Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Gitlab Provider
  3. API Docs
  4. BranchProtection
GitLab v8.10.0 published on Friday, Mar 21, 2025 by Pulumi
pulumi/pulumi-gitlab

gitlab.BranchProtection

Explore with Pulumi AI

GitLab v8.10.0 published on Friday, Mar 21, 2025 by Pulumi
pulumi/pulumi-gitlab

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gitlab from "@pulumi/gitlab";

const branchProtect = new gitlab.BranchProtection("BranchProtect", {
    project: "12345",
    branch: "BranchProtected",
    pushAccessLevel: "developer",
    mergeAccessLevel: "developer",
    unprotectAccessLevel: "developer",
    allowForcePush: true,
    codeOwnerApprovalRequired: true,
    allowedToPushes: [
        {
            userId: 5,
        },
        {
            userId: 521,
        },
    ],
    allowedToMerges: [
        {
            userId: 15,
        },
        {
            userId: 37,
        },
    ],
    allowedToUnprotects: [
        {
            userId: 15,
        },
        {
            groupId: 42,
        },
    ],
});
// Example using dynamic block
const main = new gitlab.BranchProtection("main", {
    allowedToPushes: [
        50,
        55,
        60,
    ].map((v, k) => ({key: k, value: v})).map(entry => ({
        userId: entry.value,
    })),
    project: "12345",
    branch: "main",
    pushAccessLevel: "maintainer",
    mergeAccessLevel: "maintainer",
    unprotectAccessLevel: "maintainer",
});
Copy
import pulumi
import pulumi_gitlab as gitlab

branch_protect = gitlab.BranchProtection("BranchProtect",
    project="12345",
    branch="BranchProtected",
    push_access_level="developer",
    merge_access_level="developer",
    unprotect_access_level="developer",
    allow_force_push=True,
    code_owner_approval_required=True,
    allowed_to_pushes=[
        {
            "user_id": 5,
        },
        {
            "user_id": 521,
        },
    ],
    allowed_to_merges=[
        {
            "user_id": 15,
        },
        {
            "user_id": 37,
        },
    ],
    allowed_to_unprotects=[
        {
            "user_id": 15,
        },
        {
            "group_id": 42,
        },
    ])
# Example using dynamic block
main = gitlab.BranchProtection("main",
    allowed_to_pushes=[{
        "user_id": entry["value"],
    } for entry in [{"key": k, "value": v} for k, v in [
        50,
        55,
        60,
    ]]],
    project="12345",
    branch="main",
    push_access_level="maintainer",
    merge_access_level="maintainer",
    unprotect_access_level="maintainer")
Copy
Coming soon!

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using GitLab = Pulumi.GitLab;

return await Deployment.RunAsync(() => 
{
    var branchProtect = new GitLab.BranchProtection("BranchProtect", new()
    {
        Project = "12345",
        Branch = "BranchProtected",
        PushAccessLevel = "developer",
        MergeAccessLevel = "developer",
        UnprotectAccessLevel = "developer",
        AllowForcePush = true,
        CodeOwnerApprovalRequired = true,
        AllowedToPushes = new[]
        {
            new GitLab.Inputs.BranchProtectionAllowedToPushArgs
            {
                UserId = 5,
            },
            new GitLab.Inputs.BranchProtectionAllowedToPushArgs
            {
                UserId = 521,
            },
        },
        AllowedToMerges = new[]
        {
            new GitLab.Inputs.BranchProtectionAllowedToMergeArgs
            {
                UserId = 15,
            },
            new GitLab.Inputs.BranchProtectionAllowedToMergeArgs
            {
                UserId = 37,
            },
        },
        AllowedToUnprotects = new[]
        {
            new GitLab.Inputs.BranchProtectionAllowedToUnprotectArgs
            {
                UserId = 15,
            },
            new GitLab.Inputs.BranchProtectionAllowedToUnprotectArgs
            {
                GroupId = 42,
            },
        },
    });

    // Example using dynamic block
    var main = new GitLab.BranchProtection("main", new()
    {
        AllowedToPushes = new[]
        {
            50,
            55,
            60,
        }.Select((v, k) => new { Key = k, Value = v }).Select(entry => 
        {
            return new GitLab.Inputs.BranchProtectionAllowedToPushArgs
            {
                UserId = entry.Value,
            };
        }).ToList(),
        Project = "12345",
        Branch = "main",
        PushAccessLevel = "maintainer",
        MergeAccessLevel = "maintainer",
        UnprotectAccessLevel = "maintainer",
    });

});
Copy
Coming soon!

Coming soon!

Create BranchProtection Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new BranchProtection(name: string, args: BranchProtectionArgs, opts?: CustomResourceOptions);
@overload
def BranchProtection(resource_name: str,
                     args: BranchProtectionArgs,
                     opts: Optional[ResourceOptions] = None)

@overload
def BranchProtection(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     branch: Optional[str] = None,
                     project: Optional[str] = None,
                     allow_force_push: Optional[bool] = None,
                     allowed_to_merges: Optional[Sequence[BranchProtectionAllowedToMergeArgs]] = None,
                     allowed_to_pushes: Optional[Sequence[BranchProtectionAllowedToPushArgs]] = None,
                     allowed_to_unprotects: Optional[Sequence[BranchProtectionAllowedToUnprotectArgs]] = None,
                     code_owner_approval_required: Optional[bool] = None,
                     merge_access_level: Optional[str] = None,
                     push_access_level: Optional[str] = None,
                     unprotect_access_level: Optional[str] = None)
func NewBranchProtection(ctx *Context, name string, args BranchProtectionArgs, opts ...ResourceOption) (*BranchProtection, error)
public BranchProtection(string name, BranchProtectionArgs args, CustomResourceOptions? opts = null)
public BranchProtection(String name, BranchProtectionArgs args)
public BranchProtection(String name, BranchProtectionArgs args, CustomResourceOptions options)

type: gitlab:BranchProtection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. BranchProtectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. BranchProtectionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. BranchProtectionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. BranchProtectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. BranchProtectionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var branchProtectionResource = new GitLab.BranchProtection("branchProtectionResource", new()
{
    Branch = "string",
    Project = "string",
    AllowForcePush = false,
    AllowedToMerges = new[]
    {
        new GitLab.Inputs.BranchProtectionAllowedToMergeArgs
        {
            AccessLevel = "string",
            AccessLevelDescription = "string",
            GroupId = 0,
            UserId = 0,
        },
    },
    AllowedToPushes = new[]
    {
        new GitLab.Inputs.BranchProtectionAllowedToPushArgs
        {
            AccessLevel = "string",
            AccessLevelDescription = "string",
            DeployKeyId = 0,
            GroupId = 0,
            UserId = 0,
        },
    },
    AllowedToUnprotects = new[]
    {
        new GitLab.Inputs.BranchProtectionAllowedToUnprotectArgs
        {
            AccessLevel = "string",
            AccessLevelDescription = "string",
            GroupId = 0,
            UserId = 0,
        },
    },
    CodeOwnerApprovalRequired = false,
    MergeAccessLevel = "string",
    PushAccessLevel = "string",
    UnprotectAccessLevel = "string",
});
Copy
example, err := gitlab.NewBranchProtection(ctx, "branchProtectionResource", &gitlab.BranchProtectionArgs{
	Branch:         pulumi.String("string"),
	Project:        pulumi.String("string"),
	AllowForcePush: pulumi.Bool(false),
	AllowedToMerges: gitlab.BranchProtectionAllowedToMergeArray{
		&gitlab.BranchProtectionAllowedToMergeArgs{
			AccessLevel:            pulumi.String("string"),
			AccessLevelDescription: pulumi.String("string"),
			GroupId:                pulumi.Int(0),
			UserId:                 pulumi.Int(0),
		},
	},
	AllowedToPushes: gitlab.BranchProtectionAllowedToPushArray{
		&gitlab.BranchProtectionAllowedToPushArgs{
			AccessLevel:            pulumi.String("string"),
			AccessLevelDescription: pulumi.String("string"),
			DeployKeyId:            pulumi.Int(0),
			GroupId:                pulumi.Int(0),
			UserId:                 pulumi.Int(0),
		},
	},
	AllowedToUnprotects: gitlab.BranchProtectionAllowedToUnprotectArray{
		&gitlab.BranchProtectionAllowedToUnprotectArgs{
			AccessLevel:            pulumi.String("string"),
			AccessLevelDescription: pulumi.String("string"),
			GroupId:                pulumi.Int(0),
			UserId:                 pulumi.Int(0),
		},
	},
	CodeOwnerApprovalRequired: pulumi.Bool(false),
	MergeAccessLevel:          pulumi.String("string"),
	PushAccessLevel:           pulumi.String("string"),
	UnprotectAccessLevel:      pulumi.String("string"),
})
Copy
var branchProtectionResource = new BranchProtection("branchProtectionResource", BranchProtectionArgs.builder()
    .branch("string")
    .project("string")
    .allowForcePush(false)
    .allowedToMerges(BranchProtectionAllowedToMergeArgs.builder()
        .accessLevel("string")
        .accessLevelDescription("string")
        .groupId(0)
        .userId(0)
        .build())
    .allowedToPushes(BranchProtectionAllowedToPushArgs.builder()
        .accessLevel("string")
        .accessLevelDescription("string")
        .deployKeyId(0)
        .groupId(0)
        .userId(0)
        .build())
    .allowedToUnprotects(BranchProtectionAllowedToUnprotectArgs.builder()
        .accessLevel("string")
        .accessLevelDescription("string")
        .groupId(0)
        .userId(0)
        .build())
    .codeOwnerApprovalRequired(false)
    .mergeAccessLevel("string")
    .pushAccessLevel("string")
    .unprotectAccessLevel("string")
    .build());
Copy
branch_protection_resource = gitlab.BranchProtection("branchProtectionResource",
    branch="string",
    project="string",
    allow_force_push=False,
    allowed_to_merges=[{
        "access_level": "string",
        "access_level_description": "string",
        "group_id": 0,
        "user_id": 0,
    }],
    allowed_to_pushes=[{
        "access_level": "string",
        "access_level_description": "string",
        "deploy_key_id": 0,
        "group_id": 0,
        "user_id": 0,
    }],
    allowed_to_unprotects=[{
        "access_level": "string",
        "access_level_description": "string",
        "group_id": 0,
        "user_id": 0,
    }],
    code_owner_approval_required=False,
    merge_access_level="string",
    push_access_level="string",
    unprotect_access_level="string")
Copy
const branchProtectionResource = new gitlab.BranchProtection("branchProtectionResource", {
    branch: "string",
    project: "string",
    allowForcePush: false,
    allowedToMerges: [{
        accessLevel: "string",
        accessLevelDescription: "string",
        groupId: 0,
        userId: 0,
    }],
    allowedToPushes: [{
        accessLevel: "string",
        accessLevelDescription: "string",
        deployKeyId: 0,
        groupId: 0,
        userId: 0,
    }],
    allowedToUnprotects: [{
        accessLevel: "string",
        accessLevelDescription: "string",
        groupId: 0,
        userId: 0,
    }],
    codeOwnerApprovalRequired: false,
    mergeAccessLevel: "string",
    pushAccessLevel: "string",
    unprotectAccessLevel: "string",
});
Copy
type: gitlab:BranchProtection
properties:
    allowForcePush: false
    allowedToMerges:
        - accessLevel: string
          accessLevelDescription: string
          groupId: 0
          userId: 0
    allowedToPushes:
        - accessLevel: string
          accessLevelDescription: string
          deployKeyId: 0
          groupId: 0
          userId: 0
    allowedToUnprotects:
        - accessLevel: string
          accessLevelDescription: string
          groupId: 0
          userId: 0
    branch: string
    codeOwnerApprovalRequired: false
    mergeAccessLevel: string
    project: string
    pushAccessLevel: string
    unprotectAccessLevel: string
Copy

BranchProtection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The BranchProtection resource accepts the following input properties:

Branch This property is required. string
Name of the branch.
Project This property is required. string
The id of the project.
AllowForcePush bool
Can be set to true to allow users with push access to force push.
AllowedToMerges List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToMerge>
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
AllowedToPushes List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToPush>
Array of access levels and user(s)/group(s) allowed to push to protected branch.
AllowedToUnprotects List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToUnprotect>
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
CodeOwnerApprovalRequired bool
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
MergeAccessLevel string
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
PushAccessLevel string
Access levels allowed to push. Valid values are: no one, developer, maintainer.
UnprotectAccessLevel string
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
Branch This property is required. string
Name of the branch.
Project This property is required. string
The id of the project.
AllowForcePush bool
Can be set to true to allow users with push access to force push.
AllowedToMerges []BranchProtectionAllowedToMergeArgs
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
AllowedToPushes []BranchProtectionAllowedToPushArgs
Array of access levels and user(s)/group(s) allowed to push to protected branch.
AllowedToUnprotects []BranchProtectionAllowedToUnprotectArgs
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
CodeOwnerApprovalRequired bool
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
MergeAccessLevel string
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
PushAccessLevel string
Access levels allowed to push. Valid values are: no one, developer, maintainer.
UnprotectAccessLevel string
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
branch This property is required. String
Name of the branch.
project This property is required. String
The id of the project.
allowForcePush Boolean
Can be set to true to allow users with push access to force push.
allowedToMerges List<BranchProtectionAllowedToMerge>
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowedToPushes List<BranchProtectionAllowedToPush>
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowedToUnprotects List<BranchProtectionAllowedToUnprotect>
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
codeOwnerApprovalRequired Boolean
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
mergeAccessLevel String
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
pushAccessLevel String
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotectAccessLevel String
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
branch This property is required. string
Name of the branch.
project This property is required. string
The id of the project.
allowForcePush boolean
Can be set to true to allow users with push access to force push.
allowedToMerges BranchProtectionAllowedToMerge[]
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowedToPushes BranchProtectionAllowedToPush[]
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowedToUnprotects BranchProtectionAllowedToUnprotect[]
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
codeOwnerApprovalRequired boolean
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
mergeAccessLevel string
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
pushAccessLevel string
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotectAccessLevel string
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
branch This property is required. str
Name of the branch.
project This property is required. str
The id of the project.
allow_force_push bool
Can be set to true to allow users with push access to force push.
allowed_to_merges Sequence[BranchProtectionAllowedToMergeArgs]
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowed_to_pushes Sequence[BranchProtectionAllowedToPushArgs]
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowed_to_unprotects Sequence[BranchProtectionAllowedToUnprotectArgs]
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
code_owner_approval_required bool
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
merge_access_level str
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
push_access_level str
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotect_access_level str
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
branch This property is required. String
Name of the branch.
project This property is required. String
The id of the project.
allowForcePush Boolean
Can be set to true to allow users with push access to force push.
allowedToMerges List<Property Map>
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowedToPushes List<Property Map>
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowedToUnprotects List<Property Map>
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
codeOwnerApprovalRequired Boolean
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
mergeAccessLevel String
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
pushAccessLevel String
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotectAccessLevel String
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.

Outputs

All input properties are implicitly available as output properties. Additionally, the BranchProtection resource produces the following output properties:

BranchProtectionId int
The ID of the branch protection (not the branch name).
Id string
The provider-assigned unique ID for this managed resource.
BranchProtectionId int
The ID of the branch protection (not the branch name).
Id string
The provider-assigned unique ID for this managed resource.
branchProtectionId Integer
The ID of the branch protection (not the branch name).
id String
The provider-assigned unique ID for this managed resource.
branchProtectionId number
The ID of the branch protection (not the branch name).
id string
The provider-assigned unique ID for this managed resource.
branch_protection_id int
The ID of the branch protection (not the branch name).
id str
The provider-assigned unique ID for this managed resource.
branchProtectionId Number
The ID of the branch protection (not the branch name).
id String
The provider-assigned unique ID for this managed resource.

Look up Existing BranchProtection Resource

Get an existing BranchProtection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BranchProtectionState, opts?: CustomResourceOptions): BranchProtection
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allow_force_push: Optional[bool] = None,
        allowed_to_merges: Optional[Sequence[BranchProtectionAllowedToMergeArgs]] = None,
        allowed_to_pushes: Optional[Sequence[BranchProtectionAllowedToPushArgs]] = None,
        allowed_to_unprotects: Optional[Sequence[BranchProtectionAllowedToUnprotectArgs]] = None,
        branch: Optional[str] = None,
        branch_protection_id: Optional[int] = None,
        code_owner_approval_required: Optional[bool] = None,
        merge_access_level: Optional[str] = None,
        project: Optional[str] = None,
        push_access_level: Optional[str] = None,
        unprotect_access_level: Optional[str] = None) -> BranchProtection
func GetBranchProtection(ctx *Context, name string, id IDInput, state *BranchProtectionState, opts ...ResourceOption) (*BranchProtection, error)
public static BranchProtection Get(string name, Input<string> id, BranchProtectionState? state, CustomResourceOptions? opts = null)
public static BranchProtection get(String name, Output<String> id, BranchProtectionState state, CustomResourceOptions options)
resources:  _:    type: gitlab:BranchProtection    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AllowForcePush bool
Can be set to true to allow users with push access to force push.
AllowedToMerges List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToMerge>
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
AllowedToPushes List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToPush>
Array of access levels and user(s)/group(s) allowed to push to protected branch.
AllowedToUnprotects List<Pulumi.GitLab.Inputs.BranchProtectionAllowedToUnprotect>
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
Branch string
Name of the branch.
BranchProtectionId int
The ID of the branch protection (not the branch name).
CodeOwnerApprovalRequired bool
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
MergeAccessLevel string
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
Project string
The id of the project.
PushAccessLevel string
Access levels allowed to push. Valid values are: no one, developer, maintainer.
UnprotectAccessLevel string
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
AllowForcePush bool
Can be set to true to allow users with push access to force push.
AllowedToMerges []BranchProtectionAllowedToMergeArgs
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
AllowedToPushes []BranchProtectionAllowedToPushArgs
Array of access levels and user(s)/group(s) allowed to push to protected branch.
AllowedToUnprotects []BranchProtectionAllowedToUnprotectArgs
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
Branch string
Name of the branch.
BranchProtectionId int
The ID of the branch protection (not the branch name).
CodeOwnerApprovalRequired bool
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
MergeAccessLevel string
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
Project string
The id of the project.
PushAccessLevel string
Access levels allowed to push. Valid values are: no one, developer, maintainer.
UnprotectAccessLevel string
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
allowForcePush Boolean
Can be set to true to allow users with push access to force push.
allowedToMerges List<BranchProtectionAllowedToMerge>
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowedToPushes List<BranchProtectionAllowedToPush>
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowedToUnprotects List<BranchProtectionAllowedToUnprotect>
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
branch String
Name of the branch.
branchProtectionId Integer
The ID of the branch protection (not the branch name).
codeOwnerApprovalRequired Boolean
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
mergeAccessLevel String
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
project String
The id of the project.
pushAccessLevel String
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotectAccessLevel String
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
allowForcePush boolean
Can be set to true to allow users with push access to force push.
allowedToMerges BranchProtectionAllowedToMerge[]
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowedToPushes BranchProtectionAllowedToPush[]
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowedToUnprotects BranchProtectionAllowedToUnprotect[]
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
branch string
Name of the branch.
branchProtectionId number
The ID of the branch protection (not the branch name).
codeOwnerApprovalRequired boolean
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
mergeAccessLevel string
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
project string
The id of the project.
pushAccessLevel string
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotectAccessLevel string
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
allow_force_push bool
Can be set to true to allow users with push access to force push.
allowed_to_merges Sequence[BranchProtectionAllowedToMergeArgs]
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowed_to_pushes Sequence[BranchProtectionAllowedToPushArgs]
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowed_to_unprotects Sequence[BranchProtectionAllowedToUnprotectArgs]
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
branch str
Name of the branch.
branch_protection_id int
The ID of the branch protection (not the branch name).
code_owner_approval_required bool
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
merge_access_level str
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
project str
The id of the project.
push_access_level str
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotect_access_level str
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.
allowForcePush Boolean
Can be set to true to allow users with push access to force push.
allowedToMerges List<Property Map>
Array of access levels and user(s)/group(s) allowed to merge to protected branch.
allowedToPushes List<Property Map>
Array of access levels and user(s)/group(s) allowed to push to protected branch.
allowedToUnprotects List<Property Map>
Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch.
branch String
Name of the branch.
branchProtectionId Number
The ID of the branch protection (not the branch name).
codeOwnerApprovalRequired Boolean
Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
mergeAccessLevel String
Access levels allowed to merge. Valid values are: no one, developer, maintainer.
project String
The id of the project.
pushAccessLevel String
Access levels allowed to push. Valid values are: no one, developer, maintainer.
unprotectAccessLevel String
Access levels allowed to unprotect. Valid values are: developer, maintainer, admin.

Supporting Types

BranchProtectionAllowedToMerge
, BranchProtectionAllowedToMergeArgs

AccessLevel string
Access levels allowed to merge to protected branch. Valid values are: no one, developer, maintainer.
AccessLevelDescription string
Readable description of access level.
GroupId int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
UserId int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
AccessLevel string
Access levels allowed to merge to protected branch. Valid values are: no one, developer, maintainer.
AccessLevelDescription string
Readable description of access level.
GroupId int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
UserId int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
accessLevel String
Access levels allowed to merge to protected branch. Valid values are: no one, developer, maintainer.
accessLevelDescription String
Readable description of access level.
groupId Integer
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
userId Integer
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
accessLevel string
Access levels allowed to merge to protected branch. Valid values are: no one, developer, maintainer.
accessLevelDescription string
Readable description of access level.
groupId number
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
userId number
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
access_level str
Access levels allowed to merge to protected branch. Valid values are: no one, developer, maintainer.
access_level_description str
Readable description of access level.
group_id int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
user_id int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
accessLevel String
Access levels allowed to merge to protected branch. Valid values are: no one, developer, maintainer.
accessLevelDescription String
Readable description of access level.
groupId Number
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
userId Number
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.

BranchProtectionAllowedToPush
, BranchProtectionAllowedToPushArgs

AccessLevel string
Access levels allowed to push to protected branch. Valid values are: no one, developer, maintainer.
AccessLevelDescription string
Readable description of access level.
DeployKeyId int
The ID of a GitLab deploy key allowed to perform the relevant action. Mutually exclusive with group_id and user_id. This field is read-only until Gitlab 17.5.
GroupId int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with deploy_key_id and user_id.
UserId int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with deploy_key_id and group_id.
AccessLevel string
Access levels allowed to push to protected branch. Valid values are: no one, developer, maintainer.
AccessLevelDescription string
Readable description of access level.
DeployKeyId int
The ID of a GitLab deploy key allowed to perform the relevant action. Mutually exclusive with group_id and user_id. This field is read-only until Gitlab 17.5.
GroupId int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with deploy_key_id and user_id.
UserId int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with deploy_key_id and group_id.
accessLevel String
Access levels allowed to push to protected branch. Valid values are: no one, developer, maintainer.
accessLevelDescription String
Readable description of access level.
deployKeyId Integer
The ID of a GitLab deploy key allowed to perform the relevant action. Mutually exclusive with group_id and user_id. This field is read-only until Gitlab 17.5.
groupId Integer
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with deploy_key_id and user_id.
userId Integer
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with deploy_key_id and group_id.
accessLevel string
Access levels allowed to push to protected branch. Valid values are: no one, developer, maintainer.
accessLevelDescription string
Readable description of access level.
deployKeyId number
The ID of a GitLab deploy key allowed to perform the relevant action. Mutually exclusive with group_id and user_id. This field is read-only until Gitlab 17.5.
groupId number
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with deploy_key_id and user_id.
userId number
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with deploy_key_id and group_id.
access_level str
Access levels allowed to push to protected branch. Valid values are: no one, developer, maintainer.
access_level_description str
Readable description of access level.
deploy_key_id int
The ID of a GitLab deploy key allowed to perform the relevant action. Mutually exclusive with group_id and user_id. This field is read-only until Gitlab 17.5.
group_id int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with deploy_key_id and user_id.
user_id int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with deploy_key_id and group_id.
accessLevel String
Access levels allowed to push to protected branch. Valid values are: no one, developer, maintainer.
accessLevelDescription String
Readable description of access level.
deployKeyId Number
The ID of a GitLab deploy key allowed to perform the relevant action. Mutually exclusive with group_id and user_id. This field is read-only until Gitlab 17.5.
groupId Number
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with deploy_key_id and user_id.
userId Number
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with deploy_key_id and group_id.

BranchProtectionAllowedToUnprotect
, BranchProtectionAllowedToUnprotectArgs

AccessLevel string
Access levels allowed to unprotect push to protected branch. Valid values are: developer, maintainer, admin.
AccessLevelDescription string
Readable description of access level.
GroupId int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
UserId int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
AccessLevel string
Access levels allowed to unprotect push to protected branch. Valid values are: developer, maintainer, admin.
AccessLevelDescription string
Readable description of access level.
GroupId int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
UserId int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
accessLevel String
Access levels allowed to unprotect push to protected branch. Valid values are: developer, maintainer, admin.
accessLevelDescription String
Readable description of access level.
groupId Integer
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
userId Integer
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
accessLevel string
Access levels allowed to unprotect push to protected branch. Valid values are: developer, maintainer, admin.
accessLevelDescription string
Readable description of access level.
groupId number
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
userId number
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
access_level str
Access levels allowed to unprotect push to protected branch. Valid values are: developer, maintainer, admin.
access_level_description str
Readable description of access level.
group_id int
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
user_id int
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.
accessLevel String
Access levels allowed to unprotect push to protected branch. Valid values are: developer, maintainer, admin.
accessLevelDescription String
Readable description of access level.
groupId Number
The ID of a GitLab group allowed to perform the relevant action. Mutually exclusive with user_id.
userId Number
The ID of a GitLab user allowed to perform the relevant action. Mutually exclusive with group_id.

Import

Starting in Terraform v1.5.0 you can use an import block to import gitlab_branch_protection. For example:

terraform

import {

to = gitlab_branch_protection.example

id = “see CLI command below for ID”

}

Import using the CLI is supported using the following syntax:

Gitlab protected branches can be imported with a key composed of <project_id>:<branch>, e.g.

$ pulumi import gitlab:index/branchProtection:BranchProtection BranchProtect "12345:main"
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
GitLab pulumi/pulumi-gitlab
License
Apache-2.0
Notes
This Pulumi package is based on the gitlab Terraform Provider.
GitLab v8.10.0 published on Friday, Mar 21, 2025 by Pulumi
pulumi/pulumi-gitlab