Add descriptions for Access rules #3792
Conversation
|
changelog detected ✅ |
jroyal
force-pushed
the
jroyal/doc-update-auth-method
branch
from
f06463e to
d382437
Compare
jroyal
force-pushed
the
jroyal/doc-update-auth-method
branch
from
d382437 to
ab3f8be
Compare
|
This should match whats in the API docs since I just copied those values. If we update anything then we should update it in both places. |
|
|
||
| Optional: | ||
|
|
||
| - `platform` (String) The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. | ||
| - `paths` (Set of String) List of paths to check for client certificate rule. | ||
| - `trust_stores` (Set of String) List of trust stores to check for client certificate rule. Available values: `system`, `user`. |
There was a problem hiding this comment.
@aw-cf Can we be more specific about which paths and trust_stores options are available for each platform?
There was a problem hiding this comment.
Yes, I think we should be specific here. Please check the dashboard UI in regards to which combinations are valid.
Brief summary:
- Windows
trust_stores:system,user
- macOS
trust_stores:system
- Linux
pathstrust_stores:system
There was a problem hiding this comment.
Is it intentional that these are added in this file as well as docs/resources/zero_trust_device_posture_rule.md?
(Especially since other new attributes like extended_key_usage are not mentioned on this page)
|
Technically all those other ones are unrelated to my PR change, but I guess I can update their docs. |
jroyal
force-pushed
the
jroyal/doc-update-auth-method
branch
from
0345ab8 to
2272b8c
Compare
|
@jroyal hola when you're ready and we'll merge this one in. |
| @@ -78,7 +78,7 @@ Optional: | |||
| - `is_active` (Boolean) True if SentinelOne device is active. | |||
| - `issue_count` (String) The number of issues for kolide. | |||
| - `last_seen` (String) The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. | |||
| - `locations` (Block List) List of locations to check for client certificate posture check. (see [below for nested schema](#nestedblock--certificate_locations)) | |||
| - `locations` (Block List) List of operating system locations to check for a client certificate.. (see [below for nested schema](#nestedblock--input--locations)) | |||
There was a problem hiding this comment.
| - `locations` (Block List) List of operating system locations to check for a client certificate.. (see [below for nested schema](#nestedblock--input--locations)) | |
| - `locations` (Block List) List of operating system locations to check for a client certificate. (see [below for nested schema](#nestedblock--input--locations)) |
|
|
||
| Optional: | ||
|
|
||
| - `platform` (String) The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. | ||
| - `paths` (Set of String) List of paths to check for client certificate rule. | ||
| - `trust_stores` (Set of String) List of trust stores to check for client certificate rule. Available values: `system`, `user`. |
There was a problem hiding this comment.
Yes, I think we should be specific here. Please check the dashboard UI in regards to which combinations are valid.
Brief summary:
- Windows
trust_stores:system,user
- macOS
trust_stores:system
- Linux
pathstrust_stores:system
| @@ -60,7 +60,7 @@ resource "cloudflare_device_settings_policy" "developer_warp_policy" { | |||
| - `service_mode_v2_port` (Number) The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. | |||
| - `support_url` (String) The support URL that will be opened when sending feedback. | |||
| - `switch_locked` (Boolean) Enablement of the ZT client switch lock. | |||
| - `tunnel_protocol` (String) Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` | |||
| - `tunnel_protocol` (String) Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. | |||
There was a problem hiding this comment.
@dh-cf should me make it clear that the default may be subject to change in the future?
| - `tunnel_protocol` (String) Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. | |
| - `tunnel_protocol` (String) Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Currently defaults to `wireguard`. |
|
|
||
| Optional: | ||
|
|
||
| - `platform` (String) The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`. | ||
| - `paths` (Set of String) List of paths to check for client certificate rule. | ||
| - `trust_stores` (Set of String) List of trust stores to check for client certificate rule. Available values: `system`, `user`. |
There was a problem hiding this comment.
Is it intentional that these are added in this file as well as docs/resources/zero_trust_device_posture_rule.md?
(Especially since other new attributes like extended_key_usage are not mentioned on this page)
|
The docs pages are autogenerated. I think we should have a separate PR to address any issues with the device posture rule docs. |
|
@jacobbednarz I think this is ready. |
|
This functionality has been released in v4.42.0 of the Terraform Cloudflare Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
Also ran
make docswhich picked up a lot of other changes. Let me know if I shouldn't do that and if there is a better process for that.