Azure DevOps v3.8.0, Mar 17 25

Azure DevOps v3.8.0 published on Monday, Mar 17, 2025 by Pulumi

azuredevops.ProjectPipelineSettings

Explore with Pulumi AI

Azure DevOps v3.8.0 published on Monday, Mar 17, 2025 by Pulumi

Example Usage

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const example = new azuredevops.Project("example", {
    name: "Example Project",
    visibility: "private",
    versionControl: "Git",
    workItemTemplate: "Agile",
    description: "Managed by Pulumi",
});
const exampleProjectPipelineSettings = new azuredevops.ProjectPipelineSettings("example", {
    projectId: example.id,
    enforceJobScope: true,
    enforceReferencedRepoScopedToken: false,
    enforceSettableVar: true,
    publishPipelineMetadata: false,
    statusBadgesArePrivate: true,
});

import pulumi
import pulumi_azuredevops as azuredevops

example = azuredevops.Project("example",
    name="Example Project",
    visibility="private",
    version_control="Git",
    work_item_template="Agile",
    description="Managed by Pulumi")
example_project_pipeline_settings = azuredevops.ProjectPipelineSettings("example",
    project_id=example.id,
    enforce_job_scope=True,
    enforce_referenced_repo_scoped_token=False,
    enforce_settable_var=True,
    publish_pipeline_metadata=False,
    status_badges_are_private=True)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := azuredevops.NewProject(ctx, "example", &azuredevops.ProjectArgs{
			Name:             pulumi.String("Example Project"),
			Visibility:       pulumi.String("private"),
			VersionControl:   pulumi.String("Git"),
			WorkItemTemplate: pulumi.String("Agile"),
			Description:      pulumi.String("Managed by Pulumi"),
		})
		if err != nil {
			return err
		}
		_, err = azuredevops.NewProjectPipelineSettings(ctx, "example", &azuredevops.ProjectPipelineSettingsArgs{
			ProjectId:                        example.ID(),
			EnforceJobScope:                  pulumi.Bool(true),
			EnforceReferencedRepoScopedToken: pulumi.Bool(false),
			EnforceSettableVar:               pulumi.Bool(true),
			PublishPipelineMetadata:          pulumi.Bool(false),
			StatusBadgesArePrivate:           pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var example = new AzureDevOps.Project("example", new()
    {
        Name = "Example Project",
        Visibility = "private",
        VersionControl = "Git",
        WorkItemTemplate = "Agile",
        Description = "Managed by Pulumi",
    });

    var exampleProjectPipelineSettings = new AzureDevOps.ProjectPipelineSettings("example", new()
    {
        ProjectId = example.Id,
        EnforceJobScope = true,
        EnforceReferencedRepoScopedToken = false,
        EnforceSettableVar = true,
        PublishPipelineMetadata = false,
        StatusBadgesArePrivate = true,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.Project;
import com.pulumi.azuredevops.ProjectArgs;
import com.pulumi.azuredevops.ProjectPipelineSettings;
import com.pulumi.azuredevops.ProjectPipelineSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new Project("example", ProjectArgs.builder()
            .name("Example Project")
            .visibility("private")
            .versionControl("Git")
            .workItemTemplate("Agile")
            .description("Managed by Pulumi")
            .build());

        var exampleProjectPipelineSettings = new ProjectPipelineSettings("exampleProjectPipelineSettings", ProjectPipelineSettingsArgs.builder()
            .projectId(example.id())
            .enforceJobScope(true)
            .enforceReferencedRepoScopedToken(false)
            .enforceSettableVar(true)
            .publishPipelineMetadata(false)
            .statusBadgesArePrivate(true)
            .build());

    }
}

resources:
  example:
    type: azuredevops:Project
    properties:
      name: Example Project
      visibility: private
      versionControl: Git
      workItemTemplate: Agile
      description: Managed by Pulumi
  exampleProjectPipelineSettings:
    type: azuredevops:ProjectPipelineSettings
    name: example
    properties:
      projectId: ${example.id}
      enforceJobScope: true
      enforceReferencedRepoScopedToken: false
      enforceSettableVar: true
      publishPipelineMetadata: false
      statusBadgesArePrivate: true

Relevant Links

No official documentation available

PAT Permissions Required

Full Access

Create ProjectPipelineSettings Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new ProjectPipelineSettings(name: string, args: ProjectPipelineSettingsArgs, opts?: CustomResourceOptions);

@overload
def ProjectPipelineSettings(resource_name: str,
                            args: ProjectPipelineSettingsArgs,
                            opts: Optional[ResourceOptions] = None)

@overload
def ProjectPipelineSettings(resource_name: str,
                            opts: Optional[ResourceOptions] = None,
                            project_id: Optional[str] = None,
                            enforce_job_scope: Optional[bool] = None,
                            enforce_job_scope_for_release: Optional[bool] = None,
                            enforce_referenced_repo_scoped_token: Optional[bool] = None,
                            enforce_settable_var: Optional[bool] = None,
                            publish_pipeline_metadata: Optional[bool] = None,
                            status_badges_are_private: Optional[bool] = None)

func NewProjectPipelineSettings(ctx *Context, name string, args ProjectPipelineSettingsArgs, opts ...ResourceOption) (*ProjectPipelineSettings, error)

public ProjectPipelineSettings(string name, ProjectPipelineSettingsArgs args, CustomResourceOptions? opts = null)

public ProjectPipelineSettings(String name, ProjectPipelineSettingsArgs args)
public ProjectPipelineSettings(String name, ProjectPipelineSettingsArgs args, CustomResourceOptions options)

type: azuredevops:ProjectPipelineSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ProjectPipelineSettingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ProjectPipelineSettingsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ProjectPipelineSettingsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ProjectPipelineSettingsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ProjectPipelineSettingsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var projectPipelineSettingsResource = new AzureDevOps.ProjectPipelineSettings("projectPipelineSettingsResource", new()
{
    ProjectId = "string",
    EnforceJobScope = false,
    EnforceJobScopeForRelease = false,
    EnforceReferencedRepoScopedToken = false,
    EnforceSettableVar = false,
    PublishPipelineMetadata = false,
    StatusBadgesArePrivate = false,
});

example, err := azuredevops.NewProjectPipelineSettings(ctx, "projectPipelineSettingsResource", &azuredevops.ProjectPipelineSettingsArgs{
	ProjectId:                        pulumi.String("string"),
	EnforceJobScope:                  pulumi.Bool(false),
	EnforceJobScopeForRelease:        pulumi.Bool(false),
	EnforceReferencedRepoScopedToken: pulumi.Bool(false),
	EnforceSettableVar:               pulumi.Bool(false),
	PublishPipelineMetadata:          pulumi.Bool(false),
	StatusBadgesArePrivate:           pulumi.Bool(false),
})

var projectPipelineSettingsResource = new ProjectPipelineSettings("projectPipelineSettingsResource", ProjectPipelineSettingsArgs.builder()
    .projectId("string")
    .enforceJobScope(false)
    .enforceJobScopeForRelease(false)
    .enforceReferencedRepoScopedToken(false)
    .enforceSettableVar(false)
    .publishPipelineMetadata(false)
    .statusBadgesArePrivate(false)
    .build());

project_pipeline_settings_resource = azuredevops.ProjectPipelineSettings("projectPipelineSettingsResource",
    project_id="string",
    enforce_job_scope=False,
    enforce_job_scope_for_release=False,
    enforce_referenced_repo_scoped_token=False,
    enforce_settable_var=False,
    publish_pipeline_metadata=False,
    status_badges_are_private=False)

const projectPipelineSettingsResource = new azuredevops.ProjectPipelineSettings("projectPipelineSettingsResource", {
    projectId: "string",
    enforceJobScope: false,
    enforceJobScopeForRelease: false,
    enforceReferencedRepoScopedToken: false,
    enforceSettableVar: false,
    publishPipelineMetadata: false,
    statusBadgesArePrivate: false,
});

type: azuredevops:ProjectPipelineSettings
properties:
    enforceJobScope: false
    enforceJobScopeForRelease: false
    enforceReferencedRepoScopedToken: false
    enforceSettableVar: false
    projectId: string
    publishPipelineMetadata: false
    statusBadgesArePrivate: false

ProjectPipelineSettings Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ProjectPipelineSettings resource accepts the following input properties:

ProjectId string: The ID of the project for which the project pipeline settings will be managed.
EnforceJobScope bool: Limit job authorization scope to current project for non-release pipelines.
EnforceJobScopeForRelease bool: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
EnforceReferencedRepoScopedToken bool: Protect access to repositories in YAML pipelines.
EnforceSettableVar bool: Limit variables that can be set at queue time.
PublishPipelineMetadata bool: Publish metadata from pipelines.
StatusBadgesArePrivate bool: Disable anonymous access to badges.

ProjectId string: The ID of the project for which the project pipeline settings will be managed.
EnforceJobScope bool: Limit job authorization scope to current project for non-release pipelines.
EnforceJobScopeForRelease bool: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
EnforceReferencedRepoScopedToken bool: Protect access to repositories in YAML pipelines.
EnforceSettableVar bool: Limit variables that can be set at queue time.
PublishPipelineMetadata bool: Publish metadata from pipelines.
StatusBadgesArePrivate bool: Disable anonymous access to badges.

projectId String: The ID of the project for which the project pipeline settings will be managed.
enforceJobScope Boolean: Limit job authorization scope to current project for non-release pipelines.
enforceJobScopeForRelease Boolean: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforceReferencedRepoScopedToken Boolean: Protect access to repositories in YAML pipelines.
enforceSettableVar Boolean: Limit variables that can be set at queue time.
publishPipelineMetadata Boolean: Publish metadata from pipelines.
statusBadgesArePrivate Boolean: Disable anonymous access to badges.

projectId string: The ID of the project for which the project pipeline settings will be managed.
enforceJobScope boolean: Limit job authorization scope to current project for non-release pipelines.
enforceJobScopeForRelease boolean: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforceReferencedRepoScopedToken boolean: Protect access to repositories in YAML pipelines.
enforceSettableVar boolean: Limit variables that can be set at queue time.
publishPipelineMetadata boolean: Publish metadata from pipelines.
statusBadgesArePrivate boolean: Disable anonymous access to badges.

project_id str: The ID of the project for which the project pipeline settings will be managed.
enforce_job_scope bool: Limit job authorization scope to current project for non-release pipelines.
enforce_job_scope_for_release bool: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforce_referenced_repo_scoped_token bool: Protect access to repositories in YAML pipelines.
enforce_settable_var bool: Limit variables that can be set at queue time.
publish_pipeline_metadata bool: Publish metadata from pipelines.
status_badges_are_private bool: Disable anonymous access to badges.

projectId String: The ID of the project for which the project pipeline settings will be managed.
enforceJobScope Boolean: Limit job authorization scope to current project for non-release pipelines.
enforceJobScopeForRelease Boolean: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforceReferencedRepoScopedToken Boolean: Protect access to repositories in YAML pipelines.
enforceSettableVar Boolean: Limit variables that can be set at queue time.
publishPipelineMetadata Boolean: Publish metadata from pipelines.
statusBadgesArePrivate Boolean: Disable anonymous access to badges.

Outputs

All input properties are implicitly available as output properties. Additionally, the ProjectPipelineSettings resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ProjectPipelineSettings Resource

Get an existing ProjectPipelineSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ProjectPipelineSettingsState, opts?: CustomResourceOptions): ProjectPipelineSettings

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        enforce_job_scope: Optional[bool] = None,
        enforce_job_scope_for_release: Optional[bool] = None,
        enforce_referenced_repo_scoped_token: Optional[bool] = None,
        enforce_settable_var: Optional[bool] = None,
        project_id: Optional[str] = None,
        publish_pipeline_metadata: Optional[bool] = None,
        status_badges_are_private: Optional[bool] = None) -> ProjectPipelineSettings

func GetProjectPipelineSettings(ctx *Context, name string, id IDInput, state *ProjectPipelineSettingsState, opts ...ResourceOption) (*ProjectPipelineSettings, error)

public static ProjectPipelineSettings Get(string name, Input<string> id, ProjectPipelineSettingsState? state, CustomResourceOptions? opts = null)

public static ProjectPipelineSettings get(String name, Output<String> id, ProjectPipelineSettingsState state, CustomResourceOptions options)

resources:  _:    type: azuredevops:ProjectPipelineSettings    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

EnforceJobScope bool: Limit job authorization scope to current project for non-release pipelines.
EnforceJobScopeForRelease bool: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
EnforceReferencedRepoScopedToken bool: Protect access to repositories in YAML pipelines.
EnforceSettableVar bool: Limit variables that can be set at queue time.
ProjectId string: The ID of the project for which the project pipeline settings will be managed.
PublishPipelineMetadata bool: Publish metadata from pipelines.
StatusBadgesArePrivate bool: Disable anonymous access to badges.

EnforceJobScope bool: Limit job authorization scope to current project for non-release pipelines.
EnforceJobScopeForRelease bool: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
EnforceReferencedRepoScopedToken bool: Protect access to repositories in YAML pipelines.
EnforceSettableVar bool: Limit variables that can be set at queue time.
ProjectId string: The ID of the project for which the project pipeline settings will be managed.
PublishPipelineMetadata bool: Publish metadata from pipelines.
StatusBadgesArePrivate bool: Disable anonymous access to badges.

enforceJobScope Boolean: Limit job authorization scope to current project for non-release pipelines.
enforceJobScopeForRelease Boolean: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforceReferencedRepoScopedToken Boolean: Protect access to repositories in YAML pipelines.
enforceSettableVar Boolean: Limit variables that can be set at queue time.
projectId String: The ID of the project for which the project pipeline settings will be managed.
publishPipelineMetadata Boolean: Publish metadata from pipelines.
statusBadgesArePrivate Boolean: Disable anonymous access to badges.

enforceJobScope boolean: Limit job authorization scope to current project for non-release pipelines.
enforceJobScopeForRelease boolean: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforceReferencedRepoScopedToken boolean: Protect access to repositories in YAML pipelines.
enforceSettableVar boolean: Limit variables that can be set at queue time.
projectId string: The ID of the project for which the project pipeline settings will be managed.
publishPipelineMetadata boolean: Publish metadata from pipelines.
statusBadgesArePrivate boolean: Disable anonymous access to badges.

enforce_job_scope bool: Limit job authorization scope to current project for non-release pipelines.
enforce_job_scope_for_release bool: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforce_referenced_repo_scoped_token bool: Protect access to repositories in YAML pipelines.
enforce_settable_var bool: Limit variables that can be set at queue time.
project_id str: The ID of the project for which the project pipeline settings will be managed.
publish_pipeline_metadata bool: Publish metadata from pipelines.
status_badges_are_private bool: Disable anonymous access to badges.

enforceJobScope Boolean: Limit job authorization scope to current project for non-release pipelines.
enforceJobScopeForRelease Boolean: Limit job authorization scope to current project for release pipelines.
NOTE: The settings at the organization will override settings specified on the project. For example, if enforce_job_scope is true at the organization, the azuredevops.ProjectPipelineSettings resource cannot set it to false. In this scenario, the plan will always show that the resource is trying to change enforce_job_scope from true to false.
enforceReferencedRepoScopedToken Boolean: Protect access to repositories in YAML pipelines.
enforceSettableVar Boolean: Limit variables that can be set at queue time.
projectId String: The ID of the project for which the project pipeline settings will be managed.
publishPipelineMetadata Boolean: Publish metadata from pipelines.
statusBadgesArePrivate Boolean: Disable anonymous access to badges.

Import

Azure DevOps feature settings can be imported using the project id, e.g.

$ pulumi import azuredevops:index/projectPipelineSettings:ProjectPipelineSettings example 00000000-0000-0000-0000-000000000000

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Azure DevOps pulumi/pulumi-azuredevops
License: Apache-2.0
Notes: This Pulumi package is based on the azuredevops Terraform Provider.

Azure DevOps v3.8.0 published on Monday, Mar 17, 2025 by Pulumi

pulumi/pulumi-azuredevops

azuredevops.ProjectPipelineSettings

On this page

On this page

Example Usage

Relevant Links

PAT Permissions Required

Create ProjectPipelineSettings Resource

Constructor syntax

Parameters

Constructor example

ProjectPipelineSettings Resource Properties

Inputs

Outputs

Look up Existing ProjectPipelineSettings Resource

Import

Package Details

On this page

On this page