com.pulumi.azure.containerservice.Registry Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure Show documentation
Show all versions of azure Show documentation
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Native provides complete coverage of Azure resources and same-day access to new resources and resource updates.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.azure.containerservice;
import com.pulumi.azure.Utilities;
import com.pulumi.azure.containerservice.RegistryArgs;
import com.pulumi.azure.containerservice.inputs.RegistryState;
import com.pulumi.azure.containerservice.outputs.RegistryEncryption;
import com.pulumi.azure.containerservice.outputs.RegistryGeoreplication;
import com.pulumi.azure.containerservice.outputs.RegistryIdentity;
import com.pulumi.azure.containerservice.outputs.RegistryNetworkRuleSet;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Nullable;
/**
* Manages an Azure Container Registry.
*
* ## Example Usage
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.containerservice.Registry;
* import com.pulumi.azure.containerservice.RegistryArgs;
* import com.pulumi.azure.containerservice.inputs.RegistryGeoreplicationArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
*
* var acr = new Registry("acr", RegistryArgs.builder()
* .name("containerRegistry1")
* .resourceGroupName(example.name())
* .location(example.location())
* .sku("Premium")
* .adminEnabled(false)
* .georeplications(
* RegistryGeoreplicationArgs.builder()
* .location("East US")
* .zoneRedundancyEnabled(true)
* .tags()
* .build(),
* RegistryGeoreplicationArgs.builder()
* .location("North Europe")
* .zoneRedundancyEnabled(true)
* .tags()
* .build())
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ### Encryption)
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.authorization.UserAssignedIdentity;
* import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
* import com.pulumi.azure.keyvault.KeyvaultFunctions;
* import com.pulumi.azure.keyvault.inputs.GetKeyArgs;
* import com.pulumi.azure.containerservice.Registry;
* import com.pulumi.azure.containerservice.RegistryArgs;
* import com.pulumi.azure.containerservice.inputs.RegistryIdentityArgs;
* import com.pulumi.azure.containerservice.inputs.RegistryEncryptionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
*
* var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
* .resourceGroupName(exampleResourceGroup.name())
* .location(exampleResourceGroup.location())
* .name("registry-uai")
* .build());
*
* final var example = KeyvaultFunctions.getKey(GetKeyArgs.builder()
* .name("super-secret")
* .keyVaultId(existing.id())
* .build());
*
* var acr = new Registry("acr", RegistryArgs.builder()
* .name("containerRegistry1")
* .resourceGroupName(exampleResourceGroup.name())
* .location(exampleResourceGroup.location())
* .sku("Premium")
* .identity(RegistryIdentityArgs.builder()
* .type("UserAssigned")
* .identityIds(exampleUserAssignedIdentity.id())
* .build())
* .encryption(RegistryEncryptionArgs.builder()
* .enabled(true)
* .keyVaultKeyId(example.applyValue(getKeyResult -> getKeyResult.id()))
* .identityClientId(exampleUserAssignedIdentity.clientId())
* .build())
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ### Attaching A Container Registry To A Kubernetes Cluster)
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.containerservice.Registry;
* import com.pulumi.azure.containerservice.RegistryArgs;
* import com.pulumi.azure.containerservice.KubernetesCluster;
* import com.pulumi.azure.containerservice.KubernetesClusterArgs;
* import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
* import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
* import com.pulumi.azure.authorization.Assignment;
* import com.pulumi.azure.authorization.AssignmentArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
*
* var exampleRegistry = new Registry("exampleRegistry", RegistryArgs.builder()
* .name("containerRegistry1")
* .resourceGroupName(example.name())
* .location(example.location())
* .sku("Premium")
* .build());
*
* var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()
* .name("example-aks1")
* .location(example.location())
* .resourceGroupName(example.name())
* .dnsPrefix("exampleaks1")
* .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
* .name("default")
* .nodeCount(1)
* .vmSize("Standard_D2_v2")
* .build())
* .identity(KubernetesClusterIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .tags(Map.of("Environment", "Production"))
* .build());
*
* var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
* .principalId(exampleKubernetesCluster.kubeletIdentity().applyValue(kubeletIdentity -> kubeletIdentity.objectId()))
* .roleDefinitionName("AcrPull")
* .scope(exampleRegistry.id())
* .skipServicePrincipalAadCheck(true)
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ## Import
*
* Container Registries can be imported using the `resource id`, e.g.
*
* ```sh
* $ pulumi import azure:containerservice/registry:Registry example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ContainerRegistry/registries/myregistry1
* ```
*
*/
@ResourceType(type="azure:containerservice/registry:Registry")
public class Registry extends com.pulumi.resources.CustomResource {
/**
* Specifies whether the admin user is enabled. Defaults to `false`.
*
*/
@Export(name="adminEnabled", refs={Boolean.class}, tree="[0]")
private Output adminEnabled;
/**
* @return Specifies whether the admin user is enabled. Defaults to `false`.
*
*/
public Output> adminEnabled() {
return Codegen.optional(this.adminEnabled);
}
/**
* The Password associated with the Container Registry Admin account - if the admin account is enabled.
*
*/
@Export(name="adminPassword", refs={String.class}, tree="[0]")
private Output adminPassword;
/**
* @return The Password associated with the Container Registry Admin account - if the admin account is enabled.
*
*/
public Output adminPassword() {
return this.adminPassword;
}
/**
* The Username associated with the Container Registry Admin account - if the admin account is enabled.
*
*/
@Export(name="adminUsername", refs={String.class}, tree="[0]")
private Output adminUsername;
/**
* @return The Username associated with the Container Registry Admin account - if the admin account is enabled.
*
*/
public Output adminUsername() {
return this.adminUsername;
}
/**
* Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the `Standard` or `Premium` SKU.
*
*/
@Export(name="anonymousPullEnabled", refs={Boolean.class}, tree="[0]")
private Output anonymousPullEnabled;
/**
* @return Whether allows anonymous (unauthenticated) pull access to this Container Registry? This is only supported on resources with the `Standard` or `Premium` SKU.
*
*/
public Output> anonymousPullEnabled() {
return Codegen.optional(this.anonymousPullEnabled);
}
/**
* Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the `Premium` SKU.
*
*/
@Export(name="dataEndpointEnabled", refs={Boolean.class}, tree="[0]")
private Output dataEndpointEnabled;
/**
* @return Whether to enable dedicated data endpoints for this Container Registry? This is only supported on resources with the `Premium` SKU.
*
*/
public Output> dataEndpointEnabled() {
return Codegen.optional(this.dataEndpointEnabled);
}
/**
* An `encryption` block as documented below.
*
*/
@Export(name="encryption", refs={RegistryEncryption.class}, tree="[0]")
private Output encryption;
/**
* @return An `encryption` block as documented below.
*
*/
public Output encryption() {
return this.encryption;
}
/**
* Boolean value that indicates whether export policy is enabled. Defaults to `true`. In order to set it to `false`, make sure the `public_network_access_enabled` is also set to `false`.
*
* > **NOTE:** `quarantine_policy_enabled`, `retention_policy_in_days`, `trust_policy_enabled`, `export_policy_enabled` and `zone_redundancy_enabled` are only supported on resources with the `Premium` SKU.
*
*/
@Export(name="exportPolicyEnabled", refs={Boolean.class}, tree="[0]")
private Output exportPolicyEnabled;
/**
* @return Boolean value that indicates whether export policy is enabled. Defaults to `true`. In order to set it to `false`, make sure the `public_network_access_enabled` is also set to `false`.
*
* > **NOTE:** `quarantine_policy_enabled`, `retention_policy_in_days`, `trust_policy_enabled`, `export_policy_enabled` and `zone_redundancy_enabled` are only supported on resources with the `Premium` SKU.
*
*/
public Output> exportPolicyEnabled() {
return Codegen.optional(this.exportPolicyEnabled);
}
/**
* One or more `georeplications` blocks as documented below.
*
* > **NOTE:** The `georeplications` is only supported on new resources with the `Premium` SKU.
*
* > **NOTE:** The `georeplications` list cannot contain the location where the Container Registry exists.
*
* > **NOTE:** If more than one `georeplications` block is specified, they are expected to follow the alphabetic order on the `location` property.
*
*/
@Export(name="georeplications", refs={List.class,RegistryGeoreplication.class}, tree="[0,1]")
private Output> georeplications;
/**
* @return One or more `georeplications` blocks as documented below.
*
* > **NOTE:** The `georeplications` is only supported on new resources with the `Premium` SKU.
*
* > **NOTE:** The `georeplications` list cannot contain the location where the Container Registry exists.
*
* > **NOTE:** If more than one `georeplications` block is specified, they are expected to follow the alphabetic order on the `location` property.
*
*/
public Output>> georeplications() {
return Codegen.optional(this.georeplications);
}
/**
* An `identity` block as defined below.
*
*/
@Export(name="identity", refs={RegistryIdentity.class}, tree="[0]")
private Output identity;
/**
* @return An `identity` block as defined below.
*
*/
public Output> identity() {
return Codegen.optional(this.identity);
}
/**
* Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*
*/
@Export(name="location", refs={String.class}, tree="[0]")
private Output location;
/**
* @return Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*
*/
public Output location() {
return this.location;
}
/**
* The URL that can be used to log into the container registry.
*
*/
@Export(name="loginServer", refs={String.class}, tree="[0]")
private Output loginServer;
/**
* @return The URL that can be used to log into the container registry.
*
*/
public Output loginServer() {
return this.loginServer;
}
/**
* Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
*
*/
@Export(name="name", refs={String.class}, tree="[0]")
private Output name;
/**
* @return Specifies the name of the Container Registry. Only Alphanumeric characters allowed. Changing this forces a new resource to be created.
*
*/
public Output name() {
return this.name;
}
/**
* Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are `None` and `AzureServices`. Defaults to `AzureServices`.
*
*/
@Export(name="networkRuleBypassOption", refs={String.class}, tree="[0]")
private Output networkRuleBypassOption;
/**
* @return Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are `None` and `AzureServices`. Defaults to `AzureServices`.
*
*/
public Output> networkRuleBypassOption() {
return Codegen.optional(this.networkRuleBypassOption);
}
/**
* A `network_rule_set` block as documented below.
*
*/
@Export(name="networkRuleSet", refs={RegistryNetworkRuleSet.class}, tree="[0]")
private Output networkRuleSet;
/**
* @return A `network_rule_set` block as documented below.
*
*/
public Output networkRuleSet() {
return this.networkRuleSet;
}
/**
* Whether public network access is allowed for the container registry. Defaults to `true`.
*
*/
@Export(name="publicNetworkAccessEnabled", refs={Boolean.class}, tree="[0]")
private Output publicNetworkAccessEnabled;
/**
* @return Whether public network access is allowed for the container registry. Defaults to `true`.
*
*/
public Output> publicNetworkAccessEnabled() {
return Codegen.optional(this.publicNetworkAccessEnabled);
}
/**
* Boolean value that indicates whether quarantine policy is enabled.
*
*/
@Export(name="quarantinePolicyEnabled", refs={Boolean.class}, tree="[0]")
private Output quarantinePolicyEnabled;
/**
* @return Boolean value that indicates whether quarantine policy is enabled.
*
*/
public Output> quarantinePolicyEnabled() {
return Codegen.optional(this.quarantinePolicyEnabled);
}
/**
* The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
*
*/
@Export(name="resourceGroupName", refs={String.class}, tree="[0]")
private Output resourceGroupName;
/**
* @return The name of the resource group in which to create the Container Registry. Changing this forces a new resource to be created.
*
*/
public Output resourceGroupName() {
return this.resourceGroupName;
}
/**
* The number of days to retain and untagged manifest after which it gets purged. Defaults to `7`.
*
*/
@Export(name="retentionPolicyInDays", refs={Integer.class}, tree="[0]")
private Output retentionPolicyInDays;
/**
* @return The number of days to retain and untagged manifest after which it gets purged. Defaults to `7`.
*
*/
public Output> retentionPolicyInDays() {
return Codegen.optional(this.retentionPolicyInDays);
}
/**
* The SKU name of the container registry. Possible values are `Basic`, `Standard` and `Premium`.
*
*/
@Export(name="sku", refs={String.class}, tree="[0]")
private Output sku;
/**
* @return The SKU name of the container registry. Possible values are `Basic`, `Standard` and `Premium`.
*
*/
public Output sku() {
return this.sku;
}
/**
* A mapping of tags to assign to the resource.
*
*/
@Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]")
private Output> tags;
/**
* @return A mapping of tags to assign to the resource.
*
*/
public Output>> tags() {
return Codegen.optional(this.tags);
}
/**
* Boolean value that indicated whether trust policy is enabled. Defaults to `false`.
*
*/
@Export(name="trustPolicyEnabled", refs={Boolean.class}, tree="[0]")
private Output trustPolicyEnabled;
/**
* @return Boolean value that indicated whether trust policy is enabled. Defaults to `false`.
*
*/
public Output> trustPolicyEnabled() {
return Codegen.optional(this.trustPolicyEnabled);
}
/**
* Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to `false`.
*
*/
@Export(name="zoneRedundancyEnabled", refs={Boolean.class}, tree="[0]")
private Output zoneRedundancyEnabled;
/**
* @return Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to `false`.
*
*/
public Output> zoneRedundancyEnabled() {
return Codegen.optional(this.zoneRedundancyEnabled);
}
/**
*
* @param name The _unique_ name of the resulting resource.
*/
public Registry(java.lang.String name) {
this(name, RegistryArgs.Empty);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
*/
public Registry(java.lang.String name, RegistryArgs args) {
this(name, args, null);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
* @param options A bag of options that control this resource's behavior.
*/
public Registry(java.lang.String name, RegistryArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:containerservice/registry:Registry", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
}
private Registry(java.lang.String name, Output id, @Nullable RegistryState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:containerservice/registry:Registry", name, state, makeResourceOptions(options, id), false);
}
private static RegistryArgs makeArgs(RegistryArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
if (options != null && options.getUrn().isPresent()) {
return null;
}
return args == null ? RegistryArgs.Empty : args;
}
private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
.version(Utilities.getVersion())
.additionalSecretOutputs(List.of(
"adminPassword"
))
.build();
return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
}
/**
* Get an existing Host resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state
* @param options Optional settings to control the behavior of the CustomResource.
*/
public static Registry get(java.lang.String name, Output id, @Nullable RegistryState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
return new Registry(name, id, state, options);
}
}