The gitlab_project_protected_environment
resource allows to manage the lifecycle of a protected environment in a project.
Upstream API: GitLab REST API docs
resource "gitlab_project_environment" "this" {
project = 123
name = "example"
external_url = "www.example.com"
}
# Example with deployment access level
resource "gitlab_project_protected_environment" "example_with_access_level" {
project = gitlab_project_environment.this.project
required_approval_count = 1
environment = gitlab_project_environment.this.name
deploy_access_levels {
access_level = "developer"
}
}
# Example with group-based deployment level
resource "gitlab_project_protected_environment" "example_with_group" {
project = gitlab_project_environment.this.project
environment = gitlab_project_environment.this.name
deploy_access_levels {
group_id = 456
}
}
# Example with user-based deployment level
resource "gitlab_project_protected_environment" "example_with_user" {
project = gitlab_project_environment.this.project
environment = gitlab_project_environment.this.name
deploy_access_levels {
user_id = 789
}
}
# Example with multiple deployment access levels
resource "gitlab_project_protected_environment" "example_with_multiple" {
project = gitlab_project_environment.this.project
required_approval_count = 2
environment = gitlab_project_environment.this.name
deploy_access_levels {
access_level = "developer"
}
deploy_access_levels {
group_id = 456
}
deploy_access_levels {
user_id = 789
}
}
# Example with access-level based approval rules
resource "gitlab_project_protected_environment" "example_with_multiple" {
project = gitlab_project_environment.this.project
required_approval_count = 2
environment = gitlab_project_environment.this.name
deploy_access_levels {
access_level = "developer"
}
approval_rules = [
{
access_level = "developer"
}
]
}
# Example with multiple approval rules, using access level, user, and group
resource "gitlab_project_protected_environment" "example_with_multiple" {
project = gitlab_project_environment.this.project
required_approval_count = 2
environment = gitlab_project_environment.this.name
deploy_access_levels {
access_level = "developer"
}
approval_rules = [
{
user_id = 789
},
{
access_level = "developer"
},
{
group_id = 456
}
]
}
environment
(String) The name of the environment.project
(String) The ID or full path of the project which the protected environment is created against.approval_rules
(Attributes List) Array of approval rules to deploy, with each described by a hash. (see below for nested schema)deploy_access_levels
(Block Set) Array of access levels allowed to deploy, with each described by a hash. (see below for nested schema)required_approval_count
(Number) The number of approvals required to deploy to this environment.id
(String) The ID of this Terraform resource. In the format of <project>:<environment-name>
.approval_rules
Optional:
access_level
(String) Levels of access allowed to approve a deployment to this protected environment. Valid values are developer
, maintainer
.group_id
(Number) The ID of the group allowed to approve a deployment to this protected environment. The project must be shared with the group. This is mutually exclusive with user_id.group_inheritance_type
(Number) Group inheritance allows deploy access levels to take inherited group membership into account. Valid values are 0
, 1
. 0
=> Direct group membership only, 1
=> All inherited groups. Default: 0
required_approvals
(Number) The number of approval required to allow deployment to this protected environment. This is mutually exclusive with user_id.user_id
(Number) The ID of the user allowed to approve a deployment to this protected environment. The user must be a member of the project. This is mutually exclusive with group_id and required_approvals.Read-Only:
access_level_description
(String) Readable description of level of access.id
(Number) The unique ID of the Approval Rules object.deploy_access_levels
Optional:
access_level
(String) Levels of access required to deploy to this protected environment. Valid values are developer
, maintainer
.group_id
(Number) The ID of the group allowed to deploy to this protected environment. The project must be shared with the group.group_inheritance_type
(Number) Group inheritance allows deploy access levels to take inherited group membership into account. Valid values are 0
, 1
. 0
=> Direct group membership only, 1
=> All inherited groups. Default: 0
user_id
(Number) The ID of the user allowed to deploy to this protected environment. The user must be a member of the project.Read-Only:
access_level_description
(String) Readable description of level of access.id
(Number) The unique ID of the Deploy Access Level object.Import is supported using the following syntax:
# GitLab protected environments can be imported using an id made up of `projectId:environmentName`, e.g.
terraform import gitlab_project_protected_environment.bar 123:production