OVHCloud v2.1.1 published on Thursday, Apr 10, 2025 by OVHcloud
ovh.CloudProject.getContainerRegistryOIDC
Explore with Pulumi AI
Use this data source to get a OVHcloud Managed Private Registry OIDC.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as ovh from "@pulumi/ovh";
export = async () => {
    const myOidc = await ovh.CloudProject.getContainerRegistryOIDC({
        serviceName: "XXXXXX",
        registryId: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
    });
    return {
        "oidc-client-id": myOidc.oidcClientId,
    };
}
import pulumi
import pulumi_ovh as ovh
my_oidc = ovh.CloudProject.get_container_registry_oidc(service_name="XXXXXX",
    registry_id="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx")
pulumi.export("oidc-client-id", my_oidc.oidc_client_id)
package main
import (
	"github.com/ovh/pulumi-ovh/sdk/v2/go/ovh/cloudproject"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myOidc, err := cloudproject.GetContainerRegistryOIDC(ctx, &cloudproject.GetContainerRegistryOIDCArgs{
			ServiceName: "XXXXXX",
			RegistryId:  "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("oidc-client-id", myOidc.OidcClientId)
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ovh = Pulumi.Ovh;
return await Deployment.RunAsync(() => 
{
    var myOidc = Ovh.CloudProject.GetContainerRegistryOIDC.Invoke(new()
    {
        ServiceName = "XXXXXX",
        RegistryId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
    });
    return new Dictionary<string, object?>
    {
        ["oidc-client-id"] = myOidc.Apply(getContainerRegistryOIDCResult => getContainerRegistryOIDCResult.OidcClientId),
    };
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ovh.CloudProject.CloudProjectFunctions;
import com.pulumi.ovh.CloudProject.inputs.GetContainerRegistryOIDCArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var myOidc = CloudProjectFunctions.getContainerRegistryOIDC(GetContainerRegistryOIDCArgs.builder()
            .serviceName("XXXXXX")
            .registryId("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx")
            .build());
        ctx.export("oidc-client-id", myOidc.oidcClientId());
    }
}
variables:
  myOidc:
    fn::invoke:
      function: ovh:CloudProject:getContainerRegistryOIDC
      arguments:
        serviceName: XXXXXX
        registryId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
outputs:
  oidc-client-id: ${myOidc.oidcClientId}
Using getContainerRegistryOIDC
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getContainerRegistryOIDC(args: GetContainerRegistryOIDCArgs, opts?: InvokeOptions): Promise<GetContainerRegistryOIDCResult>
function getContainerRegistryOIDCOutput(args: GetContainerRegistryOIDCOutputArgs, opts?: InvokeOptions): Output<GetContainerRegistryOIDCResult>def get_container_registry_oidc(oidc_admin_group: Optional[str] = None,
                                oidc_auto_onboard: Optional[bool] = None,
                                oidc_client_id: Optional[str] = None,
                                oidc_endpoint: Optional[str] = None,
                                oidc_groups_claim: Optional[str] = None,
                                oidc_name: Optional[str] = None,
                                oidc_scope: Optional[str] = None,
                                oidc_user_claim: Optional[str] = None,
                                oidc_verify_cert: Optional[bool] = None,
                                registry_id: Optional[str] = None,
                                service_name: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetContainerRegistryOIDCResult
def get_container_registry_oidc_output(oidc_admin_group: Optional[pulumi.Input[str]] = None,
                                oidc_auto_onboard: Optional[pulumi.Input[bool]] = None,
                                oidc_client_id: Optional[pulumi.Input[str]] = None,
                                oidc_endpoint: Optional[pulumi.Input[str]] = None,
                                oidc_groups_claim: Optional[pulumi.Input[str]] = None,
                                oidc_name: Optional[pulumi.Input[str]] = None,
                                oidc_scope: Optional[pulumi.Input[str]] = None,
                                oidc_user_claim: Optional[pulumi.Input[str]] = None,
                                oidc_verify_cert: Optional[pulumi.Input[bool]] = None,
                                registry_id: Optional[pulumi.Input[str]] = None,
                                service_name: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetContainerRegistryOIDCResult]func LookupContainerRegistryOIDC(ctx *Context, args *LookupContainerRegistryOIDCArgs, opts ...InvokeOption) (*LookupContainerRegistryOIDCResult, error)
func LookupContainerRegistryOIDCOutput(ctx *Context, args *LookupContainerRegistryOIDCOutputArgs, opts ...InvokeOption) LookupContainerRegistryOIDCResultOutput> Note: This function is named LookupContainerRegistryOIDC in the Go SDK.
public static class GetContainerRegistryOIDC 
{
    public static Task<GetContainerRegistryOIDCResult> InvokeAsync(GetContainerRegistryOIDCArgs args, InvokeOptions? opts = null)
    public static Output<GetContainerRegistryOIDCResult> Invoke(GetContainerRegistryOIDCInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetContainerRegistryOIDCResult> getContainerRegistryOIDC(GetContainerRegistryOIDCArgs args, InvokeOptions options)
public static Output<GetContainerRegistryOIDCResult> getContainerRegistryOIDC(GetContainerRegistryOIDCArgs args, InvokeOptions options)
fn::invoke:
  function: ovh:CloudProject/getContainerRegistryOIDC:getContainerRegistryOIDC
  arguments:
    # arguments dictionaryThe following arguments are supported:
- RegistryId string
- The id of the Managed Private Registry.
- ServiceName string
- The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- OidcAdmin stringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- OidcAuto boolOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- OidcClient stringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- OidcEndpoint string
- The URL of an OIDC-compliant server.
- OidcGroups stringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- OidcName string
- The name of the OIDC provider.
- OidcScope string
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- OidcUser stringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- OidcVerify boolCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- RegistryId string
- The id of the Managed Private Registry.
- ServiceName string
- The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- OidcAdmin stringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- OidcAuto boolOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- OidcClient stringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- OidcEndpoint string
- The URL of an OIDC-compliant server.
- OidcGroups stringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- OidcName string
- The name of the OIDC provider.
- OidcScope string
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- OidcUser stringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- OidcVerify boolCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- registryId String
- The id of the Managed Private Registry.
- serviceName String
- The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidcAdmin StringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidcAuto BooleanOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidcClient StringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidcEndpoint String
- The URL of an OIDC-compliant server.
- oidcGroups StringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidcName String
- The name of the OIDC provider.
- oidcScope String
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidcUser StringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidcVerify BooleanCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- registryId string
- The id of the Managed Private Registry.
- serviceName string
- The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidcAdmin stringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidcAuto booleanOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidcClient stringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidcEndpoint string
- The URL of an OIDC-compliant server.
- oidcGroups stringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidcName string
- The name of the OIDC provider.
- oidcScope string
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidcUser stringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidcVerify booleanCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- registry_id str
- The id of the Managed Private Registry.
- service_name str
- The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidc_admin_ strgroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidc_auto_ boolonboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidc_client_ strid 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidc_endpoint str
- The URL of an OIDC-compliant server.
- oidc_groups_ strclaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidc_name str
- The name of the OIDC provider.
- oidc_scope str
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidc_user_ strclaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidc_verify_ boolcert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- registryId String
- The id of the Managed Private Registry.
- serviceName String
- The id of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidcAdmin StringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidcAuto BooleanOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidcClient StringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidcEndpoint String
- The URL of an OIDC-compliant server.
- oidcGroups StringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidcName String
- The name of the OIDC provider.
- oidcScope String
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidcUser StringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidcVerify BooleanCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
getContainerRegistryOIDC Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- RegistryId string
- The ID of the Managed Private Registry.
- ServiceName string
- The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- OidcAdmin stringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- OidcAuto boolOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- OidcClient stringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- OidcEndpoint string
- The URL of an OIDC-compliant server.
- OidcGroups stringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- OidcName string
- The name of the OIDC provider.
- OidcScope string
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- OidcUser stringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- OidcVerify boolCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- Id string
- The provider-assigned unique ID for this managed resource.
- RegistryId string
- The ID of the Managed Private Registry.
- ServiceName string
- The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- OidcAdmin stringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- OidcAuto boolOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- OidcClient stringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- OidcEndpoint string
- The URL of an OIDC-compliant server.
- OidcGroups stringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- OidcName string
- The name of the OIDC provider.
- OidcScope string
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- OidcUser stringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- OidcVerify boolCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- id String
- The provider-assigned unique ID for this managed resource.
- registryId String
- The ID of the Managed Private Registry.
- serviceName String
- The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidcAdmin StringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidcAuto BooleanOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidcClient StringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidcEndpoint String
- The URL of an OIDC-compliant server.
- oidcGroups StringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidcName String
- The name of the OIDC provider.
- oidcScope String
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidcUser StringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidcVerify BooleanCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- id string
- The provider-assigned unique ID for this managed resource.
- registryId string
- The ID of the Managed Private Registry.
- serviceName string
- The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidcAdmin stringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidcAuto booleanOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidcClient stringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidcEndpoint string
- The URL of an OIDC-compliant server.
- oidcGroups stringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidcName string
- The name of the OIDC provider.
- oidcScope string
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidcUser stringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidcVerify booleanCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- id str
- The provider-assigned unique ID for this managed resource.
- registry_id str
- The ID of the Managed Private Registry.
- service_name str
- The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidc_admin_ strgroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidc_auto_ boolonboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidc_client_ strid 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidc_endpoint str
- The URL of an OIDC-compliant server.
- oidc_groups_ strclaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidc_name str
- The name of the OIDC provider.
- oidc_scope str
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidc_user_ strclaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidc_verify_ boolcert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
- id String
- The provider-assigned unique ID for this managed resource.
- registryId String
- The ID of the Managed Private Registry.
- serviceName String
- The ID of the public cloud project. If omitted, the OVH_CLOUD_PROJECT_SERVICEenvironment variable is used.
- oidcAdmin StringGroup 
- Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to.
- oidcAuto BooleanOnboard 
- Skip the onboarding screen, so user cannot change its username. Username is provided from ID Token.
- oidcClient StringId 
- The client ID with which Harbor is registered as client application with the OIDC provider.
- oidcEndpoint String
- The URL of an OIDC-compliant server.
- oidcGroups StringClaim 
- The name of Claim in the ID token whose value is the list of group names.
- oidcName String
- The name of the OIDC provider.
- oidcScope String
- The scope sent to OIDC server during authentication. It's a comma-separated string that must contain 'openid' and usually also contains 'profile' and 'email'. To obtain refresh tokens it should also contain 'offline_access'.
- oidcUser StringClaim 
- The name of the claim in the ID Token where the username is retrieved from. If not specified, it will default to 'name' (only useful when automatic Onboarding is enabled).
- oidcVerify BooleanCert 
- Set it to falseif your OIDC server is hosted via self-signed certificate.
Package Details
- Repository
- ovh ovh/pulumi-ovh
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the ovhTerraform Provider.