState }
+
+func (EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput) ElementType() reflect.Type {
+ return reflect.TypeOf((**EnterpriseActionsPermissionsEnabledOrganizationsConfig)(nil)).Elem()
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput() EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput) ToEnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutputWithContext(ctx context.Context) EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput {
+ return o
+}
+
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput) Elem() EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissionsEnabledOrganizationsConfig) EnterpriseActionsPermissionsEnabledOrganizationsConfig {
+ if v != nil {
+ return *v
+ }
+ var ret EnterpriseActionsPermissionsEnabledOrganizationsConfig
+ return ret
+ }).(EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput)
+}
+
+// List of organization IDs to enable for GitHub Actions.
+func (o EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput) OrganizationIds() pulumi.IntArrayOutput {
+ return o.ApplyT(func(v *EnterpriseActionsPermissionsEnabledOrganizationsConfig) []int {
+ if v == nil {
+ return nil
+ }
+ return v.OrganizationIds
+ }).(pulumi.IntArrayOutput)
+}
+
type IssueLabelsLabel struct {
// A 6 character hex code, **without the leading #**, identifying the color of the label.
Color string `pulumi:"color"`
@@ -14404,6 +14716,10 @@ func init() {
pulumi.RegisterInputType(reflect.TypeOf((*BranchProtectionV3RequiredStatusChecksPtrInput)(nil)).Elem(), BranchProtectionV3RequiredStatusChecksArgs{})
pulumi.RegisterInputType(reflect.TypeOf((*BranchProtectionV3RestrictionsInput)(nil)).Elem(), BranchProtectionV3RestrictionsArgs{})
pulumi.RegisterInputType(reflect.TypeOf((*BranchProtectionV3RestrictionsPtrInput)(nil)).Elem(), BranchProtectionV3RestrictionsArgs{})
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsAllowedActionsConfigInput)(nil)).Elem(), EnterpriseActionsPermissionsAllowedActionsConfigArgs{})
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsAllowedActionsConfigPtrInput)(nil)).Elem(), EnterpriseActionsPermissionsAllowedActionsConfigArgs{})
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsEnabledOrganizationsConfigInput)(nil)).Elem(), EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs{})
+ pulumi.RegisterInputType(reflect.TypeOf((*EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrInput)(nil)).Elem(), EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs{})
pulumi.RegisterInputType(reflect.TypeOf((*IssueLabelsLabelInput)(nil)).Elem(), IssueLabelsLabelArgs{})
pulumi.RegisterInputType(reflect.TypeOf((*IssueLabelsLabelArrayInput)(nil)).Elem(), IssueLabelsLabelArray{})
pulumi.RegisterInputType(reflect.TypeOf((*OrganizationRulesetBypassActorInput)(nil)).Elem(), OrganizationRulesetBypassActorArgs{})
@@ -14588,6 +14904,10 @@ func init() {
pulumi.RegisterOutputType(BranchProtectionV3RequiredStatusChecksPtrOutput{})
pulumi.RegisterOutputType(BranchProtectionV3RestrictionsOutput{})
pulumi.RegisterOutputType(BranchProtectionV3RestrictionsPtrOutput{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsAllowedActionsConfigOutput{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsAllowedActionsConfigPtrOutput{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsEnabledOrganizationsConfigOutput{})
+ pulumi.RegisterOutputType(EnterpriseActionsPermissionsEnabledOrganizationsConfigPtrOutput{})
pulumi.RegisterOutputType(IssueLabelsLabelOutput{})
pulumi.RegisterOutputType(IssueLabelsLabelArrayOutput{})
pulumi.RegisterOutputType(OrganizationRulesetBypassActorOutput{})
diff --git a/sdk/java/src/main/java/com/pulumi/github/EnterpriseActionsPermissions.java b/sdk/java/src/main/java/com/pulumi/github/EnterpriseActionsPermissions.java
new file mode 100644
index 00000000..e689deec
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/github/EnterpriseActionsPermissions.java
@@ -0,0 +1,208 @@
+// *** WARNING: this file was generated by pulumi-java-gen. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.github;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Export;
+import com.pulumi.core.annotations.ResourceType;
+import com.pulumi.core.internal.Codegen;
+import com.pulumi.github.EnterpriseActionsPermissionsArgs;
+import com.pulumi.github.Utilities;
+import com.pulumi.github.inputs.EnterpriseActionsPermissionsState;
+import com.pulumi.github.outputs.EnterpriseActionsPermissionsAllowedActionsConfig;
+import com.pulumi.github.outputs.EnterpriseActionsPermissionsEnabledOrganizationsConfig;
+import java.lang.String;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+/**
+ * This resource allows you to create and manage GitHub Actions permissions within your GitHub enterprise.
+ * You must have admin access to an enterprise to use this resource.
+ *
+ * ## Example Usage
+ * ```java
+ * package generated_program;
+ *
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.github.GithubFunctions;
+ * import com.pulumi.github.inputs.GetEnterpriseArgs;
+ * import com.pulumi.github.inputs.GetOrganizationArgs;
+ * import com.pulumi.github.EnterpriseActionsPermissions;
+ * import com.pulumi.github.EnterpriseActionsPermissionsArgs;
+ * import com.pulumi.github.inputs.EnterpriseActionsPermissionsAllowedActionsConfigArgs;
+ * import com.pulumi.github.inputs.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ *
+ * public class App {
+ * public static void main(String[] args) {
+ * Pulumi.run(App::stack);
+ * }
+ *
+ * public static void stack(Context ctx) {
+ * final var example-enterprise = GithubFunctions.getEnterprise(GetEnterpriseArgs.builder()
+ * .slug("my-enterprise")
+ * .build());
+ *
+ * final var example-org = GithubFunctions.getOrganization(GetOrganizationArgs.builder()
+ * .name("my-org")
+ * .build());
+ *
+ * var test = new EnterpriseActionsPermissions("test", EnterpriseActionsPermissionsArgs.builder()
+ * .enterpriseId(example_enterprise.slug())
+ * .allowedActions("selected")
+ * .enabledOrganizations("selected")
+ * .allowedActionsConfig(EnterpriseActionsPermissionsAllowedActionsConfigArgs.builder()
+ * .githubOwnedAllowed(true)
+ * .patternsAlloweds(
+ * "actions/cache@*",
+ * "actions/checkout@*")
+ * .verifiedAllowed(true)
+ * .build())
+ * .enabledOrganizationsConfig(EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs.builder()
+ * .organizationIds(example_org.id())
+ * .build())
+ * .build());
+ *
+ * }
+ * }
+ * ```
+ *
+ * ## Import
+ *
+ * This resource can be imported using the name of the GitHub enterprise:
+ *
+ * ```sh
+ * $ pulumi import github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions test github_enterprise_name
+ * ```
+ *
+ */
+@ResourceType(type="github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions")
+public class EnterpriseActionsPermissions extends com.pulumi.resources.CustomResource {
+ /**
+ * The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ *
+ */
+ @Export(name="allowedActions", refs={String.class}, tree="[0]")
+ private Output* @Nullable */ String> allowedActions;
+
+ /**
+ * @return The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ *
+ */
+ public Output> allowedActions() {
+ return Codegen.optional(this.allowedActions);
+ }
+ /**
+ * Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
+ *
+ */
+ @Export(name="allowedActionsConfig", refs={EnterpriseActionsPermissionsAllowedActionsConfig.class}, tree="[0]")
+ private Output* @Nullable */ EnterpriseActionsPermissionsAllowedActionsConfig> allowedActionsConfig;
+
+ /**
+ * @return Sets the actions that are allowed in an enterprise. Only available when `allowed_actions` = `selected`. See Allowed Actions Config below for details.
+ *
+ */
+ public Output> allowedActionsConfig() {
+ return Codegen.optional(this.allowedActionsConfig);
+ }
+ /**
+ * The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ *
+ */
+ @Export(name="enabledOrganizations", refs={String.class}, tree="[0]")
+ private Output enabledOrganizations;
+
+ /**
+ * @return The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions. Can be one of: `all`, `none`, or `selected`.
+ *
+ */
+ public Output enabledOrganizations() {
+ return this.enabledOrganizations;
+ }
+ /**
+ * Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.
+ *
+ */
+ @Export(name="enabledOrganizationsConfig", refs={EnterpriseActionsPermissionsEnabledOrganizationsConfig.class}, tree="[0]")
+ private Output* @Nullable */ EnterpriseActionsPermissionsEnabledOrganizationsConfig> enabledOrganizationsConfig;
+
+ /**
+ * @return Sets the list of selected organizations that are enabled for GitHub Actions in an enterprise. Only available when `enabled_organizations` = `selected`. See Enabled Organizations Config below for details.
+ *
+ */
+ public Output> enabledOrganizationsConfig() {
+ return Codegen.optional(this.enabledOrganizationsConfig);
+ }
+ /**
+ * The ID of the enterprise.
+ *
+ */
+ @Export(name="enterpriseId", refs={String.class}, tree="[0]")
+ private Output enterpriseId;
+
+ /**
+ * @return The ID of the enterprise.
+ *
+ */
+ public Output enterpriseId() {
+ return this.enterpriseId;
+ }
+
+ /**
+ *
+ * @param name The _unique_ name of the resulting resource.
+ */
+ public EnterpriseActionsPermissions(String name) {
+ this(name, EnterpriseActionsPermissionsArgs.Empty);
+ }
+ /**
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param args The arguments to use to populate this resource's properties.
+ */
+ public EnterpriseActionsPermissions(String name, EnterpriseActionsPermissionsArgs args) {
+ this(name, args, null);
+ }
+ /**
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param options A bag of options that control this resource's behavior.
+ */
+ public EnterpriseActionsPermissions(String name, EnterpriseActionsPermissionsArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ super("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions", name, args == null ? EnterpriseActionsPermissionsArgs.Empty : args, makeResourceOptions(options, Codegen.empty()));
+ }
+
+ private EnterpriseActionsPermissions(String name, Output id, @Nullable EnterpriseActionsPermissionsState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ super("github:index/enterpriseActionsPermissions:EnterpriseActionsPermissions", name, state, makeResourceOptions(options, id));
+ }
+
+ private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
+ var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
+ .version(Utilities.getVersion())
+ .build();
+ return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
+ }
+
+ /**
+ * Get an existing Host resource's state with the given name, ID, and optional extra
+ * properties used to qualify the lookup.
+ *
+ * @param name The _unique_ name of the resulting resource.
+ * @param id The _unique_ provider ID of the resource to lookup.
+ * @param state
+ * @param options Optional settings to control the behavior of the CustomResource.
+ */
+ public static EnterpriseActionsPermissions get(String name, Output id, @Nullable EnterpriseActionsPermissionsState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
+ return new EnterpriseActionsPermissions(name, id, state, options);
+ }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/github/EnterpriseActionsPermissionsArgs.java b/sdk/java/src/main/java/com/pulumi/github/EnterpriseActionsPermissionsArgs.java
new file mode 100644
index 00000000..8092278d
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/github/EnterpriseActionsPermissionsArgs.java
@@ -0,0 +1,240 @@
+// *** WARNING: this file was generated by pulumi-java-gen. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.github;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import com.pulumi.github.inputs.EnterpriseActionsPermissionsAllowedActionsConfigArgs;
+import com.pulumi.github.inputs.EnterpriseActionsPermissionsEnabledOrganizationsConfigArgs;
+import java.lang.String;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class EnterpriseActionsPermissionsArgs extends com.pulumi.resources.ResourceArgs {
+
+ public static final EnterpriseActionsPermissionsArgs Empty = new EnterpriseActionsPermissionsArgs();
+
+ /**
+ * The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ *
+ */
+ @Import(name="allowedActions")
+ private @Nullable Output allowedActions;
+
+ /**
+ * @return The permissions policy that controls the actions that are allowed to run. Can be one of: `all`, `local_only`, or `selected`.
+ *
+ */
+ public Optional