From 1f629ba399c38bb524670081118f7e03a29a201e Mon Sep 17 00:00:00 2001 From: pulumi-bot Date: Wed, 18 Sep 2024 03:21:56 +0000 Subject: [PATCH 1/2] make tfgen --- .pulumi-java-gen.version | 2 +- .../bridge-metadata.json | 23 + .../pulumi-resource-cloudflare/schema.json | 1622 ++++++++++++----- provider/go.mod | 34 +- provider/go.sum | 84 +- upstream | 2 +- 6 files changed, 1240 insertions(+), 527 deletions(-) diff --git a/.pulumi-java-gen.version b/.pulumi-java-gen.version index d183d4ace..92e0c7438 100644 --- a/.pulumi-java-gen.version +++ b/.pulumi-java-gen.version @@ -1 +1 @@ -0.16.0 \ No newline at end of file +0.16.1 \ No newline at end of file diff --git a/provider/cmd/pulumi-resource-cloudflare/bridge-metadata.json b/provider/cmd/pulumi-resource-cloudflare/bridge-metadata.json index 2cd7807f3..222c45b7e 100644 --- a/provider/cmd/pulumi-resource-cloudflare/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-cloudflare/bridge-metadata.json @@ -1933,6 +1933,9 @@ } } }, + "cache_reserve": { + "maxItemsOne": true + }, "cookie_fields": { "maxItemsOne": false }, @@ -2118,6 +2121,9 @@ "body_scanning": { "maxItemsOne": true }, + "certificate": { + "maxItemsOne": true + }, "custom_certificate": { "maxItemsOne": true }, @@ -2445,6 +2451,9 @@ "d1_database_binding": { "maxItemsOne": false }, + "hyperdrive_config_binding": { + "maxItemsOne": false + }, "kv_namespace_binding": { "maxItemsOne": false }, @@ -2524,6 +2533,9 @@ "d1_database_binding": { "maxItemsOne": false }, + "hyperdrive_config_binding": { + "maxItemsOne": false + }, "kv_namespace_binding": { "maxItemsOne": false }, @@ -3404,6 +3416,10 @@ } } }, + "cloudflare_zero_trust_gateway_certificate": { + "current": "cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", + "majorVersion": 5 + }, "cloudflare_zero_trust_gateway_policy": { "current": "cloudflare:index/zeroTrustGatewayPolicy:ZeroTrustGatewayPolicy", "majorVersion": 5, @@ -3489,6 +3505,9 @@ "body_scanning": { "maxItemsOne": true }, + "certificate": { + "maxItemsOne": true + }, "custom_certificate": { "maxItemsOne": true }, @@ -4073,6 +4092,9 @@ } } }, + "cache_reserve": { + "maxItemsOne": true + }, "cookie_fields": { "maxItemsOne": false }, @@ -4422,6 +4444,7 @@ "cloudflare:index/zeroTrustDexTest:ZeroTrustDexTest": 0, "cloudflare:index/zeroTrustDlpProfile:ZeroTrustDlpProfile": 0, "cloudflare:index/zeroTrustDnsLocation:ZeroTrustDnsLocation": 0, + "cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate": 0, "cloudflare:index/zeroTrustGatewayPolicy:ZeroTrustGatewayPolicy": 0, "cloudflare:index/zeroTrustGatewayProxyEndpoint:ZeroTrustGatewayProxyEndpoint": 0, "cloudflare:index/zeroTrustGatewaySettings:ZeroTrustGatewaySettings": 0, diff --git a/provider/cmd/pulumi-resource-cloudflare/schema.json b/provider/cmd/pulumi-resource-cloudflare/schema.json index 6669edabc..b6d2838ec 100644 --- a/provider/cmd/pulumi-resource-cloudflare/schema.json +++ b/provider/cmd/pulumi-resource-cloudflare/schema.json @@ -592,7 +592,8 @@ "cloudflare:index/AccessGroupExclude:AccessGroupExclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -601,19 +602,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupExcludeAzure:AccessGroupExcludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -626,62 +631,72 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluation": { - "$ref": "#/types/cloudflare:index/AccessGroupExcludeExternalEvaluation:AccessGroupExcludeExternalEvaluation" + "$ref": "#/types/cloudflare:index/AccessGroupExcludeExternalEvaluation:AccessGroupExcludeExternalEvaluation", + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupExcludeGithub:AccessGroupExcludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupExcludeGsuite:AccessGroupExcludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -694,25 +709,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupExcludeOkta:AccessGroupExcludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupExcludeSaml:AccessGroupExcludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -729,7 +748,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -743,7 +762,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -758,10 +777,12 @@ "cloudflare:index/AccessGroupExcludeExternalEvaluation:AccessGroupExcludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -769,16 +790,19 @@ "cloudflare:index/AccessGroupExcludeGithub:AccessGroupExcludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -789,10 +813,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -800,13 +826,15 @@ "cloudflare:index/AccessGroupExcludeOkta:AccessGroupExcludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -814,13 +842,16 @@ "cloudflare:index/AccessGroupExcludeSaml:AccessGroupExcludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -828,7 +859,8 @@ "cloudflare:index/AccessGroupInclude:AccessGroupInclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -837,19 +869,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupIncludeAzure:AccessGroupIncludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -862,62 +898,72 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluation": { - "$ref": "#/types/cloudflare:index/AccessGroupIncludeExternalEvaluation:AccessGroupIncludeExternalEvaluation" + "$ref": "#/types/cloudflare:index/AccessGroupIncludeExternalEvaluation:AccessGroupIncludeExternalEvaluation", + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupIncludeGithub:AccessGroupIncludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupIncludeGsuite:AccessGroupIncludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -930,25 +976,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupIncludeOkta:AccessGroupIncludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupIncludeSaml:AccessGroupIncludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -965,7 +1015,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -979,7 +1029,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -994,10 +1044,12 @@ "cloudflare:index/AccessGroupIncludeExternalEvaluation:AccessGroupIncludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -1005,16 +1057,19 @@ "cloudflare:index/AccessGroupIncludeGithub:AccessGroupIncludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -1025,10 +1080,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -1036,13 +1093,15 @@ "cloudflare:index/AccessGroupIncludeOkta:AccessGroupIncludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -1050,13 +1109,16 @@ "cloudflare:index/AccessGroupIncludeSaml:AccessGroupIncludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -1064,7 +1126,8 @@ "cloudflare:index/AccessGroupRequire:AccessGroupRequire": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -1073,19 +1136,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupRequireAzure:AccessGroupRequireAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -1098,62 +1165,72 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluation": { - "$ref": "#/types/cloudflare:index/AccessGroupRequireExternalEvaluation:AccessGroupRequireExternalEvaluation" + "$ref": "#/types/cloudflare:index/AccessGroupRequireExternalEvaluation:AccessGroupRequireExternalEvaluation", + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupRequireGithub:AccessGroupRequireGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupRequireGsuite:AccessGroupRequireGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -1166,25 +1243,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupRequireOkta:AccessGroupRequireOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessGroupRequireSaml:AccessGroupRequireSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -1201,7 +1282,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -1215,7 +1296,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -1230,10 +1311,12 @@ "cloudflare:index/AccessGroupRequireExternalEvaluation:AccessGroupRequireExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -1241,16 +1324,19 @@ "cloudflare:index/AccessGroupRequireGithub:AccessGroupRequireGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -1261,10 +1347,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -1272,13 +1360,15 @@ "cloudflare:index/AccessGroupRequireOkta:AccessGroupRequireOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -1286,13 +1376,16 @@ "cloudflare:index/AccessGroupRequireSaml:AccessGroupRequireSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -1513,7 +1606,8 @@ "cloudflare:index/AccessPolicyExclude:AccessPolicyExclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -1522,19 +1616,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyExcludeAzure:AccessPolicyExcludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -1547,62 +1645,72 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluation": { - "$ref": "#/types/cloudflare:index/AccessPolicyExcludeExternalEvaluation:AccessPolicyExcludeExternalEvaluation" + "$ref": "#/types/cloudflare:index/AccessPolicyExcludeExternalEvaluation:AccessPolicyExcludeExternalEvaluation", + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyExcludeGithub:AccessPolicyExcludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyExcludeGsuite:AccessPolicyExcludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -1615,25 +1723,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyExcludeOkta:AccessPolicyExcludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyExcludeSaml:AccessPolicyExcludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -1650,7 +1762,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -1664,7 +1776,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -1679,10 +1791,12 @@ "cloudflare:index/AccessPolicyExcludeExternalEvaluation:AccessPolicyExcludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -1690,16 +1804,19 @@ "cloudflare:index/AccessPolicyExcludeGithub:AccessPolicyExcludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -1710,10 +1827,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -1721,13 +1840,15 @@ "cloudflare:index/AccessPolicyExcludeOkta:AccessPolicyExcludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -1735,13 +1856,16 @@ "cloudflare:index/AccessPolicyExcludeSaml:AccessPolicyExcludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -1749,7 +1873,8 @@ "cloudflare:index/AccessPolicyInclude:AccessPolicyInclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -1758,19 +1883,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyIncludeAzure:AccessPolicyIncludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -1783,62 +1912,72 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluation": { - "$ref": "#/types/cloudflare:index/AccessPolicyIncludeExternalEvaluation:AccessPolicyIncludeExternalEvaluation" + "$ref": "#/types/cloudflare:index/AccessPolicyIncludeExternalEvaluation:AccessPolicyIncludeExternalEvaluation", + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyIncludeGithub:AccessPolicyIncludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyIncludeGsuite:AccessPolicyIncludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -1851,25 +1990,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyIncludeOkta:AccessPolicyIncludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyIncludeSaml:AccessPolicyIncludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -1886,7 +2029,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -1900,7 +2043,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -1915,10 +2058,12 @@ "cloudflare:index/AccessPolicyIncludeExternalEvaluation:AccessPolicyIncludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -1926,16 +2071,19 @@ "cloudflare:index/AccessPolicyIncludeGithub:AccessPolicyIncludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -1946,10 +2094,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -1957,13 +2107,15 @@ "cloudflare:index/AccessPolicyIncludeOkta:AccessPolicyIncludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -1971,13 +2123,16 @@ "cloudflare:index/AccessPolicyIncludeSaml:AccessPolicyIncludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -1985,7 +2140,8 @@ "cloudflare:index/AccessPolicyRequire:AccessPolicyRequire": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -1994,19 +2150,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyRequireAzure:AccessPolicyRequireAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -2019,62 +2179,72 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluation": { - "$ref": "#/types/cloudflare:index/AccessPolicyRequireExternalEvaluation:AccessPolicyRequireExternalEvaluation" + "$ref": "#/types/cloudflare:index/AccessPolicyRequireExternalEvaluation:AccessPolicyRequireExternalEvaluation", + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyRequireGithub:AccessPolicyRequireGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyRequireGsuite:AccessPolicyRequireGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -2087,25 +2257,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyRequireOkta:AccessPolicyRequireOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/AccessPolicyRequireSaml:AccessPolicyRequireSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -2122,7 +2296,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -2136,7 +2310,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -2151,10 +2325,12 @@ "cloudflare:index/AccessPolicyRequireExternalEvaluation:AccessPolicyRequireExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -2162,16 +2338,19 @@ "cloudflare:index/AccessPolicyRequireGithub:AccessPolicyRequireGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -2182,10 +2361,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -2193,13 +2374,15 @@ "cloudflare:index/AccessPolicyRequireOkta:AccessPolicyRequireOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -2207,13 +2390,16 @@ "cloudflare:index/AccessPolicyRequireSaml:AccessPolicyRequireSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -2797,7 +2983,7 @@ "items": { "$ref": "#/types/cloudflare:index/DevicePostureRuleInputLocation:DevicePostureRuleInputLocation" }, - "description": "List of locations to check for client certificate posture check.\n" + "description": "List of operating system locations to check for a client certificate..\n" }, "networkStatus": { "type": "string", @@ -2869,7 +3055,7 @@ }, "versionOperator": { "type": "string", - "description": "The version comparison operator for crowdstrike. Available values: `\u003e`, `\u003e=`, `\u003c`, `\u003c=`, `==`.\n" + "description": "The version comparison operator for Crowdstrike. Available values: `\u003e`, `\u003e=`, `\u003c`, `\u003c=`, `==`.\n" } }, "type": "object", @@ -2893,14 +3079,14 @@ "items": { "type": "string" }, - "description": "List of paths to check for client certificate.\n" + "description": "List of paths to check for client certificate rule.\n" }, "trustStores": { "type": "array", "items": { "type": "string" }, - "description": "List of trust stores to check for client certificate. Available values: `system`, `user`.\n" + "description": "List of trust stores to check for client certificate rule. Available values: `system`, `user`.\n" } }, "type": "object" @@ -5347,6 +5533,10 @@ "$ref": "#/types/cloudflare:index/RulesetRuleActionParametersCacheKey:RulesetRuleActionParametersCacheKey", "description": "List of cache key parameters to apply to the request.\n" }, + "cacheReserve": { + "$ref": "#/types/cloudflare:index/RulesetRuleActionParametersCacheReserve:RulesetRuleActionParametersCacheReserve", + "description": "List of cache reserve parameters to apply to the request.\n" + }, "content": { "type": "string", "description": "Content of the custom error response.\n" @@ -5758,6 +5948,22 @@ }, "type": "object" }, + "cloudflare:index/RulesetRuleActionParametersCacheReserve:RulesetRuleActionParametersCacheReserve": { + "properties": { + "eligible": { + "type": "boolean", + "description": "Determines whether Cloudflare will write the eligible resource to cache reserve.\n" + }, + "minimumFileSize": { + "type": "integer", + "description": "The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and \"eligible\" is true, Cloudflare will use 0 bytes by default.\n" + } + }, + "type": "object", + "required": [ + "eligible" + ] + }, "cloudflare:index/RulesetRuleActionParametersEdgeTtl:RulesetRuleActionParametersEdgeTtl": { "properties": { "default": { @@ -6297,6 +6503,18 @@ "inspectionMode" ] }, + "cloudflare:index/TeamsAccountCertificate:TeamsAccountCertificate": { + "properties": { + "id": { + "type": "string", + "description": "ID of certificate for TLS interception.\n" + } + }, + "type": "object", + "required": [ + "id" + ] + }, "cloudflare:index/TeamsAccountCustomCertificate:TeamsAccountCustomCertificate": { "properties": { "enabled": { @@ -6449,7 +6667,7 @@ "properties": { "disableForTime": { "type": "integer", - "description": "Sets the time limit in seconds that a user can use an override code to bypass WARP\n" + "description": "Sets the time limit in seconds that a user can use an override code to bypass WARP.\n" }, "rootCa": { "type": "boolean", @@ -7224,6 +7442,23 @@ "name" ] }, + "cloudflare:index/WorkerScriptHyperdriveConfigBinding:WorkerScriptHyperdriveConfigBinding": { + "properties": { + "binding": { + "type": "string", + "description": "The global variable for the binding in your Worker code.\n" + }, + "id": { + "type": "string", + "description": "The ID of the Hyperdrive config to use.\n" + } + }, + "type": "object", + "required": [ + "binding", + "id" + ] + }, "cloudflare:index/WorkerScriptKvNamespaceBinding:WorkerScriptKvNamespaceBinding": { "properties": { "name": { @@ -7394,6 +7629,23 @@ "name" ] }, + "cloudflare:index/WorkersScriptHyperdriveConfigBinding:WorkersScriptHyperdriveConfigBinding": { + "properties": { + "binding": { + "type": "string", + "description": "The global variable for the binding in your Worker code.\n" + }, + "id": { + "type": "string", + "description": "The ID of the Hyperdrive config to use.\n" + } + }, + "type": "object", + "required": [ + "binding", + "id" + ] + }, "cloudflare:index/WorkersScriptKvNamespaceBinding:WorkersScriptKvNamespaceBinding": { "properties": { "name": { @@ -7985,7 +8237,8 @@ "cloudflare:index/ZeroTrustAccessGroupExclude:ZeroTrustAccessGroupExclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -7994,19 +8247,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupExcludeAzure:ZeroTrustAccessGroupExcludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -8019,65 +8276,75 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluations": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupExcludeExternalEvaluation:ZeroTrustAccessGroupExcludeExternalEvaluation" - } + }, + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupExcludeGithub:ZeroTrustAccessGroupExcludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupExcludeGsuite:ZeroTrustAccessGroupExcludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -8090,25 +8357,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupExcludeOkta:ZeroTrustAccessGroupExcludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupExcludeSaml:ZeroTrustAccessGroupExcludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -8125,7 +8396,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -8139,7 +8410,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -8154,10 +8425,12 @@ "cloudflare:index/ZeroTrustAccessGroupExcludeExternalEvaluation:ZeroTrustAccessGroupExcludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -8165,16 +8438,19 @@ "cloudflare:index/ZeroTrustAccessGroupExcludeGithub:ZeroTrustAccessGroupExcludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -8185,10 +8461,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -8196,13 +8474,15 @@ "cloudflare:index/ZeroTrustAccessGroupExcludeOkta:ZeroTrustAccessGroupExcludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -8210,13 +8490,16 @@ "cloudflare:index/ZeroTrustAccessGroupExcludeSaml:ZeroTrustAccessGroupExcludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -8224,7 +8507,8 @@ "cloudflare:index/ZeroTrustAccessGroupInclude:ZeroTrustAccessGroupInclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -8233,19 +8517,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupIncludeAzure:ZeroTrustAccessGroupIncludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -8258,65 +8546,75 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluations": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupIncludeExternalEvaluation:ZeroTrustAccessGroupIncludeExternalEvaluation" - } + }, + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupIncludeGithub:ZeroTrustAccessGroupIncludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupIncludeGsuite:ZeroTrustAccessGroupIncludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -8329,25 +8627,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupIncludeOkta:ZeroTrustAccessGroupIncludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupIncludeSaml:ZeroTrustAccessGroupIncludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -8364,7 +8666,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -8378,7 +8680,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -8393,10 +8695,12 @@ "cloudflare:index/ZeroTrustAccessGroupIncludeExternalEvaluation:ZeroTrustAccessGroupIncludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -8404,16 +8708,19 @@ "cloudflare:index/ZeroTrustAccessGroupIncludeGithub:ZeroTrustAccessGroupIncludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -8424,10 +8731,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -8435,13 +8744,15 @@ "cloudflare:index/ZeroTrustAccessGroupIncludeOkta:ZeroTrustAccessGroupIncludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -8449,13 +8760,16 @@ "cloudflare:index/ZeroTrustAccessGroupIncludeSaml:ZeroTrustAccessGroupIncludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -8463,7 +8777,8 @@ "cloudflare:index/ZeroTrustAccessGroupRequire:ZeroTrustAccessGroupRequire": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -8472,19 +8787,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupRequireAzure:ZeroTrustAccessGroupRequireAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -8497,65 +8816,75 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluations": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupRequireExternalEvaluation:ZeroTrustAccessGroupRequireExternalEvaluation" - } + }, + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupRequireGithub:ZeroTrustAccessGroupRequireGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupRequireGsuite:ZeroTrustAccessGroupRequireGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -8568,25 +8897,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupRequireOkta:ZeroTrustAccessGroupRequireOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessGroupRequireSaml:ZeroTrustAccessGroupRequireSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -8603,7 +8936,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -8617,7 +8950,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -8632,10 +8965,12 @@ "cloudflare:index/ZeroTrustAccessGroupRequireExternalEvaluation:ZeroTrustAccessGroupRequireExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -8643,16 +8978,19 @@ "cloudflare:index/ZeroTrustAccessGroupRequireGithub:ZeroTrustAccessGroupRequireGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -8663,10 +9001,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -8674,13 +9014,15 @@ "cloudflare:index/ZeroTrustAccessGroupRequireOkta:ZeroTrustAccessGroupRequireOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -8688,13 +9030,16 @@ "cloudflare:index/ZeroTrustAccessGroupRequireSaml:ZeroTrustAccessGroupRequireSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -8915,7 +9260,8 @@ "cloudflare:index/ZeroTrustAccessPolicyExclude:ZeroTrustAccessPolicyExclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -8924,19 +9270,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyExcludeAzure:ZeroTrustAccessPolicyExcludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -8949,65 +9299,75 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluations": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyExcludeExternalEvaluation:ZeroTrustAccessPolicyExcludeExternalEvaluation" - } + }, + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyExcludeGithub:ZeroTrustAccessPolicyExcludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyExcludeGsuite:ZeroTrustAccessPolicyExcludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -9020,25 +9380,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyExcludeOkta:ZeroTrustAccessPolicyExcludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyExcludeSaml:ZeroTrustAccessPolicyExcludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -9055,7 +9419,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -9069,7 +9433,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -9084,10 +9448,12 @@ "cloudflare:index/ZeroTrustAccessPolicyExcludeExternalEvaluation:ZeroTrustAccessPolicyExcludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -9095,16 +9461,19 @@ "cloudflare:index/ZeroTrustAccessPolicyExcludeGithub:ZeroTrustAccessPolicyExcludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -9115,10 +9484,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -9126,13 +9497,15 @@ "cloudflare:index/ZeroTrustAccessPolicyExcludeOkta:ZeroTrustAccessPolicyExcludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -9140,13 +9513,16 @@ "cloudflare:index/ZeroTrustAccessPolicyExcludeSaml:ZeroTrustAccessPolicyExcludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -9154,7 +9530,8 @@ "cloudflare:index/ZeroTrustAccessPolicyInclude:ZeroTrustAccessPolicyInclude": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -9163,19 +9540,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyIncludeAzure:ZeroTrustAccessPolicyIncludeAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -9188,65 +9569,75 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluations": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyIncludeExternalEvaluation:ZeroTrustAccessPolicyIncludeExternalEvaluation" - } + }, + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyIncludeGithub:ZeroTrustAccessPolicyIncludeGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyIncludeGsuite:ZeroTrustAccessPolicyIncludeGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -9259,25 +9650,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyIncludeOkta:ZeroTrustAccessPolicyIncludeOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyIncludeSaml:ZeroTrustAccessPolicyIncludeSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -9294,7 +9689,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -9308,7 +9703,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -9323,10 +9718,12 @@ "cloudflare:index/ZeroTrustAccessPolicyIncludeExternalEvaluation:ZeroTrustAccessPolicyIncludeExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -9334,16 +9731,19 @@ "cloudflare:index/ZeroTrustAccessPolicyIncludeGithub:ZeroTrustAccessPolicyIncludeGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -9354,10 +9754,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -9365,13 +9767,15 @@ "cloudflare:index/ZeroTrustAccessPolicyIncludeOkta:ZeroTrustAccessPolicyIncludeOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -9379,13 +9783,16 @@ "cloudflare:index/ZeroTrustAccessPolicyIncludeSaml:ZeroTrustAccessPolicyIncludeSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -9393,7 +9800,8 @@ "cloudflare:index/ZeroTrustAccessPolicyRequire:ZeroTrustAccessPolicyRequire": { "properties": { "anyValidServiceToken": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid Access service token.\n" }, "authContexts": { "type": "array", @@ -9402,19 +9810,23 @@ } }, "authMethod": { - "type": "string" + "type": "string", + "description": "The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types.\n" }, "azures": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyRequireAzure:ZeroTrustAccessPolicyRequireAzure" - } + }, + "description": "Matches an Azure group. Requires an Azure identity provider.\n" }, "certificate": { - "type": "boolean" + "type": "boolean", + "description": "Matches any valid client certificate.\n" }, "commonName": { - "type": "string" + "type": "string", + "description": "Matches a valid client certificate common name.\n" }, "commonNames": { "type": "array", @@ -9427,65 +9839,75 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a device posture integration.\n" }, "emailDomains": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email domain to match.\n" }, "emailLists": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created email list.\n" }, "emails": { "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the user.\n" }, "everyone": { - "type": "boolean" + "type": "boolean", + "description": "Matches everyone.\n" }, "externalEvaluations": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyRequireExternalEvaluation:ZeroTrustAccessPolicyRequireExternalEvaluation" - } + }, + "description": "Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/.\n" }, "geos": { "type": "array", "items": { "type": "string" - } + }, + "description": "Matches a specific country.\n" }, "githubs": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyRequireGithub:ZeroTrustAccessPolicyRequireGithub" - } + }, + "description": "Matches a Github organization. Requires a Github identity provider.\n" }, "groups": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a previously created Access group.\n" }, "gsuites": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyRequireGsuite:ZeroTrustAccessPolicyRequireGsuite" - } + }, + "description": "Matches a group in Google Workspace. Requires a Google Workspace identity provider.\n" }, "ipLists": { "type": "array", "items": { "type": "string" }, - "description": "The ID of an existing IP list to reference.\n" + "description": "The ID of a previously created IP list.\n" }, "ips": { "type": "array", @@ -9498,25 +9920,29 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of a configured identity provider.\n" }, "oktas": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyRequireOkta:ZeroTrustAccessPolicyRequireOkta" - } + }, + "description": "Matches an Okta group. Requires an Okta identity provider.\n" }, "samls": { "type": "array", "items": { "$ref": "#/types/cloudflare:index/ZeroTrustAccessPolicyRequireSaml:ZeroTrustAccessPolicyRequireSaml" - } + }, + "description": "Matches a SAML group. Requires a SAML identity provider.\n" }, "serviceTokens": { "type": "array", "items": { "type": "string" - } + }, + "description": "The ID of an Access service token.\n" } }, "type": "object" @@ -9533,7 +9959,7 @@ }, "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" } }, "type": "object", @@ -9547,7 +9973,7 @@ "properties": { "identityProviderId": { "type": "string", - "description": "The ID of the Azure Identity provider.\n" + "description": "The ID of the Azure identity provider.\n" }, "ids": { "type": "array", @@ -9562,10 +9988,12 @@ "cloudflare:index/ZeroTrustAccessPolicyRequireExternalEvaluation:ZeroTrustAccessPolicyRequireExternalEvaluation": { "properties": { "evaluateUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing your business logic.\n" }, "keysUrl": { - "type": "string" + "type": "string", + "description": "The API endpoint containing the key that Access uses to verify that the response came from your API.\n" } }, "type": "object" @@ -9573,16 +10001,19 @@ "cloudflare:index/ZeroTrustAccessPolicyRequireGithub:ZeroTrustAccessPolicyRequireGithub": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Github identity provider.\n" }, "name": { - "type": "string" + "type": "string", + "description": "The name of the organization.\n" }, "teams": { "type": "array", "items": { "type": "string" - } + }, + "description": "The teams that should be matched.\n" } }, "type": "object" @@ -9593,10 +10024,12 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "The email of the Google Workspace group.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Google Workspace identity provider.\n" } }, "type": "object" @@ -9604,13 +10037,15 @@ "cloudflare:index/ZeroTrustAccessPolicyRequireOkta:ZeroTrustAccessPolicyRequireOkta": { "properties": { "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your Okta identity provider.\n" }, "names": { "type": "array", "items": { "type": "string" - } + }, + "description": "The name of the Okta Group.\n" } }, "type": "object" @@ -9618,13 +10053,16 @@ "cloudflare:index/ZeroTrustAccessPolicyRequireSaml:ZeroTrustAccessPolicyRequireSaml": { "properties": { "attributeName": { - "type": "string" + "type": "string", + "description": "The name of the SAML attribute.\n" }, "attributeValue": { - "type": "string" + "type": "string", + "description": "The SAML attribute value to look for.\n" }, "identityProviderId": { - "type": "string" + "type": "string", + "description": "The ID of your SAML identity provider.\n" } }, "type": "object" @@ -9730,7 +10168,7 @@ }, "eidLastSeen": { "type": "string", - "description": "The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`\n" + "description": "The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`.\n" }, "enabled": { "type": "boolean", @@ -9745,7 +10183,7 @@ "items": { "type": "string" }, - "description": "List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`\n" + "description": "List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`.\n" }, "id": { "type": "string", @@ -9772,7 +10210,7 @@ "items": { "$ref": "#/types/cloudflare:index/ZeroTrustDevicePostureRuleInputLocation:ZeroTrustDevicePostureRuleInputLocation" }, - "description": "List of locations to check for client certificate.\n" + "description": "List of operating system locations to check for a client certificate..\n" }, "networkStatus": { "type": "string", @@ -9844,7 +10282,7 @@ }, "versionOperator": { "type": "string", - "description": "The version comparison operator for crowdstrike. Available values: `\u003e`, `\u003e=`, `\u003c`, `\u003c=`, `==`.\n" + "description": "The version comparison operator for Crowdstrike. Available values: `\u003e`, `\u003e=`, `\u003c`, `\u003c=`, `==`.\n" } }, "type": "object", @@ -9875,7 +10313,7 @@ "items": { "type": "string" }, - "description": "List of trust stores to check for client certificate rule. Available values: `system`, `user`\n" + "description": "List of trust stores to check for client certificate rule. Available values: `system`, `user`.\n" } }, "type": "object" @@ -10394,6 +10832,18 @@ "inspectionMode" ] }, + "cloudflare:index/ZeroTrustGatewaySettingsCertificate:ZeroTrustGatewaySettingsCertificate": { + "properties": { + "id": { + "type": "string", + "description": "ID of certificate for TLS interception.\n" + } + }, + "type": "object", + "required": [ + "id" + ] + }, "cloudflare:index/ZeroTrustGatewaySettingsCustomCertificate:ZeroTrustGatewaySettingsCustomCertificate": { "properties": { "enabled": { @@ -10546,7 +10996,7 @@ "properties": { "disableForTime": { "type": "integer", - "description": "Sets the time limit in seconds that a user can use an override code to bypass WARP\n" + "description": "Sets the time limit in seconds that a user can use an override code to bypass WARP.\n" }, "rootCa": { "type": "boolean", @@ -11097,6 +11547,9 @@ "pseudoIpv4": { "type": "string" }, + "replaceInsecureJs": { + "type": "string" + }, "responseBuffering": { "type": "string" }, @@ -11194,6 +11647,7 @@ "privacyPass", "proxyReadTimeout", "pseudoIpv4", + "replaceInsecureJs", "responseBuffering", "rocketLoader", "securityHeader", @@ -11421,6 +11875,9 @@ "pseudoIpv4": { "type": "string" }, + "replaceInsecureJs": { + "type": "string" + }, "responseBuffering": { "type": "string" }, @@ -11518,6 +11975,7 @@ "privacyPass", "proxyReadTimeout", "pseudoIpv4", + "replaceInsecureJs", "responseBuffering", "rocketLoader", "securityHeader", @@ -12308,6 +12766,10 @@ "$ref": "#/types/cloudflare:index/getRulesetsRulesetRuleActionParametersCacheKey:getRulesetsRulesetRuleActionParametersCacheKey", "description": "List of cache key parameters to apply to the request.\n" }, + "cacheReserve": { + "$ref": "#/types/cloudflare:index/getRulesetsRulesetRuleActionParametersCacheReserve:getRulesetsRulesetRuleActionParametersCacheReserve", + "description": "List of cache reserve parameters to apply to the request.\n" + }, "content": { "type": "string", "description": "Content of the custom error response\n" @@ -12698,6 +13160,27 @@ }, "type": "object" }, + "cloudflare:index/getRulesetsRulesetRuleActionParametersCacheReserve:getRulesetsRulesetRuleActionParametersCacheReserve": { + "properties": { + "eligible": { + "type": "boolean", + "description": "Determines whether Cloudflare will write the eligible resource to cache reserve.\n" + }, + "minimumFileSize": { + "type": "integer", + "description": "The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and \"eligible\" is true, Cloudflare will use 0 bytes by default.\n" + } + }, + "type": "object", + "required": [ + "eligible" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "cloudflare:index/getRulesetsRulesetRuleActionParametersEdgeTtl:getRulesetsRulesetRuleActionParametersEdgeTtl": { "properties": { "default": { @@ -14551,7 +15034,7 @@ "properties": { "accountId": { "type": "string", - "description": "The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The account identifier to target for the resource. Conflicts with `zone_id`.\n" }, "applicationId": { "type": "string", @@ -14617,7 +15100,7 @@ }, "zoneId": { "type": "string", - "description": "The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The zone identifier to target for the resource. Conflicts with `account_id`.\n" } }, "required": [ @@ -14628,7 +15111,7 @@ "inputProperties": { "accountId": { "type": "string", - "description": "The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The account identifier to target for the resource. Conflicts with `zone_id`.\n" }, "applicationId": { "type": "string", @@ -14695,7 +15178,7 @@ }, "zoneId": { "type": "string", - "description": "The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The zone identifier to target for the resource. Conflicts with `account_id`.\n" } }, "requiredInputs": [ @@ -14708,7 +15191,7 @@ "properties": { "accountId": { "type": "string", - "description": "The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The account identifier to target for the resource. Conflicts with `zone_id`.\n" }, "applicationId": { "type": "string", @@ -14775,7 +15258,7 @@ }, "zoneId": { "type": "string", - "description": "The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The zone identifier to target for the resource. Conflicts with `account_id`.\n" } }, "type": "object" @@ -16065,6 +16548,10 @@ "cloudflare:index/botManagement:BotManagement": { "description": "Provides a resource to configure Bot Management.\n\nSpecifically, this resource can be used to manage:\n\n- **Bot Fight Mode**\n- **Super Bot Fight Mode**\n- **Bot Management for Enterprise**\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\nconst example = new cloudflare.BotManagement(\"example\", {\n zoneId: \"0da42c8d2132a9ddaf714f9e7c920711\",\n enableJs: true,\n sbfmDefinitelyAutomated: \"block\",\n sbfmLikelyAutomated: \"managed_challenge\",\n sbfmVerifiedBots: \"allow\",\n sbfmStaticResourceProtection: false,\n optimizeWordpress: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\nexample = cloudflare.BotManagement(\"example\",\n zone_id=\"0da42c8d2132a9ddaf714f9e7c920711\",\n enable_js=True,\n sbfm_definitely_automated=\"block\",\n sbfm_likely_automated=\"managed_challenge\",\n sbfm_verified_bots=\"allow\",\n sbfm_static_resource_protection=False,\n optimize_wordpress=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Cloudflare.BotManagement(\"example\", new()\n {\n ZoneId = \"0da42c8d2132a9ddaf714f9e7c920711\",\n EnableJs = true,\n SbfmDefinitelyAutomated = \"block\",\n SbfmLikelyAutomated = \"managed_challenge\",\n SbfmVerifiedBots = \"allow\",\n SbfmStaticResourceProtection = false,\n OptimizeWordpress = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudflare.NewBotManagement(ctx, \"example\", \u0026cloudflare.BotManagementArgs{\n\t\t\tZoneId: pulumi.String(\"0da42c8d2132a9ddaf714f9e7c920711\"),\n\t\t\tEnableJs: pulumi.Bool(true),\n\t\t\tSbfmDefinitelyAutomated: pulumi.String(\"block\"),\n\t\t\tSbfmLikelyAutomated: pulumi.String(\"managed_challenge\"),\n\t\t\tSbfmVerifiedBots: pulumi.String(\"allow\"),\n\t\t\tSbfmStaticResourceProtection: pulumi.Bool(false),\n\t\t\tOptimizeWordpress: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.BotManagement;\nimport com.pulumi.cloudflare.BotManagementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BotManagement(\"example\", BotManagementArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .enableJs(true)\n .sbfmDefinitelyAutomated(\"block\")\n .sbfmLikelyAutomated(\"managed_challenge\")\n .sbfmVerifiedBots(\"allow\")\n .sbfmStaticResourceProtection(false)\n .optimizeWordpress(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: cloudflare:BotManagement\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n enableJs: true\n sbfmDefinitelyAutomated: block\n sbfmLikelyAutomated: managed_challenge\n sbfmVerifiedBots: allow\n sbfmStaticResourceProtection: false\n optimizeWordpress: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import cloudflare:index/botManagement:BotManagement example \u003czone_id\u003e\n```\n\n", "properties": { + "aiBotsProtection": { + "type": "string", + "description": "Enable rule to block AI Scrapers and Crawlers.\n" + }, "autoUpdateModel": { "type": "boolean", "description": "Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes).\n" @@ -16111,10 +16598,15 @@ } }, "required": [ + "aiBotsProtection", "usingLatestModel", "zoneId" ], "inputProperties": { + "aiBotsProtection": { + "type": "string", + "description": "Enable rule to block AI Scrapers and Crawlers.\n" + }, "autoUpdateModel": { "type": "boolean", "description": "Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes).\n" @@ -16163,6 +16655,10 @@ "stateInputs": { "description": "Input properties used for looking up and filtering BotManagement resources.\n", "properties": { + "aiBotsProtection": { + "type": "string", + "description": "Enable rule to block AI Scrapers and Crawlers.\n" + }, "autoUpdateModel": { "type": "boolean", "description": "Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes).\n" @@ -17553,7 +18049,7 @@ }, "tunnelProtocol": { "type": "string", - "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`\n" + "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`.\n" } }, "required": [ @@ -17636,7 +18132,7 @@ }, "tunnelProtocol": { "type": "string", - "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`\n" + "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`.\n" } }, "requiredInputs": [ @@ -17721,7 +18217,7 @@ }, "tunnelProtocol": { "type": "string", - "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`\n" + "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`.\n" } }, "type": "object" @@ -21906,7 +22402,7 @@ }, "alertType": { "type": "string", - "description": "The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.\n" + "description": "The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.\n" }, "created": { "type": "string", @@ -21969,7 +22465,7 @@ }, "alertType": { "type": "string", - "description": "The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.\n" + "description": "The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.\n" }, "description": { "type": "string", @@ -22024,7 +22520,7 @@ }, "alertType": { "type": "string", - "description": "The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.\n" + "description": "The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.\n" }, "created": { "type": "string", @@ -23312,7 +23808,7 @@ } }, "cloudflare:index/ruleset:Ruleset": { - "description": "The [Cloudflare Ruleset Engine](https://developers.cloudflare.com/firewall/cf-rulesets)\nallows you to create and deploy rules and rulesets.\n\nThe engine syntax, inspired by the Wireshark Display Filter language, is the\nsame syntax used in custom Firewall Rules. Cloudflare uses the Ruleset Engine\nin different products, allowing you to configure several products using the same\nbasic syntax.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.Ruleset;\nimport com.pulumi.cloudflare.RulesetArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersOverridesArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriPathArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriQueryArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleRatelimitArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersOriginArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersEdgeTtlArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersBrowserTtlArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersServeStaleArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromListArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueArgs;\nimport com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueTargetUrlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Magic Transit\n var magicTransitExample = new Ruleset(\"magicTransitExample\", RulesetArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .name(\"account magic transit\")\n .description(\"example magic transit ruleset description\")\n .kind(\"root\")\n .phase(\"magic_transit\")\n .rules(RulesetRuleArgs.builder()\n .action(\"allow\")\n .expression(\"tcp.dstport in { 32768..65535 }\")\n .description(\"Allow TCP Ephemeral Ports\")\n .build())\n .build());\n\n // Zone-level WAF Managed Ruleset\n var zoneLevelManagedWaf = new Ruleset(\"zoneLevelManagedWaf\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"managed WAF\")\n .description(\"managed WAF ruleset description\")\n .kind(\"zone\")\n .phase(\"http_request_firewall_managed\")\n .rules(RulesetRuleArgs.builder()\n .action(\"execute\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .id(\"efb7b8c949ac4650a09736fc376e9aee\")\n .build())\n .expression(\"(http.host eq \\\"example.host.com\\\")\")\n .description(\"Execute Cloudflare Managed Ruleset on my zone-level phase entry point ruleset\")\n .enabled(true)\n .build())\n .build());\n\n // Zone-level WAF with tag-based overrides\n var zoneLevelManagedWafWithCategoryBasedOverrides = new Ruleset(\"zoneLevelManagedWafWithCategoryBasedOverrides\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"managed WAF with tag-based overrides\")\n .description(\"managed WAF with tag-based overrides ruleset description\")\n .kind(\"zone\")\n .phase(\"http_request_firewall_managed\")\n .rules(RulesetRuleArgs.builder()\n .action(\"execute\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .id(\"efb7b8c949ac4650a09736fc376e9aee\")\n .overrides(RulesetRuleActionParametersOverridesArgs.builder()\n .categories( \n RulesetRuleActionParametersOverridesCategoryArgs.builder()\n .category(\"wordpress\")\n .action(\"block\")\n .enabled(true)\n .build(),\n RulesetRuleActionParametersOverridesCategoryArgs.builder()\n .category(\"joomla\")\n .action(\"block\")\n .enabled(true)\n .build())\n .build())\n .build())\n .expression(\"(http.host eq \\\"example.host.com\\\")\")\n .description(\"overrides to only enable wordpress rules to block\")\n .enabled(false)\n .build())\n .build());\n\n // Rewrite the URI path component to a static path\n var transformUriRulePath = new Ruleset(\"transformUriRulePath\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"transform rule for URI path\")\n .description(\"change the URI path to a new static path\")\n .kind(\"zone\")\n .phase(\"http_request_transform\")\n .rules(RulesetRuleArgs.builder()\n .action(\"rewrite\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .uri(RulesetRuleActionParametersUriArgs.builder()\n .path(RulesetRuleActionParametersUriPathArgs.builder()\n .value(\"/my-new-route\")\n .build())\n .build())\n .build())\n .expression(\"(http.host eq \\\"example.com\\\" and http.request.uri.path eq \\\"/old-path\\\")\")\n .description(\"example URI path transform rule\")\n .enabled(true)\n .build())\n .build());\n\n // Rewrite the URI query component to a static query\n var transformUriRuleQuery = new Ruleset(\"transformUriRuleQuery\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"transform rule for URI query parameter\")\n .description(\"change the URI query to a new static query\")\n .kind(\"zone\")\n .phase(\"http_request_transform\")\n .rules(RulesetRuleArgs.builder()\n .action(\"rewrite\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .uri(RulesetRuleActionParametersUriArgs.builder()\n .query(RulesetRuleActionParametersUriQueryArgs.builder()\n .value(\"old=new_again\")\n .build())\n .build())\n .build())\n .expression(\"(http.host eq \\\"example.host.com\\\")\")\n .description(\"URI transformation query example\")\n .enabled(true)\n .build())\n .build());\n\n // Rewrite HTTP headers to a modified values\n var transformUriHttpHeaders = new Ruleset(\"transformUriHttpHeaders\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"transform rule for HTTP headers\")\n .description(\"modify HTTP headers before reaching origin\")\n .kind(\"zone\")\n .phase(\"http_request_late_transform\")\n .rules(RulesetRuleArgs.builder()\n .action(\"rewrite\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .headers( \n RulesetRuleActionParametersHeaderArgs.builder()\n .name(\"example-http-header-1\")\n .operation(\"set\")\n .value(\"my-http-header-value-1\")\n .build(),\n RulesetRuleActionParametersHeaderArgs.builder()\n .name(\"example-http-header-2\")\n .operation(\"set\")\n .expression(\"cf.zone.name\")\n .build(),\n RulesetRuleActionParametersHeaderArgs.builder()\n .name(\"example-http-header-3-to-remove\")\n .operation(\"remove\")\n .build())\n .build())\n .expression(\"(http.host eq \\\"example.host.com\\\")\")\n .description(\"example request header transform rule\")\n .enabled(false)\n .build())\n .build());\n\n // HTTP rate limit for an API route\n var rateLimitingExample = new Ruleset(\"rateLimitingExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"restrict API requests count\")\n .description(\"apply HTTP rate limiting for a route\")\n .kind(\"zone\")\n .phase(\"http_ratelimit\")\n .rules(RulesetRuleArgs.builder()\n .action(\"block\")\n .ratelimit(RulesetRuleRatelimitArgs.builder()\n .characteristics( \n \"cf.colo.id\",\n \"ip.src\")\n .period(60)\n .requestsPerPeriod(100)\n .mitigationTimeout(600)\n .build())\n .expression(\"(http.request.uri.path matches \\\"^/api/\\\")\")\n .description(\"rate limit for API\")\n .enabled(true)\n .build())\n .build());\n\n // Change origin for an API route\n var httpOriginExample = new Ruleset(\"httpOriginExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"Change to some origin\")\n .description(\"Change origin for a route\")\n .kind(\"zone\")\n .phase(\"http_request_origin\")\n .rules(RulesetRuleArgs.builder()\n .action(\"route\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .hostHeader(\"some.host\")\n .origin(RulesetRuleActionParametersOriginArgs.builder()\n .host(\"some.host\")\n .port(80)\n .build())\n .build())\n .expression(\"(http.request.uri.path matches \\\"^/api/\\\")\")\n .description(\"change origin to some.host\")\n .enabled(true)\n .build())\n .build());\n\n // Custom fields logging\n var customFieldsLoggingExample = new Ruleset(\"customFieldsLoggingExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"log custom fields\")\n .description(\"add custom fields to logging\")\n .kind(\"zone\")\n .phase(\"http_log_custom_fields\")\n .rules(RulesetRuleArgs.builder()\n .action(\"log_custom_field\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .requestFields( \n \"content-type\",\n \"x-forwarded-for\",\n \"host\")\n .responseFields( \n \"server\",\n \"content-type\",\n \"allow\")\n .cookieFields( \n \"__ga\",\n \"accountNumber\",\n \"__cfruid\")\n .build())\n .expression(\"(http.host eq \\\"example.host.com\\\")\")\n .description(\"log custom fields rule\")\n .enabled(true)\n .build())\n .build());\n\n // Custom cache keys + settings\n var cacheSettingsExample = new Ruleset(\"cacheSettingsExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"set cache settings\")\n .description(\"set cache settings for the request\")\n .kind(\"zone\")\n .phase(\"http_request_cache_settings\")\n .rules(RulesetRuleArgs.builder()\n .action(\"set_cache_settings\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .edgeTtl(RulesetRuleActionParametersEdgeTtlArgs.builder()\n .mode(\"override_origin\")\n .default_(60)\n .statusCodeTtls( \n RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()\n .statusCode(200)\n .value(50)\n .build(),\n RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()\n .statusCodeRange(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .value(30)\n .build())\n .build())\n .browserTtl(RulesetRuleActionParametersBrowserTtlArgs.builder()\n .mode(\"respect_origin\")\n .build())\n .serveStale(RulesetRuleActionParametersServeStaleArgs.builder()\n .disableStaleWhileUpdating(true)\n .build())\n .respectStrongEtags(true)\n .cacheKey(RulesetRuleActionParametersCacheKeyArgs.builder()\n .ignoreQueryStringsOrder(false)\n .cacheDeceptionArmor(true)\n .customKey(RulesetRuleActionParametersCacheKeyCustomKeyArgs.builder()\n .queryString(RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs.builder()\n .excludes(\"*\")\n .build())\n .header(RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs.builder()\n .includes( \n \"habc\",\n \"hdef\")\n .checkPresences( \n \"habc_t\",\n \"hdef_t\")\n .excludeOrigin(true)\n .contains(Map.ofEntries(\n Map.entry(\"accept\", \n \"image/web\",\n \"image/png\"),\n Map.entry(\"accept-encoding\", \n \"br\",\n \"zstd\"),\n Map.entry(\"some-header\", \n \"some-value\",\n \"some-other-value\")\n ))\n .build())\n .cookie(RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs.builder()\n .includes( \n \"cabc\",\n \"cdef\")\n .checkPresences( \n \"cabc_t\",\n \"cdef_t\")\n .build())\n .user(RulesetRuleActionParametersCacheKeyCustomKeyUserArgs.builder()\n .deviceType(true)\n .geo(false)\n .build())\n .host(RulesetRuleActionParametersCacheKeyCustomKeyHostArgs.builder()\n .resolved(true)\n .build())\n .build())\n .build())\n .originErrorPagePassthru(false)\n .build())\n .expression(\"(http.host eq \\\"example.host.com\\\")\")\n .description(\"set cache settings rule\")\n .enabled(true)\n .build())\n .build());\n\n // Redirects based on a List resource\n var redirectFromListExample = new Ruleset(\"redirectFromListExample\", RulesetArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .name(\"redirects\")\n .description(\"Redirect ruleset\")\n .kind(\"root\")\n .phase(\"http_request_redirect\")\n .rules(RulesetRuleArgs.builder()\n .action(\"redirect\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .fromList(RulesetRuleActionParametersFromListArgs.builder()\n .name(\"redirect_list\")\n .key(\"http.request.full_uri\")\n .build())\n .build())\n .expression(\"http.request.full_uri in $redirect_list\")\n .description(\"Apply redirects from redirect_list\")\n .enabled(true)\n .build())\n .build());\n\n // Dynamic Redirects from value resource\n var redirectFromValueExample = new Ruleset(\"redirectFromValueExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"redirects\")\n .description(\"Redirect ruleset\")\n .kind(\"zone\")\n .phase(\"http_request_dynamic_redirect\")\n .rules(RulesetRuleArgs.builder()\n .action(\"redirect\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .fromValue(RulesetRuleActionParametersFromValueArgs.builder()\n .statusCode(301)\n .targetUrl(RulesetRuleActionParametersFromValueTargetUrlArgs.builder()\n .value(\"some_host.com\")\n .build())\n .preserveQueryString(true)\n .build())\n .build())\n .expression(\"(http.request.uri.path matches \\\"^/api/\\\")\")\n .description(\"Apply redirect from value\")\n .enabled(true)\n .build())\n .build());\n\n // Serve some custom error response\n var httpCustomErrorExample = new Ruleset(\"httpCustomErrorExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"Serve some error response\")\n .description(\"Serve some error response\")\n .kind(\"zone\")\n .phase(\"http_custom_errors\")\n .rules(RulesetRuleArgs.builder()\n .action(\"serve_error\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .content(\"some error html\")\n .contentType(\"text/html\")\n .statusCode(\"530\")\n .build())\n .expression(\"(http.request.uri.path matches \\\"^/api/\\\")\")\n .description(\"serve some error response\")\n .enabled(true)\n .build())\n .build());\n\n // Set Configuration Rules for an API route\n var httpConfigRulesExample = new Ruleset(\"httpConfigRulesExample\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"set config rules\")\n .description(\"set config rules for request\")\n .kind(\"zone\")\n .phase(\"http_config_settings\")\n .rules(RulesetRuleArgs.builder()\n .action(\"set_config\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .emailObfuscation(true)\n .bic(true)\n .build())\n .expression(\"(http.request.uri.path matches \\\"^/api/\\\")\")\n .description(\"set config rules for matching request\")\n .enabled(true)\n .build())\n .build());\n\n // Set compress algorithm for response.\n var responseCompressBrotliHtml = new Ruleset(\"responseCompressBrotliHtml\", RulesetArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"Brotli response compression for HTML\")\n .description(\"Response compression ruleset\")\n .kind(\"zone\")\n .phase(\"http_response_compression\")\n .rules(RulesetRuleArgs.builder()\n .action(\"compress_response\")\n .actionParameters(RulesetRuleActionParametersArgs.builder()\n .algorithms( \n RulesetRuleActionParametersAlgorithmArgs.builder()\n .name(\"brotli\")\n .build(),\n RulesetRuleActionParametersAlgorithmArgs.builder()\n .name(\"auto\")\n .build())\n .build())\n .expression(\"http.response.content_type.media_type == \\\"text/html\\\"\")\n .description(\"Prefer brotli compression for HTML\")\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Magic Transit\n magicTransitExample:\n type: cloudflare:Ruleset\n name: magic_transit_example\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n name: account magic transit\n description: example magic transit ruleset description\n kind: root\n phase: magic_transit\n rules:\n - action: allow\n expression: tcp.dstport in { 32768..65535 }\n description: Allow TCP Ephemeral Ports\n # Zone-level WAF Managed Ruleset\n zoneLevelManagedWaf:\n type: cloudflare:Ruleset\n name: zone_level_managed_waf\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: managed WAF\n description: managed WAF ruleset description\n kind: zone\n phase: http_request_firewall_managed\n rules:\n - action: execute\n actionParameters:\n id: efb7b8c949ac4650a09736fc376e9aee\n expression: (http.host eq \"example.host.com\")\n description: Execute Cloudflare Managed Ruleset on my zone-level phase entry point ruleset\n enabled: true\n # Zone-level WAF with tag-based overrides\n zoneLevelManagedWafWithCategoryBasedOverrides:\n type: cloudflare:Ruleset\n name: zone_level_managed_waf_with_category_based_overrides\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: managed WAF with tag-based overrides\n description: managed WAF with tag-based overrides ruleset description\n kind: zone\n phase: http_request_firewall_managed\n rules:\n - action: execute\n actionParameters:\n id: efb7b8c949ac4650a09736fc376e9aee\n overrides:\n categories:\n - category: wordpress\n action: block\n enabled: true\n - category: joomla\n action: block\n enabled: true\n expression: (http.host eq \"example.host.com\")\n description: overrides to only enable wordpress rules to block\n enabled: false\n # Rewrite the URI path component to a static path\n transformUriRulePath:\n type: cloudflare:Ruleset\n name: transform_uri_rule_path\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: transform rule for URI path\n description: change the URI path to a new static path\n kind: zone\n phase: http_request_transform\n rules:\n - action: rewrite\n actionParameters:\n uri:\n path:\n value: /my-new-route\n expression: (http.host eq \"example.com\" and http.request.uri.path eq \"/old-path\")\n description: example URI path transform rule\n enabled: true\n # Rewrite the URI query component to a static query\n transformUriRuleQuery:\n type: cloudflare:Ruleset\n name: transform_uri_rule_query\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: transform rule for URI query parameter\n description: change the URI query to a new static query\n kind: zone\n phase: http_request_transform\n rules:\n - action: rewrite\n actionParameters:\n uri:\n query:\n value: old=new_again\n expression: (http.host eq \"example.host.com\")\n description: URI transformation query example\n enabled: true\n # Rewrite HTTP headers to a modified values\n transformUriHttpHeaders:\n type: cloudflare:Ruleset\n name: transform_uri_http_headers\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: transform rule for HTTP headers\n description: modify HTTP headers before reaching origin\n kind: zone\n phase: http_request_late_transform\n rules:\n - action: rewrite\n actionParameters:\n headers:\n - name: example-http-header-1\n operation: set\n value: my-http-header-value-1\n - name: example-http-header-2\n operation: set\n expression: cf.zone.name\n - name: example-http-header-3-to-remove\n operation: remove\n expression: (http.host eq \"example.host.com\")\n description: example request header transform rule\n enabled: false\n # HTTP rate limit for an API route\n rateLimitingExample:\n type: cloudflare:Ruleset\n name: rate_limiting_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: restrict API requests count\n description: apply HTTP rate limiting for a route\n kind: zone\n phase: http_ratelimit\n rules:\n - action: block\n ratelimit:\n characteristics:\n - cf.colo.id\n - ip.src\n period: 60\n requestsPerPeriod: 100\n mitigationTimeout: 600\n expression: (http.request.uri.path matches \"^/api/\")\n description: rate limit for API\n enabled: true\n # Change origin for an API route\n httpOriginExample:\n type: cloudflare:Ruleset\n name: http_origin_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: Change to some origin\n description: Change origin for a route\n kind: zone\n phase: http_request_origin\n rules:\n - action: route\n actionParameters:\n hostHeader: some.host\n origin:\n host: some.host\n port: 80\n expression: (http.request.uri.path matches \"^/api/\")\n description: change origin to some.host\n enabled: true\n # Custom fields logging\n customFieldsLoggingExample:\n type: cloudflare:Ruleset\n name: custom_fields_logging_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: log custom fields\n description: add custom fields to logging\n kind: zone\n phase: http_log_custom_fields\n rules:\n - action: log_custom_field\n actionParameters:\n requestFields:\n - content-type\n - x-forwarded-for\n - host\n responseFields:\n - server\n - content-type\n - allow\n cookieFields:\n - __ga\n - accountNumber\n - __cfruid\n expression: (http.host eq \"example.host.com\")\n description: log custom fields rule\n enabled: true\n # Custom cache keys + settings\n cacheSettingsExample:\n type: cloudflare:Ruleset\n name: cache_settings_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: set cache settings\n description: set cache settings for the request\n kind: zone\n phase: http_request_cache_settings\n rules:\n - action: set_cache_settings\n actionParameters:\n edgeTtl:\n mode: override_origin\n default: 60\n statusCodeTtls:\n - statusCode: 200\n value: 50\n - statusCodeRange:\n from: 201\n to: 300\n value: 30\n browserTtl:\n mode: respect_origin\n serveStale:\n disableStaleWhileUpdating: true\n respectStrongEtags: true\n cacheKey:\n ignoreQueryStringsOrder: false\n cacheDeceptionArmor: true\n customKey:\n queryString:\n excludes:\n - '*'\n header:\n includes:\n - habc\n - hdef\n checkPresences:\n - habc_t\n - hdef_t\n excludeOrigin: true\n contains:\n accept:\n - image/web\n - image/png\n accept-encoding:\n - br\n - zstd\n some-header:\n - some-value\n - some-other-value\n cookie:\n includes:\n - cabc\n - cdef\n checkPresences:\n - cabc_t\n - cdef_t\n user:\n deviceType: true\n geo: false\n host:\n resolved: true\n originErrorPagePassthru: false\n expression: (http.host eq \"example.host.com\")\n description: set cache settings rule\n enabled: true\n # Redirects based on a List resource\n redirectFromListExample:\n type: cloudflare:Ruleset\n name: redirect_from_list_example\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n name: redirects\n description: Redirect ruleset\n kind: root\n phase: http_request_redirect\n rules:\n - action: redirect\n actionParameters:\n fromList:\n name: redirect_list\n key: http.request.full_uri\n expression: http.request.full_uri in $redirect_list\n description: Apply redirects from redirect_list\n enabled: true\n # Dynamic Redirects from value resource\n redirectFromValueExample:\n type: cloudflare:Ruleset\n name: redirect_from_value_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: redirects\n description: Redirect ruleset\n kind: zone\n phase: http_request_dynamic_redirect\n rules:\n - action: redirect\n actionParameters:\n fromValue:\n statusCode: 301\n targetUrl:\n value: some_host.com\n preserveQueryString: true\n expression: (http.request.uri.path matches \"^/api/\")\n description: Apply redirect from value\n enabled: true\n # Serve some custom error response\n httpCustomErrorExample:\n type: cloudflare:Ruleset\n name: http_custom_error_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: Serve some error response\n description: Serve some error response\n kind: zone\n phase: http_custom_errors\n rules:\n - action: serve_error\n actionParameters:\n content: some error html\n contentType: text/html\n statusCode: '530'\n expression: (http.request.uri.path matches \"^/api/\")\n description: serve some error response\n enabled: true\n # Set Configuration Rules for an API route\n httpConfigRulesExample:\n type: cloudflare:Ruleset\n name: http_config_rules_example\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: set config rules\n description: set config rules for request\n kind: zone\n phase: http_config_settings\n rules:\n - action: set_config\n actionParameters:\n emailObfuscation: true\n bic: true\n expression: (http.request.uri.path matches \"^/api/\")\n description: set config rules for matching request\n enabled: true\n # Set compress algorithm for response.\n responseCompressBrotliHtml:\n type: cloudflare:Ruleset\n name: response_compress_brotli_html\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: Brotli response compression for HTML\n description: Response compression ruleset\n kind: zone\n phase: http_response_compression\n rules:\n - action: compress_response\n actionParameters:\n algorithms:\n - name: brotli\n - name: auto\n expression: http.response.content_type.media_type == \"text/html\"\n description: Prefer brotli compression for HTML\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport an account scoped Ruleset configuration.\n\n```sh\n$ pulumi import cloudflare:index/ruleset:Ruleset example account/\u003caccount_id\u003e/\u003cruleset_id\u003e\n```\n\nImport a zone scoped Ruleset configuration.\n\n```sh\n$ pulumi import cloudflare:index/ruleset:Ruleset example zone/\u003czone_id\u003e/\u003cruleset_id\u003e\n```\n\n", + "description": "The [Cloudflare Ruleset Engine](https://developers.cloudflare.com/firewall/cf-rulesets)\nallows you to create and deploy rules and rulesets.\n\nThe engine syntax, inspired by the Wireshark Display Filter language, is the\nsame syntax used in custom Firewall Rules. Cloudflare uses the Ruleset Engine\nin different products, allowing you to configure several products using the same\nbasic syntax.\n\n## Import\n\nImport an account scoped Ruleset configuration.\n\n```sh\n$ pulumi import cloudflare:index/ruleset:Ruleset example account/\u003caccount_id\u003e/\u003cruleset_id\u003e\n```\n\nImport a zone scoped Ruleset configuration.\n\n```sh\n$ pulumi import cloudflare:index/ruleset:Ruleset example zone/\u003czone_id\u003e/\u003cruleset_id\u003e\n```\n\n", "properties": { "accountId": { "type": "string", @@ -23844,7 +24340,7 @@ } }, "cloudflare:index/teamsAccount:TeamsAccount": { - "description": "Provides a Cloudflare Teams Account resource. The Teams Account\nresource defines configuration for secure web gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\nconst example = new cloudflare.TeamsAccount(\"example\", {\n accountId: \"f037e56e89293a057740de681ac9abbe\",\n tlsDecryptEnabled: true,\n protocolDetectionEnabled: true,\n blockPage: {\n footerText: \"hello\",\n headerText: \"hello\",\n logoPath: \"https://example.com/logo.jpg\",\n backgroundColor: \"#000000\",\n },\n bodyScanning: {\n inspectionMode: \"deep\",\n },\n antivirus: {\n enabledDownloadPhase: true,\n enabledUploadPhase: false,\n failClosed: true,\n notificationSettings: {\n enabled: true,\n message: \"you are blocked\",\n supportUrl: \"https://example.com/blocked\",\n },\n },\n fips: {\n tls: true,\n },\n proxy: {\n tcp: true,\n udp: true,\n rootCa: true,\n virtualIp: false,\n },\n urlBrowserIsolationEnabled: true,\n logging: {\n redactPii: true,\n settingsByRuleType: {\n dns: {\n logAll: false,\n logBlocks: true,\n },\n http: {\n logAll: true,\n logBlocks: true,\n },\n l4: {\n logAll: false,\n logBlocks: true,\n },\n },\n },\n extendedEmailMatching: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\nexample = cloudflare.TeamsAccount(\"example\",\n account_id=\"f037e56e89293a057740de681ac9abbe\",\n tls_decrypt_enabled=True,\n protocol_detection_enabled=True,\n block_page={\n \"footer_text\": \"hello\",\n \"header_text\": \"hello\",\n \"logo_path\": \"https://example.com/logo.jpg\",\n \"background_color\": \"#000000\",\n },\n body_scanning={\n \"inspection_mode\": \"deep\",\n },\n antivirus={\n \"enabled_download_phase\": True,\n \"enabled_upload_phase\": False,\n \"fail_closed\": True,\n \"notification_settings\": {\n \"enabled\": True,\n \"message\": \"you are blocked\",\n \"support_url\": \"https://example.com/blocked\",\n },\n },\n fips={\n \"tls\": True,\n },\n proxy={\n \"tcp\": True,\n \"udp\": True,\n \"root_ca\": True,\n \"virtual_ip\": False,\n },\n url_browser_isolation_enabled=True,\n logging={\n \"redact_pii\": True,\n \"settings_by_rule_type\": {\n \"dns\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n \"http\": {\n \"log_all\": True,\n \"log_blocks\": True,\n },\n \"l4\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n },\n },\n extended_email_matching={\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Cloudflare.TeamsAccount(\"example\", new()\n {\n AccountId = \"f037e56e89293a057740de681ac9abbe\",\n TlsDecryptEnabled = true,\n ProtocolDetectionEnabled = true,\n BlockPage = new Cloudflare.Inputs.TeamsAccountBlockPageArgs\n {\n FooterText = \"hello\",\n HeaderText = \"hello\",\n LogoPath = \"https://example.com/logo.jpg\",\n BackgroundColor = \"#000000\",\n },\n BodyScanning = new Cloudflare.Inputs.TeamsAccountBodyScanningArgs\n {\n InspectionMode = \"deep\",\n },\n Antivirus = new Cloudflare.Inputs.TeamsAccountAntivirusArgs\n {\n EnabledDownloadPhase = true,\n EnabledUploadPhase = false,\n FailClosed = true,\n NotificationSettings = new Cloudflare.Inputs.TeamsAccountAntivirusNotificationSettingsArgs\n {\n Enabled = true,\n Message = \"you are blocked\",\n SupportUrl = \"https://example.com/blocked\",\n },\n },\n Fips = new Cloudflare.Inputs.TeamsAccountFipsArgs\n {\n Tls = true,\n },\n Proxy = new Cloudflare.Inputs.TeamsAccountProxyArgs\n {\n Tcp = true,\n Udp = true,\n RootCa = true,\n VirtualIp = false,\n },\n UrlBrowserIsolationEnabled = true,\n Logging = new Cloudflare.Inputs.TeamsAccountLoggingArgs\n {\n RedactPii = true,\n SettingsByRuleType = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeArgs\n {\n Dns = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeDnsArgs\n {\n LogAll = false,\n LogBlocks = true,\n },\n Http = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeHttpArgs\n {\n LogAll = true,\n LogBlocks = true,\n },\n L4 = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeL4Args\n {\n LogAll = false,\n LogBlocks = true,\n },\n },\n },\n ExtendedEmailMatching = new Cloudflare.Inputs.TeamsAccountExtendedEmailMatchingArgs\n {\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudflare.NewTeamsAccount(ctx, \"example\", \u0026cloudflare.TeamsAccountArgs{\n\t\t\tAccountId: pulumi.String(\"f037e56e89293a057740de681ac9abbe\"),\n\t\t\tTlsDecryptEnabled: pulumi.Bool(true),\n\t\t\tProtocolDetectionEnabled: pulumi.Bool(true),\n\t\t\tBlockPage: \u0026cloudflare.TeamsAccountBlockPageArgs{\n\t\t\t\tFooterText: pulumi.String(\"hello\"),\n\t\t\t\tHeaderText: pulumi.String(\"hello\"),\n\t\t\t\tLogoPath: pulumi.String(\"https://example.com/logo.jpg\"),\n\t\t\t\tBackgroundColor: pulumi.String(\"#000000\"),\n\t\t\t},\n\t\t\tBodyScanning: \u0026cloudflare.TeamsAccountBodyScanningArgs{\n\t\t\t\tInspectionMode: pulumi.String(\"deep\"),\n\t\t\t},\n\t\t\tAntivirus: \u0026cloudflare.TeamsAccountAntivirusArgs{\n\t\t\t\tEnabledDownloadPhase: pulumi.Bool(true),\n\t\t\t\tEnabledUploadPhase: pulumi.Bool(false),\n\t\t\t\tFailClosed: pulumi.Bool(true),\n\t\t\t\tNotificationSettings: \u0026cloudflare.TeamsAccountAntivirusNotificationSettingsArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tMessage: pulumi.String(\"you are blocked\"),\n\t\t\t\t\tSupportUrl: pulumi.String(\"https://example.com/blocked\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFips: \u0026cloudflare.TeamsAccountFipsArgs{\n\t\t\t\tTls: pulumi.Bool(true),\n\t\t\t},\n\t\t\tProxy: \u0026cloudflare.TeamsAccountProxyArgs{\n\t\t\t\tTcp: pulumi.Bool(true),\n\t\t\t\tUdp: pulumi.Bool(true),\n\t\t\t\tRootCa: pulumi.Bool(true),\n\t\t\t\tVirtualIp: pulumi.Bool(false),\n\t\t\t},\n\t\t\tUrlBrowserIsolationEnabled: pulumi.Bool(true),\n\t\t\tLogging: \u0026cloudflare.TeamsAccountLoggingArgs{\n\t\t\t\tRedactPii: pulumi.Bool(true),\n\t\t\t\tSettingsByRuleType: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeArgs{\n\t\t\t\t\tDns: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeDnsArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tHttp: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeHttpArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(true),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tL4: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeL4Args{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tExtendedEmailMatching: \u0026cloudflare.TeamsAccountExtendedEmailMatchingArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.TeamsAccount;\nimport com.pulumi.cloudflare.TeamsAccountArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountBlockPageArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountBodyScanningArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountAntivirusArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountAntivirusNotificationSettingsArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountFipsArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountProxyArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeDnsArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeHttpArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeL4Args;\nimport com.pulumi.cloudflare.inputs.TeamsAccountExtendedEmailMatchingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TeamsAccount(\"example\", TeamsAccountArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .tlsDecryptEnabled(true)\n .protocolDetectionEnabled(true)\n .blockPage(TeamsAccountBlockPageArgs.builder()\n .footerText(\"hello\")\n .headerText(\"hello\")\n .logoPath(\"https://example.com/logo.jpg\")\n .backgroundColor(\"#000000\")\n .build())\n .bodyScanning(TeamsAccountBodyScanningArgs.builder()\n .inspectionMode(\"deep\")\n .build())\n .antivirus(TeamsAccountAntivirusArgs.builder()\n .enabledDownloadPhase(true)\n .enabledUploadPhase(false)\n .failClosed(true)\n .notificationSettings(TeamsAccountAntivirusNotificationSettingsArgs.builder()\n .enabled(true)\n .message(\"you are blocked\")\n .supportUrl(\"https://example.com/blocked\")\n .build())\n .build())\n .fips(TeamsAccountFipsArgs.builder()\n .tls(true)\n .build())\n .proxy(TeamsAccountProxyArgs.builder()\n .tcp(true)\n .udp(true)\n .rootCa(true)\n .virtualIp(false)\n .build())\n .urlBrowserIsolationEnabled(true)\n .logging(TeamsAccountLoggingArgs.builder()\n .redactPii(true)\n .settingsByRuleType(TeamsAccountLoggingSettingsByRuleTypeArgs.builder()\n .dns(TeamsAccountLoggingSettingsByRuleTypeDnsArgs.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .http(TeamsAccountLoggingSettingsByRuleTypeHttpArgs.builder()\n .logAll(true)\n .logBlocks(true)\n .build())\n .l4(TeamsAccountLoggingSettingsByRuleTypeL4Args.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .build())\n .build())\n .extendedEmailMatching(TeamsAccountExtendedEmailMatchingArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: cloudflare:TeamsAccount\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n tlsDecryptEnabled: true\n protocolDetectionEnabled: true\n blockPage:\n footerText: hello\n headerText: hello\n logoPath: https://example.com/logo.jpg\n backgroundColor: '#000000'\n bodyScanning:\n inspectionMode: deep\n antivirus:\n enabledDownloadPhase: true\n enabledUploadPhase: false\n failClosed: true\n notificationSettings:\n enabled: true\n message: you are blocked\n supportUrl: https://example.com/blocked\n fips:\n tls: true\n proxy:\n tcp: true\n udp: true\n rootCa: true\n virtualIp: false\n urlBrowserIsolationEnabled: true\n logging:\n redactPii: true\n settingsByRuleType:\n dns:\n logAll: false\n logBlocks: true\n http:\n logAll: true\n logBlocks: true\n l4:\n logAll: false\n logBlocks: true\n extendedEmailMatching:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import cloudflare:index/teamsAccount:TeamsAccount example \u003caccount_id\u003e\n```\n\n", + "description": "Provides a Cloudflare Teams Account resource. The Teams Account\nresource defines configuration for secure web gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\nconst example = new cloudflare.TeamsAccount(\"example\", {\n accountId: \"f037e56e89293a057740de681ac9abbe\",\n tlsDecryptEnabled: true,\n protocolDetectionEnabled: true,\n blockPage: {\n footerText: \"hello\",\n headerText: \"hello\",\n logoPath: \"https://example.com/logo.jpg\",\n backgroundColor: \"#000000\",\n },\n bodyScanning: {\n inspectionMode: \"deep\",\n },\n antivirus: {\n enabledDownloadPhase: true,\n enabledUploadPhase: false,\n failClosed: true,\n notificationSettings: {\n enabled: true,\n message: \"you are blocked\",\n supportUrl: \"https://example.com/blocked\",\n },\n },\n fips: {\n tls: true,\n },\n proxy: {\n tcp: true,\n udp: true,\n rootCa: true,\n virtualIp: false,\n disableForTime: 3600,\n },\n urlBrowserIsolationEnabled: true,\n logging: {\n redactPii: true,\n settingsByRuleType: {\n dns: {\n logAll: false,\n logBlocks: true,\n },\n http: {\n logAll: true,\n logBlocks: true,\n },\n l4: {\n logAll: false,\n logBlocks: true,\n },\n },\n },\n extendedEmailMatching: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\nexample = cloudflare.TeamsAccount(\"example\",\n account_id=\"f037e56e89293a057740de681ac9abbe\",\n tls_decrypt_enabled=True,\n protocol_detection_enabled=True,\n block_page={\n \"footer_text\": \"hello\",\n \"header_text\": \"hello\",\n \"logo_path\": \"https://example.com/logo.jpg\",\n \"background_color\": \"#000000\",\n },\n body_scanning={\n \"inspection_mode\": \"deep\",\n },\n antivirus={\n \"enabled_download_phase\": True,\n \"enabled_upload_phase\": False,\n \"fail_closed\": True,\n \"notification_settings\": {\n \"enabled\": True,\n \"message\": \"you are blocked\",\n \"support_url\": \"https://example.com/blocked\",\n },\n },\n fips={\n \"tls\": True,\n },\n proxy={\n \"tcp\": True,\n \"udp\": True,\n \"root_ca\": True,\n \"virtual_ip\": False,\n \"disable_for_time\": 3600,\n },\n url_browser_isolation_enabled=True,\n logging={\n \"redact_pii\": True,\n \"settings_by_rule_type\": {\n \"dns\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n \"http\": {\n \"log_all\": True,\n \"log_blocks\": True,\n },\n \"l4\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n },\n },\n extended_email_matching={\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Cloudflare.TeamsAccount(\"example\", new()\n {\n AccountId = \"f037e56e89293a057740de681ac9abbe\",\n TlsDecryptEnabled = true,\n ProtocolDetectionEnabled = true,\n BlockPage = new Cloudflare.Inputs.TeamsAccountBlockPageArgs\n {\n FooterText = \"hello\",\n HeaderText = \"hello\",\n LogoPath = \"https://example.com/logo.jpg\",\n BackgroundColor = \"#000000\",\n },\n BodyScanning = new Cloudflare.Inputs.TeamsAccountBodyScanningArgs\n {\n InspectionMode = \"deep\",\n },\n Antivirus = new Cloudflare.Inputs.TeamsAccountAntivirusArgs\n {\n EnabledDownloadPhase = true,\n EnabledUploadPhase = false,\n FailClosed = true,\n NotificationSettings = new Cloudflare.Inputs.TeamsAccountAntivirusNotificationSettingsArgs\n {\n Enabled = true,\n Message = \"you are blocked\",\n SupportUrl = \"https://example.com/blocked\",\n },\n },\n Fips = new Cloudflare.Inputs.TeamsAccountFipsArgs\n {\n Tls = true,\n },\n Proxy = new Cloudflare.Inputs.TeamsAccountProxyArgs\n {\n Tcp = true,\n Udp = true,\n RootCa = true,\n VirtualIp = false,\n DisableForTime = 3600,\n },\n UrlBrowserIsolationEnabled = true,\n Logging = new Cloudflare.Inputs.TeamsAccountLoggingArgs\n {\n RedactPii = true,\n SettingsByRuleType = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeArgs\n {\n Dns = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeDnsArgs\n {\n LogAll = false,\n LogBlocks = true,\n },\n Http = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeHttpArgs\n {\n LogAll = true,\n LogBlocks = true,\n },\n L4 = new Cloudflare.Inputs.TeamsAccountLoggingSettingsByRuleTypeL4Args\n {\n LogAll = false,\n LogBlocks = true,\n },\n },\n },\n ExtendedEmailMatching = new Cloudflare.Inputs.TeamsAccountExtendedEmailMatchingArgs\n {\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudflare.NewTeamsAccount(ctx, \"example\", \u0026cloudflare.TeamsAccountArgs{\n\t\t\tAccountId: pulumi.String(\"f037e56e89293a057740de681ac9abbe\"),\n\t\t\tTlsDecryptEnabled: pulumi.Bool(true),\n\t\t\tProtocolDetectionEnabled: pulumi.Bool(true),\n\t\t\tBlockPage: \u0026cloudflare.TeamsAccountBlockPageArgs{\n\t\t\t\tFooterText: pulumi.String(\"hello\"),\n\t\t\t\tHeaderText: pulumi.String(\"hello\"),\n\t\t\t\tLogoPath: pulumi.String(\"https://example.com/logo.jpg\"),\n\t\t\t\tBackgroundColor: pulumi.String(\"#000000\"),\n\t\t\t},\n\t\t\tBodyScanning: \u0026cloudflare.TeamsAccountBodyScanningArgs{\n\t\t\t\tInspectionMode: pulumi.String(\"deep\"),\n\t\t\t},\n\t\t\tAntivirus: \u0026cloudflare.TeamsAccountAntivirusArgs{\n\t\t\t\tEnabledDownloadPhase: pulumi.Bool(true),\n\t\t\t\tEnabledUploadPhase: pulumi.Bool(false),\n\t\t\t\tFailClosed: pulumi.Bool(true),\n\t\t\t\tNotificationSettings: \u0026cloudflare.TeamsAccountAntivirusNotificationSettingsArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tMessage: pulumi.String(\"you are blocked\"),\n\t\t\t\t\tSupportUrl: pulumi.String(\"https://example.com/blocked\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFips: \u0026cloudflare.TeamsAccountFipsArgs{\n\t\t\t\tTls: pulumi.Bool(true),\n\t\t\t},\n\t\t\tProxy: \u0026cloudflare.TeamsAccountProxyArgs{\n\t\t\t\tTcp: pulumi.Bool(true),\n\t\t\t\tUdp: pulumi.Bool(true),\n\t\t\t\tRootCa: pulumi.Bool(true),\n\t\t\t\tVirtualIp: pulumi.Bool(false),\n\t\t\t\tDisableForTime: pulumi.Int(3600),\n\t\t\t},\n\t\t\tUrlBrowserIsolationEnabled: pulumi.Bool(true),\n\t\t\tLogging: \u0026cloudflare.TeamsAccountLoggingArgs{\n\t\t\t\tRedactPii: pulumi.Bool(true),\n\t\t\t\tSettingsByRuleType: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeArgs{\n\t\t\t\t\tDns: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeDnsArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tHttp: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeHttpArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(true),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tL4: \u0026cloudflare.TeamsAccountLoggingSettingsByRuleTypeL4Args{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tExtendedEmailMatching: \u0026cloudflare.TeamsAccountExtendedEmailMatchingArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.TeamsAccount;\nimport com.pulumi.cloudflare.TeamsAccountArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountBlockPageArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountBodyScanningArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountAntivirusArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountAntivirusNotificationSettingsArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountFipsArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountProxyArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeDnsArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeHttpArgs;\nimport com.pulumi.cloudflare.inputs.TeamsAccountLoggingSettingsByRuleTypeL4Args;\nimport com.pulumi.cloudflare.inputs.TeamsAccountExtendedEmailMatchingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new TeamsAccount(\"example\", TeamsAccountArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .tlsDecryptEnabled(true)\n .protocolDetectionEnabled(true)\n .blockPage(TeamsAccountBlockPageArgs.builder()\n .footerText(\"hello\")\n .headerText(\"hello\")\n .logoPath(\"https://example.com/logo.jpg\")\n .backgroundColor(\"#000000\")\n .build())\n .bodyScanning(TeamsAccountBodyScanningArgs.builder()\n .inspectionMode(\"deep\")\n .build())\n .antivirus(TeamsAccountAntivirusArgs.builder()\n .enabledDownloadPhase(true)\n .enabledUploadPhase(false)\n .failClosed(true)\n .notificationSettings(TeamsAccountAntivirusNotificationSettingsArgs.builder()\n .enabled(true)\n .message(\"you are blocked\")\n .supportUrl(\"https://example.com/blocked\")\n .build())\n .build())\n .fips(TeamsAccountFipsArgs.builder()\n .tls(true)\n .build())\n .proxy(TeamsAccountProxyArgs.builder()\n .tcp(true)\n .udp(true)\n .rootCa(true)\n .virtualIp(false)\n .disableForTime(3600)\n .build())\n .urlBrowserIsolationEnabled(true)\n .logging(TeamsAccountLoggingArgs.builder()\n .redactPii(true)\n .settingsByRuleType(TeamsAccountLoggingSettingsByRuleTypeArgs.builder()\n .dns(TeamsAccountLoggingSettingsByRuleTypeDnsArgs.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .http(TeamsAccountLoggingSettingsByRuleTypeHttpArgs.builder()\n .logAll(true)\n .logBlocks(true)\n .build())\n .l4(TeamsAccountLoggingSettingsByRuleTypeL4Args.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .build())\n .build())\n .extendedEmailMatching(TeamsAccountExtendedEmailMatchingArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: cloudflare:TeamsAccount\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n tlsDecryptEnabled: true\n protocolDetectionEnabled: true\n blockPage:\n footerText: hello\n headerText: hello\n logoPath: https://example.com/logo.jpg\n backgroundColor: '#000000'\n bodyScanning:\n inspectionMode: deep\n antivirus:\n enabledDownloadPhase: true\n enabledUploadPhase: false\n failClosed: true\n notificationSettings:\n enabled: true\n message: you are blocked\n supportUrl: https://example.com/blocked\n fips:\n tls: true\n proxy:\n tcp: true\n udp: true\n rootCa: true\n virtualIp: false\n disableForTime: 3600\n urlBrowserIsolationEnabled: true\n logging:\n redactPii: true\n settingsByRuleType:\n dns:\n logAll: false\n logBlocks: true\n http:\n logAll: true\n logBlocks: true\n l4:\n logAll: false\n logBlocks: true\n extendedEmailMatching:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import cloudflare:index/teamsAccount:TeamsAccount example \u003caccount_id\u003e\n```\n\n", "properties": { "accountId": { "type": "string", @@ -23866,9 +24362,14 @@ "$ref": "#/types/cloudflare:index/TeamsAccountBodyScanning:TeamsAccountBodyScanning", "description": "Configuration for body scanning.\n" }, + "certificate": { + "$ref": "#/types/cloudflare:index/TeamsAccountCertificate:TeamsAccountCertificate", + "description": "Configuration for TLS interception certificate. This will be required starting Feb 2025.\n" + }, "customCertificate": { "$ref": "#/types/cloudflare:index/TeamsAccountCustomCertificate:TeamsAccountCustomCertificate", - "description": "Configuration for custom certificates / BYO-PKI.\n" + "description": "Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`.\n", + "deprecationMessage": "Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration." }, "extendedEmailMatching": { "$ref": "#/types/cloudflare:index/TeamsAccountExtendedEmailMatching:TeamsAccountExtendedEmailMatching", @@ -23935,9 +24436,14 @@ "$ref": "#/types/cloudflare:index/TeamsAccountBodyScanning:TeamsAccountBodyScanning", "description": "Configuration for body scanning.\n" }, + "certificate": { + "$ref": "#/types/cloudflare:index/TeamsAccountCertificate:TeamsAccountCertificate", + "description": "Configuration for TLS interception certificate. This will be required starting Feb 2025.\n" + }, "customCertificate": { "$ref": "#/types/cloudflare:index/TeamsAccountCustomCertificate:TeamsAccountCustomCertificate", - "description": "Configuration for custom certificates / BYO-PKI.\n" + "description": "Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`.\n", + "deprecationMessage": "Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration." }, "extendedEmailMatching": { "$ref": "#/types/cloudflare:index/TeamsAccountExtendedEmailMatching:TeamsAccountExtendedEmailMatching", @@ -24005,9 +24511,14 @@ "$ref": "#/types/cloudflare:index/TeamsAccountBodyScanning:TeamsAccountBodyScanning", "description": "Configuration for body scanning.\n" }, + "certificate": { + "$ref": "#/types/cloudflare:index/TeamsAccountCertificate:TeamsAccountCertificate", + "description": "Configuration for TLS interception certificate. This will be required starting Feb 2025.\n" + }, "customCertificate": { "$ref": "#/types/cloudflare:index/TeamsAccountCustomCertificate:TeamsAccountCustomCertificate", - "description": "Configuration for custom certificates / BYO-PKI.\n" + "description": "Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`.\n", + "deprecationMessage": "Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration." }, "extendedEmailMatching": { "$ref": "#/types/cloudflare:index/TeamsAccountExtendedEmailMatching:TeamsAccountExtendedEmailMatching", @@ -25264,7 +25775,7 @@ } }, "cloudflare:index/waitingRoom:WaitingRoom": { - "description": "Provides a Cloudflare Waiting Room resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\n// Waiting Room\nconst example = new cloudflare.WaitingRoom(\"example\", {\n zoneId: \"0da42c8d2132a9ddaf714f9e7c920711\",\n name: \"foo\",\n host: \"foo.example.com\",\n path: \"/\",\n newUsersPerMinute: 200,\n totalActiveUsers: 200,\n cookieSuffix: \"queue1\",\n additionalRoutes: [\n {\n host: \"shop1.example.com\",\n path: \"/example-path\",\n },\n {\n host: \"shop2.example.com\",\n },\n ],\n queueingStatusCode: 200,\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\n# Waiting Room\nexample = cloudflare.WaitingRoom(\"example\",\n zone_id=\"0da42c8d2132a9ddaf714f9e7c920711\",\n name=\"foo\",\n host=\"foo.example.com\",\n path=\"/\",\n new_users_per_minute=200,\n total_active_users=200,\n cookie_suffix=\"queue1\",\n additional_routes=[\n {\n \"host\": \"shop1.example.com\",\n \"path\": \"/example-path\",\n },\n {\n \"host\": \"shop2.example.com\",\n },\n ],\n queueing_status_code=200)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Waiting Room\n var example = new Cloudflare.WaitingRoom(\"example\", new()\n {\n ZoneId = \"0da42c8d2132a9ddaf714f9e7c920711\",\n Name = \"foo\",\n Host = \"foo.example.com\",\n Path = \"/\",\n NewUsersPerMinute = 200,\n TotalActiveUsers = 200,\n CookieSuffix = \"queue1\",\n AdditionalRoutes = new[]\n {\n new Cloudflare.Inputs.WaitingRoomAdditionalRouteArgs\n {\n Host = \"shop1.example.com\",\n Path = \"/example-path\",\n },\n new Cloudflare.Inputs.WaitingRoomAdditionalRouteArgs\n {\n Host = \"shop2.example.com\",\n },\n },\n QueueingStatusCode = 200,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Waiting Room\n\t\t_, err := cloudflare.NewWaitingRoom(ctx, \"example\", \u0026cloudflare.WaitingRoomArgs{\n\t\t\tZoneId: pulumi.String(\"0da42c8d2132a9ddaf714f9e7c920711\"),\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tHost: pulumi.String(\"foo.example.com\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tNewUsersPerMinute: pulumi.Int(200),\n\t\t\tTotalActiveUsers: pulumi.Int(200),\n\t\t\tCookieSuffix: pulumi.String(\"queue1\"),\n\t\t\tAdditionalRoutes: cloudflare.WaitingRoomAdditionalRouteArray{\n\t\t\t\t\u0026cloudflare.WaitingRoomAdditionalRouteArgs{\n\t\t\t\t\tHost: pulumi.String(\"shop1.example.com\"),\n\t\t\t\t\tPath: pulumi.String(\"/example-path\"),\n\t\t\t\t},\n\t\t\t\t\u0026cloudflare.WaitingRoomAdditionalRouteArgs{\n\t\t\t\t\tHost: pulumi.String(\"shop2.example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tQueueingStatusCode: pulumi.Int(200),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.WaitingRoom;\nimport com.pulumi.cloudflare.WaitingRoomArgs;\nimport com.pulumi.cloudflare.inputs.WaitingRoomAdditionalRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Waiting Room\n var example = new WaitingRoom(\"example\", WaitingRoomArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"foo\")\n .host(\"foo.example.com\")\n .path(\"/\")\n .newUsersPerMinute(200)\n .totalActiveUsers(200)\n .cookieSuffix(\"queue1\")\n .additionalRoutes( \n WaitingRoomAdditionalRouteArgs.builder()\n .host(\"shop1.example.com\")\n .path(\"/example-path\")\n .build(),\n WaitingRoomAdditionalRouteArgs.builder()\n .host(\"shop2.example.com\")\n .build())\n .queueingStatusCode(200)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Waiting Room\n example:\n type: cloudflare:WaitingRoom\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: foo\n host: foo.example.com\n path: /\n newUsersPerMinute: 200\n totalActiveUsers: 200\n cookieSuffix: queue1\n additionalRoutes:\n - host: shop1.example.com\n path: /example-path\n - host: shop2.example.com\n queueingStatusCode: 200\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUse the Zone ID and Waiting Room ID to import.\n\n```sh\n$ pulumi import cloudflare:index/waitingRoom:WaitingRoom default \u003czone_id\u003e/\u003cwaiting_room_id\u003e\n```\n\n", + "description": "Provides a Cloudflare Waiting Room resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\n// Waiting Room\nconst example = new cloudflare.WaitingRoom(\"example\", {\n zoneId: \"0da42c8d2132a9ddaf714f9e7c920711\",\n name: \"foo\",\n host: \"foo.example.com\",\n path: \"/\",\n newUsersPerMinute: 200,\n totalActiveUsers: 200,\n cookieSuffix: \"queue1\",\n additionalRoutes: [\n {\n host: \"shop1.example.com\",\n path: \"/example-path\",\n },\n {\n host: \"shop2.example.com\",\n },\n ],\n queueingStatusCode: 200,\n enabledOriginCommands: [\"revoke\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\n# Waiting Room\nexample = cloudflare.WaitingRoom(\"example\",\n zone_id=\"0da42c8d2132a9ddaf714f9e7c920711\",\n name=\"foo\",\n host=\"foo.example.com\",\n path=\"/\",\n new_users_per_minute=200,\n total_active_users=200,\n cookie_suffix=\"queue1\",\n additional_routes=[\n {\n \"host\": \"shop1.example.com\",\n \"path\": \"/example-path\",\n },\n {\n \"host\": \"shop2.example.com\",\n },\n ],\n queueing_status_code=200,\n enabled_origin_commands=[\"revoke\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Waiting Room\n var example = new Cloudflare.WaitingRoom(\"example\", new()\n {\n ZoneId = \"0da42c8d2132a9ddaf714f9e7c920711\",\n Name = \"foo\",\n Host = \"foo.example.com\",\n Path = \"/\",\n NewUsersPerMinute = 200,\n TotalActiveUsers = 200,\n CookieSuffix = \"queue1\",\n AdditionalRoutes = new[]\n {\n new Cloudflare.Inputs.WaitingRoomAdditionalRouteArgs\n {\n Host = \"shop1.example.com\",\n Path = \"/example-path\",\n },\n new Cloudflare.Inputs.WaitingRoomAdditionalRouteArgs\n {\n Host = \"shop2.example.com\",\n },\n },\n QueueingStatusCode = 200,\n EnabledOriginCommands = new[]\n {\n \"revoke\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Waiting Room\n\t\t_, err := cloudflare.NewWaitingRoom(ctx, \"example\", \u0026cloudflare.WaitingRoomArgs{\n\t\t\tZoneId: pulumi.String(\"0da42c8d2132a9ddaf714f9e7c920711\"),\n\t\t\tName: pulumi.String(\"foo\"),\n\t\t\tHost: pulumi.String(\"foo.example.com\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tNewUsersPerMinute: pulumi.Int(200),\n\t\t\tTotalActiveUsers: pulumi.Int(200),\n\t\t\tCookieSuffix: pulumi.String(\"queue1\"),\n\t\t\tAdditionalRoutes: cloudflare.WaitingRoomAdditionalRouteArray{\n\t\t\t\t\u0026cloudflare.WaitingRoomAdditionalRouteArgs{\n\t\t\t\t\tHost: pulumi.String(\"shop1.example.com\"),\n\t\t\t\t\tPath: pulumi.String(\"/example-path\"),\n\t\t\t\t},\n\t\t\t\t\u0026cloudflare.WaitingRoomAdditionalRouteArgs{\n\t\t\t\t\tHost: pulumi.String(\"shop2.example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tQueueingStatusCode: pulumi.Int(200),\n\t\t\tEnabledOriginCommands: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"revoke\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.WaitingRoom;\nimport com.pulumi.cloudflare.WaitingRoomArgs;\nimport com.pulumi.cloudflare.inputs.WaitingRoomAdditionalRouteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Waiting Room\n var example = new WaitingRoom(\"example\", WaitingRoomArgs.builder()\n .zoneId(\"0da42c8d2132a9ddaf714f9e7c920711\")\n .name(\"foo\")\n .host(\"foo.example.com\")\n .path(\"/\")\n .newUsersPerMinute(200)\n .totalActiveUsers(200)\n .cookieSuffix(\"queue1\")\n .additionalRoutes( \n WaitingRoomAdditionalRouteArgs.builder()\n .host(\"shop1.example.com\")\n .path(\"/example-path\")\n .build(),\n WaitingRoomAdditionalRouteArgs.builder()\n .host(\"shop2.example.com\")\n .build())\n .queueingStatusCode(200)\n .enabledOriginCommands(\"revoke\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Waiting Room\n example:\n type: cloudflare:WaitingRoom\n properties:\n zoneId: 0da42c8d2132a9ddaf714f9e7c920711\n name: foo\n host: foo.example.com\n path: /\n newUsersPerMinute: 200\n totalActiveUsers: 200\n cookieSuffix: queue1\n additionalRoutes:\n - host: shop1.example.com\n path: /example-path\n - host: shop2.example.com\n queueingStatusCode: 200\n enabledOriginCommands:\n - revoke\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUse the Zone ID and Waiting Room ID to import.\n\n```sh\n$ pulumi import cloudflare:index/waitingRoom:WaitingRoom default \u003czone_id\u003e/\u003cwaiting_room_id\u003e\n```\n\n", "properties": { "additionalRoutes": { "type": "array", @@ -25298,7 +25809,7 @@ "items": { "type": "string" }, - "description": "The list of enabled origin commands for the waiting room. Available values: `revoke`\n" + "description": "The list of enabled origin commands for the waiting room. Available values: `revoke`.\n" }, "host": { "type": "string", @@ -25389,7 +25900,7 @@ "items": { "type": "string" }, - "description": "The list of enabled origin commands for the waiting room. Available values: `revoke`\n" + "description": "The list of enabled origin commands for the waiting room. Available values: `revoke`.\n" }, "host": { "type": "string", @@ -25484,7 +25995,7 @@ "items": { "type": "string" }, - "description": "The list of enabled origin commands for the waiting room. Available values: `revoke`\n" + "description": "The list of enabled origin commands for the waiting room. Available values: `revoke`.\n" }, "host": { "type": "string", @@ -26485,6 +26996,12 @@ "type": "string", "description": "Name of the Workers for Platforms dispatch namespace.\n" }, + "hyperdriveConfigBindings": { + "type": "array", + "items": { + "$ref": "#/types/cloudflare:index/WorkerScriptHyperdriveConfigBinding:WorkerScriptHyperdriveConfigBinding" + } + }, "kvNamespaceBindings": { "type": "array", "items": { @@ -26595,6 +27112,12 @@ "type": "string", "description": "Name of the Workers for Platforms dispatch namespace.\n" }, + "hyperdriveConfigBindings": { + "type": "array", + "items": { + "$ref": "#/types/cloudflare:index/WorkerScriptHyperdriveConfigBinding:WorkerScriptHyperdriveConfigBinding" + } + }, "kvNamespaceBindings": { "type": "array", "items": { @@ -26706,6 +27229,12 @@ "type": "string", "description": "Name of the Workers for Platforms dispatch namespace.\n" }, + "hyperdriveConfigBindings": { + "type": "array", + "items": { + "$ref": "#/types/cloudflare:index/WorkerScriptHyperdriveConfigBinding:WorkerScriptHyperdriveConfigBinding" + } + }, "kvNamespaceBindings": { "type": "array", "items": { @@ -27325,6 +27854,12 @@ "type": "string", "description": "Name of the Workers for Platforms dispatch namespace.\n" }, + "hyperdriveConfigBindings": { + "type": "array", + "items": { + "$ref": "#/types/cloudflare:index/WorkersScriptHyperdriveConfigBinding:WorkersScriptHyperdriveConfigBinding" + } + }, "kvNamespaceBindings": { "type": "array", "items": { @@ -27435,6 +27970,12 @@ "type": "string", "description": "Name of the Workers for Platforms dispatch namespace.\n" }, + "hyperdriveConfigBindings": { + "type": "array", + "items": { + "$ref": "#/types/cloudflare:index/WorkersScriptHyperdriveConfigBinding:WorkersScriptHyperdriveConfigBinding" + } + }, "kvNamespaceBindings": { "type": "array", "items": { @@ -27546,6 +28087,12 @@ "type": "string", "description": "Name of the Workers for Platforms dispatch namespace.\n" }, + "hyperdriveConfigBindings": { + "type": "array", + "items": { + "$ref": "#/types/cloudflare:index/WorkersScriptHyperdriveConfigBinding:WorkersScriptHyperdriveConfigBinding" + } + }, "kvNamespaceBindings": { "type": "array", "items": { @@ -28862,7 +29409,7 @@ "properties": { "accountId": { "type": "string", - "description": "The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The account identifier to target for the resource. Conflicts with `zone_id`.\n" }, "applicationId": { "type": "string", @@ -28928,7 +29475,7 @@ }, "zoneId": { "type": "string", - "description": "The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The zone identifier to target for the resource. Conflicts with `account_id`.\n" } }, "required": [ @@ -28939,7 +29486,7 @@ "inputProperties": { "accountId": { "type": "string", - "description": "The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The account identifier to target for the resource. Conflicts with `zone_id`.\n" }, "applicationId": { "type": "string", @@ -29006,7 +29553,7 @@ }, "zoneId": { "type": "string", - "description": "The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The zone identifier to target for the resource. Conflicts with `account_id`.\n" } }, "requiredInputs": [ @@ -29019,7 +29566,7 @@ "properties": { "accountId": { "type": "string", - "description": "The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The account identifier to target for the resource. Conflicts with `zone_id`.\n" }, "applicationId": { "type": "string", @@ -29086,7 +29633,7 @@ }, "zoneId": { "type": "string", - "description": "The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**\n" + "description": "The zone identifier to target for the resource. Conflicts with `account_id`.\n" } }, "type": "object" @@ -29604,7 +30151,7 @@ }, "type": { "type": "string", - "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" + "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" } }, "required": [ @@ -29648,7 +30195,7 @@ }, "type": { "type": "string", - "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" + "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" } }, "requiredInputs": [ @@ -29693,7 +30240,7 @@ }, "type": { "type": "string", - "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" + "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" } }, "type": "object" @@ -29776,7 +30323,7 @@ }, "tunnelProtocol": { "type": "string", - "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`\n" + "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`.\n" } }, "required": [ @@ -29859,7 +30406,7 @@ }, "tunnelProtocol": { "type": "string", - "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`\n" + "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`.\n" } }, "requiredInputs": [ @@ -29944,7 +30491,7 @@ }, "tunnelProtocol": { "type": "string", - "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`\n" + "description": "Determines which tunnel protocol to use. Available values: `\"\"`, `wireguard`, `masque`. Defaults to `wireguard`.\n" } }, "type": "object" @@ -30349,6 +30896,133 @@ "type": "object" } }, + "cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate": { + "description": "Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can\nbe specified for Gateway TLS interception and block pages.\n", + "properties": { + "accountId": { + "type": "string", + "description": "The account identifier to target for the resource.\n" + }, + "activate": { + "type": "boolean", + "description": "Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`.\n" + }, + "bindingStatus": { + "type": "string", + "description": "The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`.\n" + }, + "createdAt": { + "type": "string" + }, + "custom": { + "type": "boolean", + "description": "The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`.\n" + }, + "expiresOn": { + "type": "string" + }, + "gatewayManaged": { + "type": "boolean", + "description": "The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`.\n" + }, + "inUse": { + "type": "boolean", + "description": "Whether the certificate is in use by Gateway for TLS interception and the block page.\n" + }, + "qsPackId": { + "type": "string" + }, + "uploadedOn": { + "type": "string" + }, + "validityPeriodDays": { + "type": "integer", + "description": "Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.**\n" + } + }, + "required": [ + "accountId", + "bindingStatus", + "createdAt", + "expiresOn", + "inUse", + "qsPackId", + "uploadedOn" + ], + "inputProperties": { + "accountId": { + "type": "string", + "description": "The account identifier to target for the resource.\n" + }, + "activate": { + "type": "boolean", + "description": "Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`.\n" + }, + "custom": { + "type": "boolean", + "description": "The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`.\n" + }, + "gatewayManaged": { + "type": "boolean", + "description": "The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`.\n" + }, + "validityPeriodDays": { + "type": "integer", + "description": "Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.**\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "accountId" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering ZeroTrustGatewayCertificate resources.\n", + "properties": { + "accountId": { + "type": "string", + "description": "The account identifier to target for the resource.\n" + }, + "activate": { + "type": "boolean", + "description": "Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`.\n" + }, + "bindingStatus": { + "type": "string", + "description": "The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`.\n" + }, + "createdAt": { + "type": "string" + }, + "custom": { + "type": "boolean", + "description": "The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`.\n" + }, + "expiresOn": { + "type": "string" + }, + "gatewayManaged": { + "type": "boolean", + "description": "The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`.\n" + }, + "inUse": { + "type": "boolean", + "description": "Whether the certificate is in use by Gateway for TLS interception and the block page.\n" + }, + "qsPackId": { + "type": "string" + }, + "uploadedOn": { + "type": "string" + }, + "validityPeriodDays": { + "type": "integer", + "description": "Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.**\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "cloudflare:index/zeroTrustGatewayPolicy:ZeroTrustGatewayPolicy": { "description": "Provides a Cloudflare Teams rule resource. Teams rules comprise secure web gateway policies.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\nconst example = new cloudflare.ZeroTrustGatewayPolicy(\"example\", {\n accountId: \"f037e56e89293a057740de681ac9abbe\",\n name: \"office\",\n description: \"desc\",\n precedence: 1,\n action: \"block\",\n filters: [\"http\"],\n traffic: \"http.request.uri == \\\"https://www.example.com/malicious\\\"\",\n ruleSettings: {\n blockPageEnabled: true,\n blockPageReason: \"access not permitted\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\nexample = cloudflare.ZeroTrustGatewayPolicy(\"example\",\n account_id=\"f037e56e89293a057740de681ac9abbe\",\n name=\"office\",\n description=\"desc\",\n precedence=1,\n action=\"block\",\n filters=[\"http\"],\n traffic=\"http.request.uri == \\\"https://www.example.com/malicious\\\"\",\n rule_settings={\n \"block_page_enabled\": True,\n \"block_page_reason\": \"access not permitted\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Cloudflare.ZeroTrustGatewayPolicy(\"example\", new()\n {\n AccountId = \"f037e56e89293a057740de681ac9abbe\",\n Name = \"office\",\n Description = \"desc\",\n Precedence = 1,\n Action = \"block\",\n Filters = new[]\n {\n \"http\",\n },\n Traffic = \"http.request.uri == \\\"https://www.example.com/malicious\\\"\",\n RuleSettings = new Cloudflare.Inputs.ZeroTrustGatewayPolicyRuleSettingsArgs\n {\n BlockPageEnabled = true,\n BlockPageReason = \"access not permitted\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudflare.NewZeroTrustGatewayPolicy(ctx, \"example\", \u0026cloudflare.ZeroTrustGatewayPolicyArgs{\n\t\t\tAccountId: pulumi.String(\"f037e56e89293a057740de681ac9abbe\"),\n\t\t\tName: pulumi.String(\"office\"),\n\t\t\tDescription: pulumi.String(\"desc\"),\n\t\t\tPrecedence: pulumi.Int(1),\n\t\t\tAction: pulumi.String(\"block\"),\n\t\t\tFilters: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"http\"),\n\t\t\t},\n\t\t\tTraffic: pulumi.String(\"http.request.uri == \\\"https://www.example.com/malicious\\\"\"),\n\t\t\tRuleSettings: \u0026cloudflare.ZeroTrustGatewayPolicyRuleSettingsArgs{\n\t\t\t\tBlockPageEnabled: pulumi.Bool(true),\n\t\t\t\tBlockPageReason: pulumi.String(\"access not permitted\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.ZeroTrustGatewayPolicy;\nimport com.pulumi.cloudflare.ZeroTrustGatewayPolicyArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewayPolicyRuleSettingsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ZeroTrustGatewayPolicy(\"example\", ZeroTrustGatewayPolicyArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .name(\"office\")\n .description(\"desc\")\n .precedence(1)\n .action(\"block\")\n .filters(\"http\")\n .traffic(\"http.request.uri == \\\"https://www.example.com/malicious\\\"\")\n .ruleSettings(ZeroTrustGatewayPolicyRuleSettingsArgs.builder()\n .blockPageEnabled(true)\n .blockPageReason(\"access not permitted\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: cloudflare:ZeroTrustGatewayPolicy\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n name: office\n description: desc\n precedence: 1\n action: block\n filters:\n - http\n traffic: http.request.uri == \"https://www.example.com/malicious\"\n ruleSettings:\n blockPageEnabled: true\n blockPageReason: access not permitted\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import cloudflare:index/zeroTrustGatewayPolicy:ZeroTrustGatewayPolicy example \u003caccount_id\u003e/\u003cteams_rule_id\u003e\n```\n\n", "properties": { @@ -30602,7 +31276,7 @@ } }, "cloudflare:index/zeroTrustGatewaySettings:ZeroTrustGatewaySettings": { - "description": "Provides a Cloudflare Teams Account resource. The Teams Account\nresource defines configuration for secure web gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\nconst example = new cloudflare.ZeroTrustGatewaySettings(\"example\", {\n accountId: \"f037e56e89293a057740de681ac9abbe\",\n tlsDecryptEnabled: true,\n protocolDetectionEnabled: true,\n blockPage: {\n footerText: \"hello\",\n headerText: \"hello\",\n logoPath: \"https://example.com/logo.jpg\",\n backgroundColor: \"#000000\",\n },\n bodyScanning: {\n inspectionMode: \"deep\",\n },\n antivirus: {\n enabledDownloadPhase: true,\n enabledUploadPhase: false,\n failClosed: true,\n notificationSettings: {\n enabled: true,\n message: \"you are blocked\",\n supportUrl: \"https://example.com/blocked\",\n },\n },\n fips: {\n tls: true,\n },\n proxy: {\n tcp: true,\n udp: true,\n rootCa: true,\n virtualIp: false,\n },\n urlBrowserIsolationEnabled: true,\n logging: {\n redactPii: true,\n settingsByRuleType: {\n dns: {\n logAll: false,\n logBlocks: true,\n },\n http: {\n logAll: true,\n logBlocks: true,\n },\n l4: {\n logAll: false,\n logBlocks: true,\n },\n },\n },\n extendedEmailMatching: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\nexample = cloudflare.ZeroTrustGatewaySettings(\"example\",\n account_id=\"f037e56e89293a057740de681ac9abbe\",\n tls_decrypt_enabled=True,\n protocol_detection_enabled=True,\n block_page={\n \"footer_text\": \"hello\",\n \"header_text\": \"hello\",\n \"logo_path\": \"https://example.com/logo.jpg\",\n \"background_color\": \"#000000\",\n },\n body_scanning={\n \"inspection_mode\": \"deep\",\n },\n antivirus={\n \"enabled_download_phase\": True,\n \"enabled_upload_phase\": False,\n \"fail_closed\": True,\n \"notification_settings\": {\n \"enabled\": True,\n \"message\": \"you are blocked\",\n \"support_url\": \"https://example.com/blocked\",\n },\n },\n fips={\n \"tls\": True,\n },\n proxy={\n \"tcp\": True,\n \"udp\": True,\n \"root_ca\": True,\n \"virtual_ip\": False,\n },\n url_browser_isolation_enabled=True,\n logging={\n \"redact_pii\": True,\n \"settings_by_rule_type\": {\n \"dns\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n \"http\": {\n \"log_all\": True,\n \"log_blocks\": True,\n },\n \"l4\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n },\n },\n extended_email_matching={\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Cloudflare.ZeroTrustGatewaySettings(\"example\", new()\n {\n AccountId = \"f037e56e89293a057740de681ac9abbe\",\n TlsDecryptEnabled = true,\n ProtocolDetectionEnabled = true,\n BlockPage = new Cloudflare.Inputs.ZeroTrustGatewaySettingsBlockPageArgs\n {\n FooterText = \"hello\",\n HeaderText = \"hello\",\n LogoPath = \"https://example.com/logo.jpg\",\n BackgroundColor = \"#000000\",\n },\n BodyScanning = new Cloudflare.Inputs.ZeroTrustGatewaySettingsBodyScanningArgs\n {\n InspectionMode = \"deep\",\n },\n Antivirus = new Cloudflare.Inputs.ZeroTrustGatewaySettingsAntivirusArgs\n {\n EnabledDownloadPhase = true,\n EnabledUploadPhase = false,\n FailClosed = true,\n NotificationSettings = new Cloudflare.Inputs.ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs\n {\n Enabled = true,\n Message = \"you are blocked\",\n SupportUrl = \"https://example.com/blocked\",\n },\n },\n Fips = new Cloudflare.Inputs.ZeroTrustGatewaySettingsFipsArgs\n {\n Tls = true,\n },\n Proxy = new Cloudflare.Inputs.ZeroTrustGatewaySettingsProxyArgs\n {\n Tcp = true,\n Udp = true,\n RootCa = true,\n VirtualIp = false,\n },\n UrlBrowserIsolationEnabled = true,\n Logging = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingArgs\n {\n RedactPii = true,\n SettingsByRuleType = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs\n {\n Dns = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs\n {\n LogAll = false,\n LogBlocks = true,\n },\n Http = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs\n {\n LogAll = true,\n LogBlocks = true,\n },\n L4 = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args\n {\n LogAll = false,\n LogBlocks = true,\n },\n },\n },\n ExtendedEmailMatching = new Cloudflare.Inputs.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs\n {\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudflare.NewZeroTrustGatewaySettings(ctx, \"example\", \u0026cloudflare.ZeroTrustGatewaySettingsArgs{\n\t\t\tAccountId: pulumi.String(\"f037e56e89293a057740de681ac9abbe\"),\n\t\t\tTlsDecryptEnabled: pulumi.Bool(true),\n\t\t\tProtocolDetectionEnabled: pulumi.Bool(true),\n\t\t\tBlockPage: \u0026cloudflare.ZeroTrustGatewaySettingsBlockPageArgs{\n\t\t\t\tFooterText: pulumi.String(\"hello\"),\n\t\t\t\tHeaderText: pulumi.String(\"hello\"),\n\t\t\t\tLogoPath: pulumi.String(\"https://example.com/logo.jpg\"),\n\t\t\t\tBackgroundColor: pulumi.String(\"#000000\"),\n\t\t\t},\n\t\t\tBodyScanning: \u0026cloudflare.ZeroTrustGatewaySettingsBodyScanningArgs{\n\t\t\t\tInspectionMode: pulumi.String(\"deep\"),\n\t\t\t},\n\t\t\tAntivirus: \u0026cloudflare.ZeroTrustGatewaySettingsAntivirusArgs{\n\t\t\t\tEnabledDownloadPhase: pulumi.Bool(true),\n\t\t\t\tEnabledUploadPhase: pulumi.Bool(false),\n\t\t\t\tFailClosed: pulumi.Bool(true),\n\t\t\t\tNotificationSettings: \u0026cloudflare.ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tMessage: pulumi.String(\"you are blocked\"),\n\t\t\t\t\tSupportUrl: pulumi.String(\"https://example.com/blocked\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFips: \u0026cloudflare.ZeroTrustGatewaySettingsFipsArgs{\n\t\t\t\tTls: pulumi.Bool(true),\n\t\t\t},\n\t\t\tProxy: \u0026cloudflare.ZeroTrustGatewaySettingsProxyArgs{\n\t\t\t\tTcp: pulumi.Bool(true),\n\t\t\t\tUdp: pulumi.Bool(true),\n\t\t\t\tRootCa: pulumi.Bool(true),\n\t\t\t\tVirtualIp: pulumi.Bool(false),\n\t\t\t},\n\t\t\tUrlBrowserIsolationEnabled: pulumi.Bool(true),\n\t\t\tLogging: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingArgs{\n\t\t\t\tRedactPii: pulumi.Bool(true),\n\t\t\t\tSettingsByRuleType: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs{\n\t\t\t\t\tDns: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tHttp: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(true),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tL4: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tExtendedEmailMatching: \u0026cloudflare.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.ZeroTrustGatewaySettings;\nimport com.pulumi.cloudflare.ZeroTrustGatewaySettingsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBlockPageArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBodyScanningArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsAntivirusArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsFipsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsProxyArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ZeroTrustGatewaySettings(\"example\", ZeroTrustGatewaySettingsArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .tlsDecryptEnabled(true)\n .protocolDetectionEnabled(true)\n .blockPage(ZeroTrustGatewaySettingsBlockPageArgs.builder()\n .footerText(\"hello\")\n .headerText(\"hello\")\n .logoPath(\"https://example.com/logo.jpg\")\n .backgroundColor(\"#000000\")\n .build())\n .bodyScanning(ZeroTrustGatewaySettingsBodyScanningArgs.builder()\n .inspectionMode(\"deep\")\n .build())\n .antivirus(ZeroTrustGatewaySettingsAntivirusArgs.builder()\n .enabledDownloadPhase(true)\n .enabledUploadPhase(false)\n .failClosed(true)\n .notificationSettings(ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs.builder()\n .enabled(true)\n .message(\"you are blocked\")\n .supportUrl(\"https://example.com/blocked\")\n .build())\n .build())\n .fips(ZeroTrustGatewaySettingsFipsArgs.builder()\n .tls(true)\n .build())\n .proxy(ZeroTrustGatewaySettingsProxyArgs.builder()\n .tcp(true)\n .udp(true)\n .rootCa(true)\n .virtualIp(false)\n .build())\n .urlBrowserIsolationEnabled(true)\n .logging(ZeroTrustGatewaySettingsLoggingArgs.builder()\n .redactPii(true)\n .settingsByRuleType(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs.builder()\n .dns(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .http(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs.builder()\n .logAll(true)\n .logBlocks(true)\n .build())\n .l4(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .build())\n .build())\n .extendedEmailMatching(ZeroTrustGatewaySettingsExtendedEmailMatchingArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: cloudflare:ZeroTrustGatewaySettings\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n tlsDecryptEnabled: true\n protocolDetectionEnabled: true\n blockPage:\n footerText: hello\n headerText: hello\n logoPath: https://example.com/logo.jpg\n backgroundColor: '#000000'\n bodyScanning:\n inspectionMode: deep\n antivirus:\n enabledDownloadPhase: true\n enabledUploadPhase: false\n failClosed: true\n notificationSettings:\n enabled: true\n message: you are blocked\n supportUrl: https://example.com/blocked\n fips:\n tls: true\n proxy:\n tcp: true\n udp: true\n rootCa: true\n virtualIp: false\n urlBrowserIsolationEnabled: true\n logging:\n redactPii: true\n settingsByRuleType:\n dns:\n logAll: false\n logBlocks: true\n http:\n logAll: true\n logBlocks: true\n l4:\n logAll: false\n logBlocks: true\n extendedEmailMatching:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import cloudflare:index/zeroTrustGatewaySettings:ZeroTrustGatewaySettings example \u003caccount_id\u003e\n```\n\n", + "description": "Provides a Cloudflare Teams Account resource. The Teams Account\nresource defines configuration for secure web gateway.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as cloudflare from \"@pulumi/cloudflare\";\n\nconst example = new cloudflare.ZeroTrustGatewaySettings(\"example\", {\n accountId: \"f037e56e89293a057740de681ac9abbe\",\n tlsDecryptEnabled: true,\n protocolDetectionEnabled: true,\n blockPage: {\n footerText: \"hello\",\n headerText: \"hello\",\n logoPath: \"https://example.com/logo.jpg\",\n backgroundColor: \"#000000\",\n },\n bodyScanning: {\n inspectionMode: \"deep\",\n },\n antivirus: {\n enabledDownloadPhase: true,\n enabledUploadPhase: false,\n failClosed: true,\n notificationSettings: {\n enabled: true,\n message: \"you are blocked\",\n supportUrl: \"https://example.com/blocked\",\n },\n },\n fips: {\n tls: true,\n },\n proxy: {\n tcp: true,\n udp: true,\n rootCa: true,\n virtualIp: false,\n disableForTime: 3600,\n },\n urlBrowserIsolationEnabled: true,\n logging: {\n redactPii: true,\n settingsByRuleType: {\n dns: {\n logAll: false,\n logBlocks: true,\n },\n http: {\n logAll: true,\n logBlocks: true,\n },\n l4: {\n logAll: false,\n logBlocks: true,\n },\n },\n },\n extendedEmailMatching: {\n enabled: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_cloudflare as cloudflare\n\nexample = cloudflare.ZeroTrustGatewaySettings(\"example\",\n account_id=\"f037e56e89293a057740de681ac9abbe\",\n tls_decrypt_enabled=True,\n protocol_detection_enabled=True,\n block_page={\n \"footer_text\": \"hello\",\n \"header_text\": \"hello\",\n \"logo_path\": \"https://example.com/logo.jpg\",\n \"background_color\": \"#000000\",\n },\n body_scanning={\n \"inspection_mode\": \"deep\",\n },\n antivirus={\n \"enabled_download_phase\": True,\n \"enabled_upload_phase\": False,\n \"fail_closed\": True,\n \"notification_settings\": {\n \"enabled\": True,\n \"message\": \"you are blocked\",\n \"support_url\": \"https://example.com/blocked\",\n },\n },\n fips={\n \"tls\": True,\n },\n proxy={\n \"tcp\": True,\n \"udp\": True,\n \"root_ca\": True,\n \"virtual_ip\": False,\n \"disable_for_time\": 3600,\n },\n url_browser_isolation_enabled=True,\n logging={\n \"redact_pii\": True,\n \"settings_by_rule_type\": {\n \"dns\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n \"http\": {\n \"log_all\": True,\n \"log_blocks\": True,\n },\n \"l4\": {\n \"log_all\": False,\n \"log_blocks\": True,\n },\n },\n },\n extended_email_matching={\n \"enabled\": True,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Cloudflare = Pulumi.Cloudflare;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Cloudflare.ZeroTrustGatewaySettings(\"example\", new()\n {\n AccountId = \"f037e56e89293a057740de681ac9abbe\",\n TlsDecryptEnabled = true,\n ProtocolDetectionEnabled = true,\n BlockPage = new Cloudflare.Inputs.ZeroTrustGatewaySettingsBlockPageArgs\n {\n FooterText = \"hello\",\n HeaderText = \"hello\",\n LogoPath = \"https://example.com/logo.jpg\",\n BackgroundColor = \"#000000\",\n },\n BodyScanning = new Cloudflare.Inputs.ZeroTrustGatewaySettingsBodyScanningArgs\n {\n InspectionMode = \"deep\",\n },\n Antivirus = new Cloudflare.Inputs.ZeroTrustGatewaySettingsAntivirusArgs\n {\n EnabledDownloadPhase = true,\n EnabledUploadPhase = false,\n FailClosed = true,\n NotificationSettings = new Cloudflare.Inputs.ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs\n {\n Enabled = true,\n Message = \"you are blocked\",\n SupportUrl = \"https://example.com/blocked\",\n },\n },\n Fips = new Cloudflare.Inputs.ZeroTrustGatewaySettingsFipsArgs\n {\n Tls = true,\n },\n Proxy = new Cloudflare.Inputs.ZeroTrustGatewaySettingsProxyArgs\n {\n Tcp = true,\n Udp = true,\n RootCa = true,\n VirtualIp = false,\n DisableForTime = 3600,\n },\n UrlBrowserIsolationEnabled = true,\n Logging = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingArgs\n {\n RedactPii = true,\n SettingsByRuleType = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs\n {\n Dns = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs\n {\n LogAll = false,\n LogBlocks = true,\n },\n Http = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs\n {\n LogAll = true,\n LogBlocks = true,\n },\n L4 = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args\n {\n LogAll = false,\n LogBlocks = true,\n },\n },\n },\n ExtendedEmailMatching = new Cloudflare.Inputs.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs\n {\n Enabled = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudflare.NewZeroTrustGatewaySettings(ctx, \"example\", \u0026cloudflare.ZeroTrustGatewaySettingsArgs{\n\t\t\tAccountId: pulumi.String(\"f037e56e89293a057740de681ac9abbe\"),\n\t\t\tTlsDecryptEnabled: pulumi.Bool(true),\n\t\t\tProtocolDetectionEnabled: pulumi.Bool(true),\n\t\t\tBlockPage: \u0026cloudflare.ZeroTrustGatewaySettingsBlockPageArgs{\n\t\t\t\tFooterText: pulumi.String(\"hello\"),\n\t\t\t\tHeaderText: pulumi.String(\"hello\"),\n\t\t\t\tLogoPath: pulumi.String(\"https://example.com/logo.jpg\"),\n\t\t\t\tBackgroundColor: pulumi.String(\"#000000\"),\n\t\t\t},\n\t\t\tBodyScanning: \u0026cloudflare.ZeroTrustGatewaySettingsBodyScanningArgs{\n\t\t\t\tInspectionMode: pulumi.String(\"deep\"),\n\t\t\t},\n\t\t\tAntivirus: \u0026cloudflare.ZeroTrustGatewaySettingsAntivirusArgs{\n\t\t\t\tEnabledDownloadPhase: pulumi.Bool(true),\n\t\t\t\tEnabledUploadPhase: pulumi.Bool(false),\n\t\t\t\tFailClosed: pulumi.Bool(true),\n\t\t\t\tNotificationSettings: \u0026cloudflare.ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tMessage: pulumi.String(\"you are blocked\"),\n\t\t\t\t\tSupportUrl: pulumi.String(\"https://example.com/blocked\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFips: \u0026cloudflare.ZeroTrustGatewaySettingsFipsArgs{\n\t\t\t\tTls: pulumi.Bool(true),\n\t\t\t},\n\t\t\tProxy: \u0026cloudflare.ZeroTrustGatewaySettingsProxyArgs{\n\t\t\t\tTcp: pulumi.Bool(true),\n\t\t\t\tUdp: pulumi.Bool(true),\n\t\t\t\tRootCa: pulumi.Bool(true),\n\t\t\t\tVirtualIp: pulumi.Bool(false),\n\t\t\t\tDisableForTime: pulumi.Int(3600),\n\t\t\t},\n\t\t\tUrlBrowserIsolationEnabled: pulumi.Bool(true),\n\t\t\tLogging: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingArgs{\n\t\t\t\tRedactPii: pulumi.Bool(true),\n\t\t\t\tSettingsByRuleType: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs{\n\t\t\t\t\tDns: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tHttp: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs{\n\t\t\t\t\t\tLogAll: pulumi.Bool(true),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t\tL4: \u0026cloudflare.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args{\n\t\t\t\t\t\tLogAll: pulumi.Bool(false),\n\t\t\t\t\t\tLogBlocks: pulumi.Bool(true),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tExtendedEmailMatching: \u0026cloudflare.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.cloudflare.ZeroTrustGatewaySettings;\nimport com.pulumi.cloudflare.ZeroTrustGatewaySettingsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBlockPageArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBodyScanningArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsAntivirusArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsFipsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsProxyArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args;\nimport com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ZeroTrustGatewaySettings(\"example\", ZeroTrustGatewaySettingsArgs.builder()\n .accountId(\"f037e56e89293a057740de681ac9abbe\")\n .tlsDecryptEnabled(true)\n .protocolDetectionEnabled(true)\n .blockPage(ZeroTrustGatewaySettingsBlockPageArgs.builder()\n .footerText(\"hello\")\n .headerText(\"hello\")\n .logoPath(\"https://example.com/logo.jpg\")\n .backgroundColor(\"#000000\")\n .build())\n .bodyScanning(ZeroTrustGatewaySettingsBodyScanningArgs.builder()\n .inspectionMode(\"deep\")\n .build())\n .antivirus(ZeroTrustGatewaySettingsAntivirusArgs.builder()\n .enabledDownloadPhase(true)\n .enabledUploadPhase(false)\n .failClosed(true)\n .notificationSettings(ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs.builder()\n .enabled(true)\n .message(\"you are blocked\")\n .supportUrl(\"https://example.com/blocked\")\n .build())\n .build())\n .fips(ZeroTrustGatewaySettingsFipsArgs.builder()\n .tls(true)\n .build())\n .proxy(ZeroTrustGatewaySettingsProxyArgs.builder()\n .tcp(true)\n .udp(true)\n .rootCa(true)\n .virtualIp(false)\n .disableForTime(3600)\n .build())\n .urlBrowserIsolationEnabled(true)\n .logging(ZeroTrustGatewaySettingsLoggingArgs.builder()\n .redactPii(true)\n .settingsByRuleType(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeArgs.builder()\n .dns(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeDnsArgs.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .http(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeHttpArgs.builder()\n .logAll(true)\n .logBlocks(true)\n .build())\n .l4(ZeroTrustGatewaySettingsLoggingSettingsByRuleTypeL4Args.builder()\n .logAll(false)\n .logBlocks(true)\n .build())\n .build())\n .build())\n .extendedEmailMatching(ZeroTrustGatewaySettingsExtendedEmailMatchingArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: cloudflare:ZeroTrustGatewaySettings\n properties:\n accountId: f037e56e89293a057740de681ac9abbe\n tlsDecryptEnabled: true\n protocolDetectionEnabled: true\n blockPage:\n footerText: hello\n headerText: hello\n logoPath: https://example.com/logo.jpg\n backgroundColor: '#000000'\n bodyScanning:\n inspectionMode: deep\n antivirus:\n enabledDownloadPhase: true\n enabledUploadPhase: false\n failClosed: true\n notificationSettings:\n enabled: true\n message: you are blocked\n supportUrl: https://example.com/blocked\n fips:\n tls: true\n proxy:\n tcp: true\n udp: true\n rootCa: true\n virtualIp: false\n disableForTime: 3600\n urlBrowserIsolationEnabled: true\n logging:\n redactPii: true\n settingsByRuleType:\n dns:\n logAll: false\n logBlocks: true\n http:\n logAll: true\n logBlocks: true\n l4:\n logAll: false\n logBlocks: true\n extendedEmailMatching:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n```sh\n$ pulumi import cloudflare:index/zeroTrustGatewaySettings:ZeroTrustGatewaySettings example \u003caccount_id\u003e\n```\n\n", "properties": { "accountId": { "type": "string", @@ -30624,9 +31298,14 @@ "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsBodyScanning:ZeroTrustGatewaySettingsBodyScanning", "description": "Configuration for body scanning.\n" }, + "certificate": { + "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsCertificate:ZeroTrustGatewaySettingsCertificate", + "description": "Configuration for TLS interception certificate. This will be required starting Feb 2025.\n" + }, "customCertificate": { "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsCustomCertificate:ZeroTrustGatewaySettingsCustomCertificate", - "description": "Configuration for custom certificates / BYO-PKI.\n" + "description": "Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`.\n", + "deprecationMessage": "Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration." }, "extendedEmailMatching": { "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsExtendedEmailMatching:ZeroTrustGatewaySettingsExtendedEmailMatching", @@ -30693,9 +31372,14 @@ "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsBodyScanning:ZeroTrustGatewaySettingsBodyScanning", "description": "Configuration for body scanning.\n" }, + "certificate": { + "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsCertificate:ZeroTrustGatewaySettingsCertificate", + "description": "Configuration for TLS interception certificate. This will be required starting Feb 2025.\n" + }, "customCertificate": { "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsCustomCertificate:ZeroTrustGatewaySettingsCustomCertificate", - "description": "Configuration for custom certificates / BYO-PKI.\n" + "description": "Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`.\n", + "deprecationMessage": "Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration." }, "extendedEmailMatching": { "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsExtendedEmailMatching:ZeroTrustGatewaySettingsExtendedEmailMatching", @@ -30763,9 +31447,14 @@ "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsBodyScanning:ZeroTrustGatewaySettingsBodyScanning", "description": "Configuration for body scanning.\n" }, + "certificate": { + "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsCertificate:ZeroTrustGatewaySettingsCertificate", + "description": "Configuration for TLS interception certificate. This will be required starting Feb 2025.\n" + }, "customCertificate": { "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsCustomCertificate:ZeroTrustGatewaySettingsCustomCertificate", - "description": "Configuration for custom certificates / BYO-PKI.\n" + "description": "Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`.\n", + "deprecationMessage": "Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration." }, "extendedEmailMatching": { "$ref": "#/types/cloudflare:index/ZeroTrustGatewaySettingsExtendedEmailMatching:ZeroTrustGatewaySettingsExtendedEmailMatching", @@ -31083,6 +31772,7 @@ } }, "cloudflare:index/zeroTrustRiskScoreIntegration:ZeroTrustRiskScoreIntegration": { + "description": "The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta.\n", "properties": { "accountId": { "type": "string", @@ -31094,11 +31784,11 @@ }, "integrationType": { "type": "string", - "description": "The type of integration, e.g. 'Okta'. Full list of allowed values can be found here:\nhttps://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body\n" + "description": "The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body\n" }, "referenceId": { "type": "string", - "description": "A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If\nomitted, a random UUIDv4 is used.\nhttps://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider\n" + "description": "A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider\n" }, "tenantUrl": { "type": "string", @@ -31106,7 +31796,7 @@ }, "wellKnownUrl": { "type": "string", - "description": "The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'.\nhttps://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1\n" + "description": "The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1\n" } }, "required": [ @@ -31128,11 +31818,11 @@ }, "integrationType": { "type": "string", - "description": "The type of integration, e.g. 'Okta'. Full list of allowed values can be found here:\nhttps://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body\n" + "description": "The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body\n" }, "referenceId": { "type": "string", - "description": "A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If\nomitted, a random UUIDv4 is used.\nhttps://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider\n" + "description": "A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider\n" }, "tenantUrl": { "type": "string", @@ -31157,11 +31847,11 @@ }, "integrationType": { "type": "string", - "description": "The type of integration, e.g. 'Okta'. Full list of allowed values can be found here:\nhttps://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body\n" + "description": "The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body\n" }, "referenceId": { "type": "string", - "description": "A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If\nomitted, a random UUIDv4 is used.\nhttps://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider\n" + "description": "A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider\n" }, "tenantUrl": { "type": "string", @@ -31169,7 +31859,7 @@ }, "wellKnownUrl": { "type": "string", - "description": "The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'.\nhttps://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1\n" + "description": "The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1\n" } }, "type": "object" @@ -32780,7 +33470,7 @@ }, "type": { "type": "string", - "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" + "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n" } }, "type": "object", @@ -32811,7 +33501,7 @@ "type": "array" }, "type": { - "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n", + "description": "The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.\n", "type": "string" } }, diff --git a/provider/go.mod b/provider/go.mod index 61ce468e5..559cc4496 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -46,19 +46,19 @@ require ( github.com/armon/go-radix v1.0.0 // indirect github.com/atotto/clipboard v0.1.4 // indirect github.com/aws/aws-sdk-go v1.50.36 // indirect - github.com/aws/aws-sdk-go-v2 v1.30.4 // indirect - github.com/aws/aws-sdk-go-v2/config v1.27.31 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.17.30 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.16 // indirect + github.com/aws/aws-sdk-go-v2 v1.30.5 // indirect + github.com/aws/aws-sdk-go-v2/config v1.27.34 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.17.32 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 // indirect github.com/aws/aws-sdk-go-v2/service/kms v1.30.1 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.22.5 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.30.5 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 // indirect github.com/aws/smithy-go v1.20.4 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect @@ -70,7 +70,7 @@ require ( github.com/charmbracelet/lipgloss v0.7.1 // indirect github.com/cheggaaa/pb v1.0.29 // indirect github.com/cloudflare/circl v1.3.7 // indirect - github.com/cloudflare/cloudflare-go v0.103.0 // indirect + github.com/cloudflare/cloudflare-go v0.104.0 // indirect github.com/cloudflare/cloudflare-go/v2 v2.4.0 // indirect github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect @@ -231,16 +231,16 @@ require ( go.uber.org/atomic v1.9.0 // indirect gocloud.dev v0.37.0 // indirect gocloud.dev/secrets/hashivault v0.37.0 // indirect - golang.org/x/crypto v0.26.0 // indirect + golang.org/x/crypto v0.27.0 // indirect golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8 // indirect golang.org/x/mod v0.19.0 // indirect - golang.org/x/net v0.28.0 // indirect + golang.org/x/net v0.29.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sync v0.8.0 // indirect - golang.org/x/sys v0.23.0 // indirect - golang.org/x/term v0.23.0 // indirect - golang.org/x/text v0.17.0 // indirect - golang.org/x/time v0.5.0 // indirect + golang.org/x/sys v0.25.0 // indirect + golang.org/x/term v0.24.0 // indirect + golang.org/x/text v0.18.0 // indirect + golang.org/x/time v0.6.0 // indirect golang.org/x/tools v0.22.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect google.golang.org/api v0.169.0 // indirect diff --git a/provider/go.sum b/provider/go.sum index d725b741e..7f65b3e48 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1240,46 +1240,46 @@ github.com/aws/aws-sdk-go v1.37.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zK github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go v1.50.36 h1:PjWXHwZPuTLMR1NIb8nEjLucZBMzmf84TLoLbD8BZqk= github.com/aws/aws-sdk-go v1.50.36/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/aws/aws-sdk-go-v2 v1.30.4 h1:frhcagrVNrzmT95RJImMHgabt99vkXGslubDaDagTk8= -github.com/aws/aws-sdk-go-v2 v1.30.4/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0= +github.com/aws/aws-sdk-go-v2 v1.30.5 h1:mWSRTwQAb0aLE17dSzztCVJWI9+cRMgqebndjwDyK0g= +github.com/aws/aws-sdk-go-v2 v1.30.5/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4 h1:70PVAiL15/aBMh5LThwgXdSQorVr91L127ttckI9QQU= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4/go.mod h1:/MQxMqci8tlqDH+pjmoLu1i0tbWCUP1hhyMRuFxpQCw= -github.com/aws/aws-sdk-go-v2/config v1.27.31 h1:kxBoRsjhT3pq0cKthgj6RU6bXTm/2SgdoUMyrVw0rAI= -github.com/aws/aws-sdk-go-v2/config v1.27.31/go.mod h1:z04nZdSWFPaDwK3DdJOG2r+scLQzMYuJeW0CujEm9FM= -github.com/aws/aws-sdk-go-v2/credentials v1.17.30 h1:aau/oYFtibVovr2rDt8FHlU17BTicFEMAi29V1U+L5Q= -github.com/aws/aws-sdk-go-v2/credentials v1.17.30/go.mod h1:BPJ/yXV92ZVq6G8uYvbU0gSl8q94UB63nMT5ctNO38g= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12 h1:yjwoSyDZF8Jth+mUk5lSPJCkMC0lMy6FaCD51jm6ayE= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12/go.mod h1:fuR57fAgMk7ot3WcNQfb6rSEn+SUffl7ri+aa8uKysI= +github.com/aws/aws-sdk-go-v2/config v1.27.34 h1:5sLceuETg/215nLtY/QIVB2O6cosS0iC/Tx5oyqUhbw= +github.com/aws/aws-sdk-go-v2/config v1.27.34/go.mod h1:kEqdYzRb8dd8Sy2pOdEbExTTF5v7ozEXX0McgPE7xks= +github.com/aws/aws-sdk-go-v2/credentials v1.17.32 h1:7Cxhp/BnT2RcGy4VisJ9miUPecY+lyE9I8JvcZofn9I= +github.com/aws/aws-sdk-go-v2/credentials v1.17.32/go.mod h1:P5/QMF3/DCHbXGEGkdbilXHsyTBX5D3HSwcrSc9p20I= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 h1:pfQ2sqNpMVK6xz2RbqLEL0GH87JOwSxPV2rzm8Zsb74= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13/go.mod h1:NG7RXPUlqfsCLLFfi0+IpKN4sCB9D9fw/qTaSB+xRoU= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15 h1:7Zwtt/lP3KNRkeZre7soMELMGNoBrutx8nobg1jKWmo= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15/go.mod h1:436h2adoHb57yd+8W+gYPrrA9U/R/SuAuOO42Ushzhw= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16 h1:TNyt/+X43KJ9IJJMjKfa3bNTiZbUP7DeCxfbTROESwY= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16/go.mod h1:2DwJF39FlNAUiX5pAc0UNeiz16lK2t7IaFcm0LFHEgc= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.16 h1:jYfy8UPmd+6kJW5YhY0L1/KftReOGxI/4NtVSTh9O/I= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.16/go.mod h1:7ZfEPZxkW42Afq4uQB8H2E2e6ebh6mXTueEpYzjCzcs= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 h1:pI7Bzt0BJtYA0N/JEC6B8fJ4RBrEMi1LBrkMdFYNSnQ= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17/go.mod h1:Dh5zzJYMtxfIjYW+/evjQ8uj2OyR/ve2KROHGHlSFqE= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 h1:Mqr/V5gvrhA2gvgnF42Zh5iMiQNcOYthFYwCyrnuWlc= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17/go.mod h1:aLJpZlCmjE+V+KtN1q1uyZkfnUWpQGpbsn89XPKyzfU= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.16 h1:mimdLQkIX1zr8GIPY1ZtALdBQGxcASiBd2MOp8m/dMc= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.16/go.mod h1:YHk6owoSwrIsok+cAH9PENCOGoH5PU2EllX4vLtSrsY= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17 h1:Roo69qTpfu8OlJ2Tb7pAYVuF0CpuUMB0IYWwYP/4DZM= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17/go.mod h1:NcWPxQzGM1USQggaTVwz6VpqMZPX1CvDJLDh6jnOCa4= github.com/aws/aws-sdk-go-v2/service/iam v1.31.4 h1:eVm30ZIDv//r6Aogat9I88b5YX1xASSLcEDqHYRPVl0= github.com/aws/aws-sdk-go-v2/service/iam v1.31.4/go.mod h1:aXWImQV0uTW35LM0A/T4wEg6R1/ReXUu4SM6/lUHYK0= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 h1:KypMCbLPPHEmf9DgMGw51jMj77VfGPAN2Kv4cfhlfgI= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4/go.mod h1:Vz1JQXliGcQktFTN/LN6uGppAIRoLBR2bMvIMP0gOjc= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.18 h1:GckUnpm4EJOAio1c8o25a+b3lVfwVzC9gnSBqiiNmZM= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.18/go.mod h1:Br6+bxfG33Dk3ynmkhsW2Z/t9D4+lRqdLDNCKi85w0U= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18 h1:tJ5RnkHCiSH0jyd6gROjlJtNwov0eGYNz8s8nFcR0jQ= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18/go.mod h1:++NHzT+nAF7ZPrHPsA+ENvsXkOO8wEu+C6RXltAG4/c= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.16 h1:jg16PhLPUiHIj8zYIW6bqzeQSuHVEiWnGA0Brz5Xv2I= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.16/go.mod h1:Uyk1zE1VVdsHSU7096h/rwnXDzOzYQVl+FNPhPw7ShY= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.19 h1:FLMkfEiRjhgeDTCjjLoc3URo/TBkgeQbocA78lfkzSI= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.19/go.mod h1:Vx+GucNSsdhaxs3aZIKfSUjKVGsxN25nX2SRcdhuw08= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 h1:rfprUlsdzgl7ZL2KlXiUAoJnI/VxfHCvDFr2QDFj6u4= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19/go.mod h1:SCWkEdRq8/7EK60NcvvQ6NXKuTcchAD4ROAsC37VEZE= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17 h1:u+EfGmksnJc/x5tq3A+OD7LrMbSSR/5TrKLvkdy/fhY= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17/go.mod h1:VaMx6302JHax2vHJWgRo+5n9zvbacs3bLU/23DNQrTY= github.com/aws/aws-sdk-go-v2/service/kms v1.30.1 h1:SBn4I0fJXF9FYOVRSVMWuhvEKoAHDikjGpS3wlmw5DE= github.com/aws/aws-sdk-go-v2/service/kms v1.30.1/go.mod h1:2snWQJQUKsbN66vAawJuOGX7dr37pfOq9hb0tZDGIqQ= -github.com/aws/aws-sdk-go-v2/service/s3 v1.61.0 h1:Wb544Wh+xfSXqJ/j3R4aX9wrKUoZsJNmilBYZb3mKQ4= -github.com/aws/aws-sdk-go-v2/service/s3 v1.61.0/go.mod h1:BSPI0EfnYUuNHPS0uqIo5VrRwzie+Fp+YhQOUs16sKI= -github.com/aws/aws-sdk-go-v2/service/sso v1.22.5 h1:zCsFCKvbj25i7p1u94imVoO447I/sFv8qq+lGJhRN0c= -github.com/aws/aws-sdk-go-v2/service/sso v1.22.5/go.mod h1:ZeDX1SnKsVlejeuz41GiajjZpRSWR7/42q/EyA/QEiM= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 h1:SKvPgvdvmiTWoi0GAJ7AsJfOz3ngVkD/ERbs5pUnHNI= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5/go.mod h1:20sz31hv/WsPa3HhU3hfrIet2kxM4Pe0r20eBZ20Tac= -github.com/aws/aws-sdk-go-v2/service/sts v1.30.5 h1:OMsEmCyz2i89XwRwPouAJvhj81wINh+4UK+k/0Yo/q8= -github.com/aws/aws-sdk-go-v2/service/sts v1.30.5/go.mod h1:vmSqFK+BVIwVpDAGZB3CoCXHzurt4qBE8lf+I/kRTh0= +github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2 h1:Kp6PWAlXwP1UvIflkIP6MFZYBNDCa4mFCGtxrpICVOg= +github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2/go.mod h1:5FmD/Dqq57gP+XwaUnd5WFPipAuzrf0HmupX27Gvjvc= +github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 h1:pIaGg+08llrP7Q5aiz9ICWbY8cqhTkyy+0SHvfzQpTc= +github.com/aws/aws-sdk-go-v2/service/sso v1.22.7/go.mod h1:eEygMHnTKH/3kNp9Jr1n3PdejuSNcgwLe1dWgQtO0VQ= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 h1:/Cfdu0XV3mONYKaOt1Gr0k1KvQzkzPyiKUdlWJqy+J4= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7/go.mod h1:bCbAxKDqNvkHxRaIMnyVPXPo+OaPRwvmgzMxbz1VKSA= +github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 h1:NKTa1eqZYw8tiHSRGpP0VtTdub/8KNk8sDkNPFaOKDE= +github.com/aws/aws-sdk-go-v2/service/sts v1.30.7/go.mod h1:NXi1dIAGteSaRLqYgarlhP/Ij0cFT+qmCwiJqWh/U5o= github.com/aws/smithy-go v1.20.4 h1:2HK1zBdPgRbjFOHlfeQZfpC4r72MOb9bZkiFwggKO+4= github.com/aws/smithy-go v1.20.4/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= @@ -1319,8 +1319,8 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= -github.com/cloudflare/cloudflare-go v0.103.0 h1:XXKzgXeUbAo7UTtM4T5wuD2bJPBtNZv7TlZAEy5QI4k= -github.com/cloudflare/cloudflare-go v0.103.0/go.mod h1:0DrjT4g8wgYFYIxhlqR8xi8dNWfyHFGilUkU3+XV8h0= +github.com/cloudflare/cloudflare-go v0.104.0 h1:R/lB0dZupaZbOgibAH/BRrkFbZ6Acn/WsKg2iX2xXuY= +github.com/cloudflare/cloudflare-go v0.104.0/go.mod h1:pfUQ4PIG4ISI0/Mmc21Bp86UnFU0ktmPf3iTgbSL+cM= github.com/cloudflare/cloudflare-go/v2 v2.4.0 h1:gys/26GoVDklgfq8NYV39WgvOEwzK/XAqYObmnI6iFg= github.com/cloudflare/cloudflare-go/v2 v2.4.0/go.mod h1:AoIzb05z/rvdJLztPct4tSa+3IqXJJ6c+pbUFMOlTr8= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -2209,8 +2209,8 @@ golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= -golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= +golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -2358,8 +2358,8 @@ golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= +golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2533,8 +2533,8 @@ golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM= -golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= +golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -2555,8 +2555,8 @@ golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= -golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= +golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= +golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -2578,16 +2578,16 @@ golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= -golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= +golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= -golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= diff --git a/upstream b/upstream index 18815b30d..24a5e8063 160000 --- a/upstream +++ b/upstream @@ -1 +1 @@ -Subproject commit 18815b30d1a81e5c54cabdcd65e17fd2af4e935f +Subproject commit 24a5e8063fe852706cc91aa548fe3b50247a7117 From 8fda4488b96795a32f3399c40eceda91bc3aab5d Mon Sep 17 00:00:00 2001 From: pulumi-bot Date: Wed, 18 Sep 2024 03:24:09 +0000 Subject: [PATCH 2/2] make build_sdks --- sdk/dotnet/AccessPolicy.cs | 12 +- sdk/dotnet/BotManagement.cs | 18 + sdk/dotnet/DeviceSettingsPolicy.cs | 6 +- sdk/dotnet/GetDevicePostureRules.cs | 6 +- sdk/dotnet/Inputs/AccessGroupExcludeArgs.cs | 72 +- .../AccessGroupExcludeAuthContextArgs.cs | 2 +- .../AccessGroupExcludeAuthContextGetArgs.cs | 2 +- .../Inputs/AccessGroupExcludeAzureArgs.cs | 2 +- .../Inputs/AccessGroupExcludeAzureGetArgs.cs | 2 +- ...ccessGroupExcludeExternalEvaluationArgs.cs | 6 + ...ssGroupExcludeExternalEvaluationGetArgs.cs | 6 + .../Inputs/AccessGroupExcludeGetArgs.cs | 72 +- .../Inputs/AccessGroupExcludeGithubArgs.cs | 10 + .../Inputs/AccessGroupExcludeGithubGetArgs.cs | 10 + .../Inputs/AccessGroupExcludeGsuiteArgs.cs | 7 + .../Inputs/AccessGroupExcludeGsuiteGetArgs.cs | 7 + .../Inputs/AccessGroupExcludeOktaArgs.cs | 7 + .../Inputs/AccessGroupExcludeOktaGetArgs.cs | 7 + .../Inputs/AccessGroupExcludeSamlArgs.cs | 9 + .../Inputs/AccessGroupExcludeSamlGetArgs.cs | 9 + sdk/dotnet/Inputs/AccessGroupIncludeArgs.cs | 72 +- .../AccessGroupIncludeAuthContextArgs.cs | 2 +- .../AccessGroupIncludeAuthContextGetArgs.cs | 2 +- .../Inputs/AccessGroupIncludeAzureArgs.cs | 2 +- .../Inputs/AccessGroupIncludeAzureGetArgs.cs | 2 +- ...ccessGroupIncludeExternalEvaluationArgs.cs | 6 + ...ssGroupIncludeExternalEvaluationGetArgs.cs | 6 + .../Inputs/AccessGroupIncludeGetArgs.cs | 72 +- .../Inputs/AccessGroupIncludeGithubArgs.cs | 10 + .../Inputs/AccessGroupIncludeGithubGetArgs.cs | 10 + .../Inputs/AccessGroupIncludeGsuiteArgs.cs | 7 + .../Inputs/AccessGroupIncludeGsuiteGetArgs.cs | 7 + .../Inputs/AccessGroupIncludeOktaArgs.cs | 7 + .../Inputs/AccessGroupIncludeOktaGetArgs.cs | 7 + .../Inputs/AccessGroupIncludeSamlArgs.cs | 9 + .../Inputs/AccessGroupIncludeSamlGetArgs.cs | 9 + sdk/dotnet/Inputs/AccessGroupRequireArgs.cs | 72 +- .../AccessGroupRequireAuthContextArgs.cs | 2 +- .../AccessGroupRequireAuthContextGetArgs.cs | 2 +- .../Inputs/AccessGroupRequireAzureArgs.cs | 2 +- .../Inputs/AccessGroupRequireAzureGetArgs.cs | 2 +- ...ccessGroupRequireExternalEvaluationArgs.cs | 6 + ...ssGroupRequireExternalEvaluationGetArgs.cs | 6 + .../Inputs/AccessGroupRequireGetArgs.cs | 72 +- .../Inputs/AccessGroupRequireGithubArgs.cs | 10 + .../Inputs/AccessGroupRequireGithubGetArgs.cs | 10 + .../Inputs/AccessGroupRequireGsuiteArgs.cs | 7 + .../Inputs/AccessGroupRequireGsuiteGetArgs.cs | 7 + .../Inputs/AccessGroupRequireOktaArgs.cs | 7 + .../Inputs/AccessGroupRequireOktaGetArgs.cs | 7 + .../Inputs/AccessGroupRequireSamlArgs.cs | 9 + .../Inputs/AccessGroupRequireSamlGetArgs.cs | 9 + sdk/dotnet/Inputs/AccessPolicyExcludeArgs.cs | 72 +- .../AccessPolicyExcludeAuthContextArgs.cs | 2 +- .../AccessPolicyExcludeAuthContextGetArgs.cs | 2 +- .../Inputs/AccessPolicyExcludeAzureArgs.cs | 2 +- .../Inputs/AccessPolicyExcludeAzureGetArgs.cs | 2 +- ...cessPolicyExcludeExternalEvaluationArgs.cs | 6 + ...sPolicyExcludeExternalEvaluationGetArgs.cs | 6 + .../Inputs/AccessPolicyExcludeGetArgs.cs | 72 +- .../Inputs/AccessPolicyExcludeGithubArgs.cs | 10 + .../AccessPolicyExcludeGithubGetArgs.cs | 10 + .../Inputs/AccessPolicyExcludeGsuiteArgs.cs | 7 + .../AccessPolicyExcludeGsuiteGetArgs.cs | 7 + .../Inputs/AccessPolicyExcludeOktaArgs.cs | 7 + .../Inputs/AccessPolicyExcludeOktaGetArgs.cs | 7 + .../Inputs/AccessPolicyExcludeSamlArgs.cs | 9 + .../Inputs/AccessPolicyExcludeSamlGetArgs.cs | 9 + sdk/dotnet/Inputs/AccessPolicyIncludeArgs.cs | 72 +- .../AccessPolicyIncludeAuthContextArgs.cs | 2 +- .../AccessPolicyIncludeAuthContextGetArgs.cs | 2 +- .../Inputs/AccessPolicyIncludeAzureArgs.cs | 2 +- .../Inputs/AccessPolicyIncludeAzureGetArgs.cs | 2 +- ...cessPolicyIncludeExternalEvaluationArgs.cs | 6 + ...sPolicyIncludeExternalEvaluationGetArgs.cs | 6 + .../Inputs/AccessPolicyIncludeGetArgs.cs | 72 +- .../Inputs/AccessPolicyIncludeGithubArgs.cs | 10 + .../AccessPolicyIncludeGithubGetArgs.cs | 10 + .../Inputs/AccessPolicyIncludeGsuiteArgs.cs | 7 + .../AccessPolicyIncludeGsuiteGetArgs.cs | 7 + .../Inputs/AccessPolicyIncludeOktaArgs.cs | 7 + .../Inputs/AccessPolicyIncludeOktaGetArgs.cs | 7 + .../Inputs/AccessPolicyIncludeSamlArgs.cs | 9 + .../Inputs/AccessPolicyIncludeSamlGetArgs.cs | 9 + sdk/dotnet/Inputs/AccessPolicyRequireArgs.cs | 72 +- .../AccessPolicyRequireAuthContextArgs.cs | 2 +- .../AccessPolicyRequireAuthContextGetArgs.cs | 2 +- .../Inputs/AccessPolicyRequireAzureArgs.cs | 2 +- .../Inputs/AccessPolicyRequireAzureGetArgs.cs | 2 +- ...cessPolicyRequireExternalEvaluationArgs.cs | 6 + ...sPolicyRequireExternalEvaluationGetArgs.cs | 6 + .../Inputs/AccessPolicyRequireGetArgs.cs | 72 +- .../Inputs/AccessPolicyRequireGithubArgs.cs | 10 + .../AccessPolicyRequireGithubGetArgs.cs | 10 + .../Inputs/AccessPolicyRequireGsuiteArgs.cs | 7 + .../AccessPolicyRequireGsuiteGetArgs.cs | 7 + .../Inputs/AccessPolicyRequireOktaArgs.cs | 7 + .../Inputs/AccessPolicyRequireOktaGetArgs.cs | 7 + .../Inputs/AccessPolicyRequireSamlArgs.cs | 9 + .../Inputs/AccessPolicyRequireSamlGetArgs.cs | 9 + .../Inputs/DevicePostureRuleInputArgs.cs | 4 +- .../Inputs/DevicePostureRuleInputGetArgs.cs | 4 +- .../DevicePostureRuleInputLocationArgs.cs | 4 +- .../DevicePostureRuleInputLocationGetArgs.cs | 4 +- .../Inputs/RulesetRuleActionParametersArgs.cs | 6 + ...setRuleActionParametersCacheReserveArgs.cs | 32 + ...RuleActionParametersCacheReserveGetArgs.cs | 32 + .../RulesetRuleActionParametersGetArgs.cs | 6 + .../Inputs/TeamsAccountCertificateArgs.cs | 26 + .../Inputs/TeamsAccountCertificateGetArgs.cs | 26 + sdk/dotnet/Inputs/TeamsAccountProxyArgs.cs | 2 +- sdk/dotnet/Inputs/TeamsAccountProxyGetArgs.cs | 2 +- ...WorkerScriptHyperdriveConfigBindingArgs.cs | 32 + ...kerScriptHyperdriveConfigBindingGetArgs.cs | 32 + ...orkersScriptHyperdriveConfigBindingArgs.cs | 32 + ...ersScriptHyperdriveConfigBindingGetArgs.cs | 32 + .../Inputs/ZeroTrustAccessGroupExcludeArgs.cs | 73 +- ...oTrustAccessGroupExcludeAuthContextArgs.cs | 2 +- ...ustAccessGroupExcludeAuthContextGetArgs.cs | 2 +- .../ZeroTrustAccessGroupExcludeAzureArgs.cs | 2 +- ...ZeroTrustAccessGroupExcludeAzureGetArgs.cs | 2 +- ...ccessGroupExcludeExternalEvaluationArgs.cs | 6 + ...ssGroupExcludeExternalEvaluationGetArgs.cs | 6 + .../ZeroTrustAccessGroupExcludeGetArgs.cs | 73 +- .../ZeroTrustAccessGroupExcludeGithubArgs.cs | 10 + ...eroTrustAccessGroupExcludeGithubGetArgs.cs | 10 + .../ZeroTrustAccessGroupExcludeGsuiteArgs.cs | 7 + ...eroTrustAccessGroupExcludeGsuiteGetArgs.cs | 7 + .../ZeroTrustAccessGroupExcludeOktaArgs.cs | 7 + .../ZeroTrustAccessGroupExcludeOktaGetArgs.cs | 7 + .../ZeroTrustAccessGroupExcludeSamlArgs.cs | 9 + .../ZeroTrustAccessGroupExcludeSamlGetArgs.cs | 9 + .../Inputs/ZeroTrustAccessGroupIncludeArgs.cs | 73 +- ...oTrustAccessGroupIncludeAuthContextArgs.cs | 2 +- ...ustAccessGroupIncludeAuthContextGetArgs.cs | 2 +- .../ZeroTrustAccessGroupIncludeAzureArgs.cs | 2 +- ...ZeroTrustAccessGroupIncludeAzureGetArgs.cs | 2 +- ...ccessGroupIncludeExternalEvaluationArgs.cs | 6 + ...ssGroupIncludeExternalEvaluationGetArgs.cs | 6 + .../ZeroTrustAccessGroupIncludeGetArgs.cs | 73 +- .../ZeroTrustAccessGroupIncludeGithubArgs.cs | 10 + ...eroTrustAccessGroupIncludeGithubGetArgs.cs | 10 + .../ZeroTrustAccessGroupIncludeGsuiteArgs.cs | 7 + ...eroTrustAccessGroupIncludeGsuiteGetArgs.cs | 7 + .../ZeroTrustAccessGroupIncludeOktaArgs.cs | 7 + .../ZeroTrustAccessGroupIncludeOktaGetArgs.cs | 7 + .../ZeroTrustAccessGroupIncludeSamlArgs.cs | 9 + .../ZeroTrustAccessGroupIncludeSamlGetArgs.cs | 9 + .../Inputs/ZeroTrustAccessGroupRequireArgs.cs | 73 +- ...oTrustAccessGroupRequireAuthContextArgs.cs | 2 +- ...ustAccessGroupRequireAuthContextGetArgs.cs | 2 +- .../ZeroTrustAccessGroupRequireAzureArgs.cs | 2 +- ...ZeroTrustAccessGroupRequireAzureGetArgs.cs | 2 +- ...ccessGroupRequireExternalEvaluationArgs.cs | 6 + ...ssGroupRequireExternalEvaluationGetArgs.cs | 6 + .../ZeroTrustAccessGroupRequireGetArgs.cs | 73 +- .../ZeroTrustAccessGroupRequireGithubArgs.cs | 10 + ...eroTrustAccessGroupRequireGithubGetArgs.cs | 10 + .../ZeroTrustAccessGroupRequireGsuiteArgs.cs | 7 + ...eroTrustAccessGroupRequireGsuiteGetArgs.cs | 7 + .../ZeroTrustAccessGroupRequireOktaArgs.cs | 7 + .../ZeroTrustAccessGroupRequireOktaGetArgs.cs | 7 + .../ZeroTrustAccessGroupRequireSamlArgs.cs | 9 + .../ZeroTrustAccessGroupRequireSamlGetArgs.cs | 9 + .../ZeroTrustAccessPolicyExcludeArgs.cs | 73 +- ...TrustAccessPolicyExcludeAuthContextArgs.cs | 2 +- ...stAccessPolicyExcludeAuthContextGetArgs.cs | 2 +- .../ZeroTrustAccessPolicyExcludeAzureArgs.cs | 2 +- ...eroTrustAccessPolicyExcludeAzureGetArgs.cs | 2 +- ...cessPolicyExcludeExternalEvaluationArgs.cs | 6 + ...sPolicyExcludeExternalEvaluationGetArgs.cs | 6 + .../ZeroTrustAccessPolicyExcludeGetArgs.cs | 73 +- .../ZeroTrustAccessPolicyExcludeGithubArgs.cs | 10 + ...roTrustAccessPolicyExcludeGithubGetArgs.cs | 10 + .../ZeroTrustAccessPolicyExcludeGsuiteArgs.cs | 7 + ...roTrustAccessPolicyExcludeGsuiteGetArgs.cs | 7 + .../ZeroTrustAccessPolicyExcludeOktaArgs.cs | 7 + ...ZeroTrustAccessPolicyExcludeOktaGetArgs.cs | 7 + .../ZeroTrustAccessPolicyExcludeSamlArgs.cs | 9 + ...ZeroTrustAccessPolicyExcludeSamlGetArgs.cs | 9 + .../ZeroTrustAccessPolicyIncludeArgs.cs | 73 +- ...TrustAccessPolicyIncludeAuthContextArgs.cs | 2 +- ...stAccessPolicyIncludeAuthContextGetArgs.cs | 2 +- .../ZeroTrustAccessPolicyIncludeAzureArgs.cs | 2 +- ...eroTrustAccessPolicyIncludeAzureGetArgs.cs | 2 +- ...cessPolicyIncludeExternalEvaluationArgs.cs | 6 + ...sPolicyIncludeExternalEvaluationGetArgs.cs | 6 + .../ZeroTrustAccessPolicyIncludeGetArgs.cs | 73 +- .../ZeroTrustAccessPolicyIncludeGithubArgs.cs | 10 + ...roTrustAccessPolicyIncludeGithubGetArgs.cs | 10 + .../ZeroTrustAccessPolicyIncludeGsuiteArgs.cs | 7 + ...roTrustAccessPolicyIncludeGsuiteGetArgs.cs | 7 + .../ZeroTrustAccessPolicyIncludeOktaArgs.cs | 7 + ...ZeroTrustAccessPolicyIncludeOktaGetArgs.cs | 7 + .../ZeroTrustAccessPolicyIncludeSamlArgs.cs | 9 + ...ZeroTrustAccessPolicyIncludeSamlGetArgs.cs | 9 + .../ZeroTrustAccessPolicyRequireArgs.cs | 73 +- ...TrustAccessPolicyRequireAuthContextArgs.cs | 2 +- ...stAccessPolicyRequireAuthContextGetArgs.cs | 2 +- .../ZeroTrustAccessPolicyRequireAzureArgs.cs | 2 +- ...eroTrustAccessPolicyRequireAzureGetArgs.cs | 2 +- ...cessPolicyRequireExternalEvaluationArgs.cs | 6 + ...sPolicyRequireExternalEvaluationGetArgs.cs | 6 + .../ZeroTrustAccessPolicyRequireGetArgs.cs | 73 +- .../ZeroTrustAccessPolicyRequireGithubArgs.cs | 10 + ...roTrustAccessPolicyRequireGithubGetArgs.cs | 10 + .../ZeroTrustAccessPolicyRequireGsuiteArgs.cs | 7 + ...roTrustAccessPolicyRequireGsuiteGetArgs.cs | 7 + .../ZeroTrustAccessPolicyRequireOktaArgs.cs | 7 + ...ZeroTrustAccessPolicyRequireOktaGetArgs.cs | 7 + .../ZeroTrustAccessPolicyRequireSamlArgs.cs | 9 + ...ZeroTrustAccessPolicyRequireSamlGetArgs.cs | 9 + .../ZeroTrustDevicePostureRuleInputArgs.cs | 8 +- .../ZeroTrustDevicePostureRuleInputGetArgs.cs | 8 +- ...TrustDevicePostureRuleInputLocationArgs.cs | 2 +- ...stDevicePostureRuleInputLocationGetArgs.cs | 2 +- ...ZeroTrustGatewaySettingsCertificateArgs.cs | 26 + ...oTrustGatewaySettingsCertificateGetArgs.cs | 26 + .../ZeroTrustGatewaySettingsProxyArgs.cs | 2 +- .../ZeroTrustGatewaySettingsProxyGetArgs.cs | 2 +- .../ZoneSettingsOverrideInitialSettingArgs.cs | 3 + ...neSettingsOverrideInitialSettingGetArgs.cs | 3 + .../ZoneSettingsOverrideSettingsArgs.cs | 3 + .../ZoneSettingsOverrideSettingsGetArgs.cs | 3 + sdk/dotnet/NotificationPolicy.cs | 6 +- sdk/dotnet/Outputs/AccessGroupExclude.cs | 59 +- .../Outputs/AccessGroupExcludeAuthContext.cs | 2 +- sdk/dotnet/Outputs/AccessGroupExcludeAzure.cs | 2 +- .../AccessGroupExcludeExternalEvaluation.cs | 6 + .../Outputs/AccessGroupExcludeGithub.cs | 9 + .../Outputs/AccessGroupExcludeGsuite.cs | 6 + sdk/dotnet/Outputs/AccessGroupExcludeOkta.cs | 6 + sdk/dotnet/Outputs/AccessGroupExcludeSaml.cs | 9 + sdk/dotnet/Outputs/AccessGroupInclude.cs | 59 +- .../Outputs/AccessGroupIncludeAuthContext.cs | 2 +- sdk/dotnet/Outputs/AccessGroupIncludeAzure.cs | 2 +- .../AccessGroupIncludeExternalEvaluation.cs | 6 + .../Outputs/AccessGroupIncludeGithub.cs | 9 + .../Outputs/AccessGroupIncludeGsuite.cs | 6 + sdk/dotnet/Outputs/AccessGroupIncludeOkta.cs | 6 + sdk/dotnet/Outputs/AccessGroupIncludeSaml.cs | 9 + sdk/dotnet/Outputs/AccessGroupRequire.cs | 59 +- .../Outputs/AccessGroupRequireAuthContext.cs | 2 +- sdk/dotnet/Outputs/AccessGroupRequireAzure.cs | 2 +- .../AccessGroupRequireExternalEvaluation.cs | 6 + .../Outputs/AccessGroupRequireGithub.cs | 9 + .../Outputs/AccessGroupRequireGsuite.cs | 6 + sdk/dotnet/Outputs/AccessGroupRequireOkta.cs | 6 + sdk/dotnet/Outputs/AccessGroupRequireSaml.cs | 9 + sdk/dotnet/Outputs/AccessPolicyExclude.cs | 59 +- .../Outputs/AccessPolicyExcludeAuthContext.cs | 2 +- .../Outputs/AccessPolicyExcludeAzure.cs | 2 +- .../AccessPolicyExcludeExternalEvaluation.cs | 6 + .../Outputs/AccessPolicyExcludeGithub.cs | 9 + .../Outputs/AccessPolicyExcludeGsuite.cs | 6 + sdk/dotnet/Outputs/AccessPolicyExcludeOkta.cs | 6 + sdk/dotnet/Outputs/AccessPolicyExcludeSaml.cs | 9 + sdk/dotnet/Outputs/AccessPolicyInclude.cs | 59 +- .../Outputs/AccessPolicyIncludeAuthContext.cs | 2 +- .../Outputs/AccessPolicyIncludeAzure.cs | 2 +- .../AccessPolicyIncludeExternalEvaluation.cs | 6 + .../Outputs/AccessPolicyIncludeGithub.cs | 9 + .../Outputs/AccessPolicyIncludeGsuite.cs | 6 + sdk/dotnet/Outputs/AccessPolicyIncludeOkta.cs | 6 + sdk/dotnet/Outputs/AccessPolicyIncludeSaml.cs | 9 + sdk/dotnet/Outputs/AccessPolicyRequire.cs | 59 +- .../Outputs/AccessPolicyRequireAuthContext.cs | 2 +- .../Outputs/AccessPolicyRequireAzure.cs | 2 +- .../AccessPolicyRequireExternalEvaluation.cs | 6 + .../Outputs/AccessPolicyRequireGithub.cs | 9 + .../Outputs/AccessPolicyRequireGsuite.cs | 6 + sdk/dotnet/Outputs/AccessPolicyRequireOkta.cs | 6 + sdk/dotnet/Outputs/AccessPolicyRequireSaml.cs | 9 + sdk/dotnet/Outputs/DevicePostureRuleInput.cs | 4 +- .../Outputs/DevicePostureRuleInputLocation.cs | 4 +- ...tRuleActionParametersCacheReserveResult.cs | 35 + ...lesetsRulesetRuleActionParametersResult.cs | 7 + .../Outputs/RulesetRuleActionParameters.cs | 7 + ...RulesetRuleActionParametersCacheReserve.cs | 35 + sdk/dotnet/Outputs/TeamsAccountCertificate.cs | 27 + sdk/dotnet/Outputs/TeamsAccountProxy.cs | 2 +- .../WorkerScriptHyperdriveConfigBinding.cs | 35 + .../WorkersScriptHyperdriveConfigBinding.cs | 35 + .../Outputs/ZeroTrustAccessGroupExclude.cs | 59 +- .../ZeroTrustAccessGroupExcludeAuthContext.cs | 2 +- .../ZeroTrustAccessGroupExcludeAzure.cs | 2 +- ...ustAccessGroupExcludeExternalEvaluation.cs | 6 + .../ZeroTrustAccessGroupExcludeGithub.cs | 9 + .../ZeroTrustAccessGroupExcludeGsuite.cs | 6 + .../ZeroTrustAccessGroupExcludeOkta.cs | 6 + .../ZeroTrustAccessGroupExcludeSaml.cs | 9 + .../Outputs/ZeroTrustAccessGroupInclude.cs | 59 +- .../ZeroTrustAccessGroupIncludeAuthContext.cs | 2 +- .../ZeroTrustAccessGroupIncludeAzure.cs | 2 +- ...ustAccessGroupIncludeExternalEvaluation.cs | 6 + .../ZeroTrustAccessGroupIncludeGithub.cs | 9 + .../ZeroTrustAccessGroupIncludeGsuite.cs | 6 + .../ZeroTrustAccessGroupIncludeOkta.cs | 6 + .../ZeroTrustAccessGroupIncludeSaml.cs | 9 + .../Outputs/ZeroTrustAccessGroupRequire.cs | 59 +- .../ZeroTrustAccessGroupRequireAuthContext.cs | 2 +- .../ZeroTrustAccessGroupRequireAzure.cs | 2 +- ...ustAccessGroupRequireExternalEvaluation.cs | 6 + .../ZeroTrustAccessGroupRequireGithub.cs | 9 + .../ZeroTrustAccessGroupRequireGsuite.cs | 6 + .../ZeroTrustAccessGroupRequireOkta.cs | 6 + .../ZeroTrustAccessGroupRequireSaml.cs | 9 + .../Outputs/ZeroTrustAccessPolicyExclude.cs | 59 +- ...ZeroTrustAccessPolicyExcludeAuthContext.cs | 2 +- .../ZeroTrustAccessPolicyExcludeAzure.cs | 2 +- ...stAccessPolicyExcludeExternalEvaluation.cs | 6 + .../ZeroTrustAccessPolicyExcludeGithub.cs | 9 + .../ZeroTrustAccessPolicyExcludeGsuite.cs | 6 + .../ZeroTrustAccessPolicyExcludeOkta.cs | 6 + .../ZeroTrustAccessPolicyExcludeSaml.cs | 9 + .../Outputs/ZeroTrustAccessPolicyInclude.cs | 59 +- ...ZeroTrustAccessPolicyIncludeAuthContext.cs | 2 +- .../ZeroTrustAccessPolicyIncludeAzure.cs | 2 +- ...stAccessPolicyIncludeExternalEvaluation.cs | 6 + .../ZeroTrustAccessPolicyIncludeGithub.cs | 9 + .../ZeroTrustAccessPolicyIncludeGsuite.cs | 6 + .../ZeroTrustAccessPolicyIncludeOkta.cs | 6 + .../ZeroTrustAccessPolicyIncludeSaml.cs | 9 + .../Outputs/ZeroTrustAccessPolicyRequire.cs | 59 +- ...ZeroTrustAccessPolicyRequireAuthContext.cs | 2 +- .../ZeroTrustAccessPolicyRequireAzure.cs | 2 +- ...stAccessPolicyRequireExternalEvaluation.cs | 6 + .../ZeroTrustAccessPolicyRequireGithub.cs | 9 + .../ZeroTrustAccessPolicyRequireGsuite.cs | 6 + .../ZeroTrustAccessPolicyRequireOkta.cs | 6 + .../ZeroTrustAccessPolicyRequireSaml.cs | 9 + .../ZeroTrustDevicePostureRuleInput.cs | 8 +- ...ZeroTrustDevicePostureRuleInputLocation.cs | 2 +- .../ZeroTrustGatewaySettingsCertificate.cs | 27 + .../Outputs/ZeroTrustGatewaySettingsProxy.cs | 2 +- .../ZoneSettingsOverrideInitialSetting.cs | 4 + .../Outputs/ZoneSettingsOverrideSettings.cs | 4 + sdk/dotnet/TeamsAccount.cs | 25 +- sdk/dotnet/WaitingRoom.cs | 10 +- sdk/dotnet/WorkerScript.cs | 19 + sdk/dotnet/WorkersScript.cs | 19 + sdk/dotnet/ZeroTrustAccessPolicy.cs | 12 +- sdk/dotnet/ZeroTrustDevicePostureRule.cs | 6 +- sdk/dotnet/ZeroTrustDeviceProfiles.cs | 6 +- sdk/dotnet/ZeroTrustGatewayCertificate.cs | 216 + sdk/dotnet/ZeroTrustGatewaySettings.cs | 25 +- sdk/dotnet/ZeroTrustRiskScoreIntegration.cs | 30 +- sdk/go/cloudflare/accessPolicy.go | 24 +- sdk/go/cloudflare/botManagement.go | 15 + sdk/go/cloudflare/deviceSettingsPolicy.go | 12 +- sdk/go/cloudflare/getDevicePostureRules.go | 8 +- sdk/go/cloudflare/init.go | 7 + sdk/go/cloudflare/notificationPolicy.go | 12 +- sdk/go/cloudflare/pulumiTypes.go | 3689 +++++++++++++---- sdk/go/cloudflare/teamsAccount.go | 48 +- sdk/go/cloudflare/waitingRoom.go | 15 +- sdk/go/cloudflare/workerScript.go | 31 +- sdk/go/cloudflare/workersScript.go | 31 +- sdk/go/cloudflare/zeroTrustAccessPolicy.go | 24 +- .../cloudflare/zeroTrustDevicePostureRule.go | 12 +- sdk/go/cloudflare/zeroTrustDeviceProfiles.go | 12 +- .../cloudflare/zeroTrustGatewayCertificate.go | 330 ++ sdk/go/cloudflare/zeroTrustGatewaySettings.go | 48 +- .../zeroTrustRiskScoreIntegration.go | 55 +- sdk/java/build.gradle | 2 +- .../com/pulumi/cloudflare/AccessPolicy.java | 8 +- .../pulumi/cloudflare/AccessPolicyArgs.java | 16 +- .../com/pulumi/cloudflare/BotManagement.java | 14 + .../pulumi/cloudflare/BotManagementArgs.java | 37 + .../cloudflare/DeviceSettingsPolicy.java | 4 +- .../cloudflare/DeviceSettingsPolicyArgs.java | 8 +- .../pulumi/cloudflare/NotificationPolicy.java | 4 +- .../cloudflare/NotificationPolicyArgs.java | 8 +- .../java/com/pulumi/cloudflare/Ruleset.java | 455 -- .../com/pulumi/cloudflare/TeamsAccount.java | 24 +- .../pulumi/cloudflare/TeamsAccountArgs.java | 62 +- .../com/pulumi/cloudflare/WaitingRoom.java | 5 +- .../pulumi/cloudflare/WaitingRoomArgs.java | 10 +- .../com/pulumi/cloudflare/WorkerScript.java | 7 + .../pulumi/cloudflare/WorkerScriptArgs.java | 22 + .../com/pulumi/cloudflare/WorkersScript.java | 7 + .../pulumi/cloudflare/WorkersScriptArgs.java | 22 + .../cloudflare/ZeroTrustAccessPolicy.java | 8 +- .../cloudflare/ZeroTrustAccessPolicyArgs.java | 16 +- .../ZeroTrustDevicePostureRule.java | 4 +- .../ZeroTrustDevicePostureRuleArgs.java | 8 +- .../cloudflare/ZeroTrustDeviceProfiles.java | 4 +- .../ZeroTrustDeviceProfilesArgs.java | 8 +- .../ZeroTrustGatewayCertificate.java | 204 + .../ZeroTrustGatewayCertificateArgs.java | 237 ++ .../cloudflare/ZeroTrustGatewaySettings.java | 24 +- .../ZeroTrustGatewaySettingsArgs.java | 62 +- .../ZeroTrustRiskScoreIntegration.java | 24 +- .../ZeroTrustRiskScoreIntegrationArgs.java | 28 +- .../inputs/AccessGroupExcludeArgs.java | 468 ++- .../AccessGroupExcludeAuthContextArgs.java | 8 +- .../inputs/AccessGroupExcludeAzureArgs.java | 8 +- ...essGroupExcludeExternalEvaluationArgs.java | 40 + .../inputs/AccessGroupExcludeGithubArgs.java | 66 + .../inputs/AccessGroupExcludeGsuiteArgs.java | 46 + .../inputs/AccessGroupExcludeOktaArgs.java | 46 + .../inputs/AccessGroupExcludeSamlArgs.java | 60 + .../inputs/AccessGroupIncludeArgs.java | 468 ++- .../AccessGroupIncludeAuthContextArgs.java | 8 +- .../inputs/AccessGroupIncludeAzureArgs.java | 8 +- ...essGroupIncludeExternalEvaluationArgs.java | 40 + .../inputs/AccessGroupIncludeGithubArgs.java | 66 + .../inputs/AccessGroupIncludeGsuiteArgs.java | 46 + .../inputs/AccessGroupIncludeOktaArgs.java | 46 + .../inputs/AccessGroupIncludeSamlArgs.java | 60 + .../inputs/AccessGroupRequireArgs.java | 468 ++- .../AccessGroupRequireAuthContextArgs.java | 8 +- .../inputs/AccessGroupRequireAzureArgs.java | 8 +- ...essGroupRequireExternalEvaluationArgs.java | 40 + .../inputs/AccessGroupRequireGithubArgs.java | 66 + .../inputs/AccessGroupRequireGsuiteArgs.java | 46 + .../inputs/AccessGroupRequireOktaArgs.java | 46 + .../inputs/AccessGroupRequireSamlArgs.java | 60 + .../inputs/AccessPolicyExcludeArgs.java | 468 ++- .../AccessPolicyExcludeAuthContextArgs.java | 8 +- .../inputs/AccessPolicyExcludeAzureArgs.java | 8 +- ...ssPolicyExcludeExternalEvaluationArgs.java | 40 + .../inputs/AccessPolicyExcludeGithubArgs.java | 66 + .../inputs/AccessPolicyExcludeGsuiteArgs.java | 46 + .../inputs/AccessPolicyExcludeOktaArgs.java | 46 + .../inputs/AccessPolicyExcludeSamlArgs.java | 60 + .../inputs/AccessPolicyIncludeArgs.java | 468 ++- .../AccessPolicyIncludeAuthContextArgs.java | 8 +- .../inputs/AccessPolicyIncludeAzureArgs.java | 8 +- ...ssPolicyIncludeExternalEvaluationArgs.java | 40 + .../inputs/AccessPolicyIncludeGithubArgs.java | 66 + .../inputs/AccessPolicyIncludeGsuiteArgs.java | 46 + .../inputs/AccessPolicyIncludeOktaArgs.java | 46 + .../inputs/AccessPolicyIncludeSamlArgs.java | 60 + .../inputs/AccessPolicyRequireArgs.java | 468 ++- .../AccessPolicyRequireAuthContextArgs.java | 8 +- .../inputs/AccessPolicyRequireAzureArgs.java | 8 +- ...ssPolicyRequireExternalEvaluationArgs.java | 40 + .../inputs/AccessPolicyRequireGithubArgs.java | 66 + .../inputs/AccessPolicyRequireGsuiteArgs.java | 46 + .../inputs/AccessPolicyRequireOktaArgs.java | 46 + .../inputs/AccessPolicyRequireSamlArgs.java | 60 + .../cloudflare/inputs/AccessPolicyState.java | 16 +- .../cloudflare/inputs/BotManagementState.java | 37 + .../inputs/DevicePostureRuleInputArgs.java | 18 +- .../DevicePostureRuleInputLocationArgs.java | 20 +- .../inputs/DeviceSettingsPolicyState.java | 8 +- .../inputs/GetDevicePostureRulesArgs.java | 8 +- .../GetDevicePostureRulesPlainArgs.java | 6 +- .../inputs/NotificationPolicyState.java | 8 +- .../RulesetRuleActionParametersArgs.java | 38 + ...tRuleActionParametersCacheReserveArgs.java | 125 + .../inputs/TeamsAccountCertificateArgs.java | 85 + .../inputs/TeamsAccountProxyArgs.java | 8 +- .../cloudflare/inputs/TeamsAccountState.java | 62 +- .../cloudflare/inputs/WaitingRoomState.java | 10 +- ...rkerScriptHyperdriveConfigBindingArgs.java | 125 + .../cloudflare/inputs/WorkerScriptState.java | 22 + ...kersScriptHyperdriveConfigBindingArgs.java | 125 + .../cloudflare/inputs/WorkersScriptState.java | 22 + .../ZeroTrustAccessGroupExcludeArgs.java | 474 ++- ...rustAccessGroupExcludeAuthContextArgs.java | 8 +- .../ZeroTrustAccessGroupExcludeAzureArgs.java | 8 +- ...essGroupExcludeExternalEvaluationArgs.java | 40 + ...ZeroTrustAccessGroupExcludeGithubArgs.java | 66 + ...ZeroTrustAccessGroupExcludeGsuiteArgs.java | 46 + .../ZeroTrustAccessGroupExcludeOktaArgs.java | 46 + .../ZeroTrustAccessGroupExcludeSamlArgs.java | 60 + .../ZeroTrustAccessGroupIncludeArgs.java | 474 ++- ...rustAccessGroupIncludeAuthContextArgs.java | 8 +- .../ZeroTrustAccessGroupIncludeAzureArgs.java | 8 +- ...essGroupIncludeExternalEvaluationArgs.java | 40 + ...ZeroTrustAccessGroupIncludeGithubArgs.java | 66 + ...ZeroTrustAccessGroupIncludeGsuiteArgs.java | 46 + .../ZeroTrustAccessGroupIncludeOktaArgs.java | 46 + .../ZeroTrustAccessGroupIncludeSamlArgs.java | 60 + .../ZeroTrustAccessGroupRequireArgs.java | 474 ++- ...rustAccessGroupRequireAuthContextArgs.java | 8 +- .../ZeroTrustAccessGroupRequireAzureArgs.java | 8 +- ...essGroupRequireExternalEvaluationArgs.java | 40 + ...ZeroTrustAccessGroupRequireGithubArgs.java | 66 + ...ZeroTrustAccessGroupRequireGsuiteArgs.java | 46 + .../ZeroTrustAccessGroupRequireOktaArgs.java | 46 + .../ZeroTrustAccessGroupRequireSamlArgs.java | 60 + .../ZeroTrustAccessPolicyExcludeArgs.java | 474 ++- ...ustAccessPolicyExcludeAuthContextArgs.java | 8 +- ...ZeroTrustAccessPolicyExcludeAzureArgs.java | 8 +- ...ssPolicyExcludeExternalEvaluationArgs.java | 40 + ...eroTrustAccessPolicyExcludeGithubArgs.java | 66 + ...eroTrustAccessPolicyExcludeGsuiteArgs.java | 46 + .../ZeroTrustAccessPolicyExcludeOktaArgs.java | 46 + .../ZeroTrustAccessPolicyExcludeSamlArgs.java | 60 + .../ZeroTrustAccessPolicyIncludeArgs.java | 474 ++- ...ustAccessPolicyIncludeAuthContextArgs.java | 8 +- ...ZeroTrustAccessPolicyIncludeAzureArgs.java | 8 +- ...ssPolicyIncludeExternalEvaluationArgs.java | 40 + ...eroTrustAccessPolicyIncludeGithubArgs.java | 66 + ...eroTrustAccessPolicyIncludeGsuiteArgs.java | 46 + .../ZeroTrustAccessPolicyIncludeOktaArgs.java | 46 + .../ZeroTrustAccessPolicyIncludeSamlArgs.java | 60 + .../ZeroTrustAccessPolicyRequireArgs.java | 474 ++- ...ustAccessPolicyRequireAuthContextArgs.java | 8 +- ...ZeroTrustAccessPolicyRequireAzureArgs.java | 8 +- ...ssPolicyRequireExternalEvaluationArgs.java | 40 + ...eroTrustAccessPolicyRequireGithubArgs.java | 66 + ...eroTrustAccessPolicyRequireGsuiteArgs.java | 46 + .../ZeroTrustAccessPolicyRequireOktaArgs.java | 46 + .../ZeroTrustAccessPolicyRequireSamlArgs.java | 60 + .../inputs/ZeroTrustAccessPolicyState.java | 16 +- .../ZeroTrustDevicePostureRuleInputArgs.java | 36 +- ...ustDevicePostureRuleInputLocationArgs.java | 10 +- .../ZeroTrustDevicePostureRuleState.java | 8 +- .../inputs/ZeroTrustDeviceProfilesState.java | 8 +- .../ZeroTrustGatewayCertificateState.java | 375 ++ ...roTrustGatewaySettingsCertificateArgs.java | 85 + .../ZeroTrustGatewaySettingsProxyArgs.java | 8 +- .../inputs/ZeroTrustGatewaySettingsState.java | 62 +- .../ZeroTrustRiskScoreIntegrationState.java | 40 +- ...oneSettingsOverrideInitialSettingArgs.java | 17 + .../ZoneSettingsOverrideSettingsArgs.java | 17 + .../outputs/AccessGroupExclude.java | 156 +- .../AccessGroupExcludeAuthContext.java | 4 +- .../outputs/AccessGroupExcludeAzure.java | 4 +- .../AccessGroupExcludeExternalEvaluation.java | 16 + .../outputs/AccessGroupExcludeGithub.java | 24 + .../outputs/AccessGroupExcludeGsuite.java | 16 + .../outputs/AccessGroupExcludeOkta.java | 16 + .../outputs/AccessGroupExcludeSaml.java | 24 + .../outputs/AccessGroupInclude.java | 156 +- .../AccessGroupIncludeAuthContext.java | 4 +- .../outputs/AccessGroupIncludeAzure.java | 4 +- .../AccessGroupIncludeExternalEvaluation.java | 16 + .../outputs/AccessGroupIncludeGithub.java | 24 + .../outputs/AccessGroupIncludeGsuite.java | 16 + .../outputs/AccessGroupIncludeOkta.java | 16 + .../outputs/AccessGroupIncludeSaml.java | 24 + .../outputs/AccessGroupRequire.java | 156 +- .../AccessGroupRequireAuthContext.java | 4 +- .../outputs/AccessGroupRequireAzure.java | 4 +- .../AccessGroupRequireExternalEvaluation.java | 16 + .../outputs/AccessGroupRequireGithub.java | 24 + .../outputs/AccessGroupRequireGsuite.java | 16 + .../outputs/AccessGroupRequireOkta.java | 16 + .../outputs/AccessGroupRequireSaml.java | 24 + .../outputs/AccessPolicyExclude.java | 156 +- .../AccessPolicyExcludeAuthContext.java | 4 +- .../outputs/AccessPolicyExcludeAzure.java | 4 +- ...AccessPolicyExcludeExternalEvaluation.java | 16 + .../outputs/AccessPolicyExcludeGithub.java | 24 + .../outputs/AccessPolicyExcludeGsuite.java | 16 + .../outputs/AccessPolicyExcludeOkta.java | 16 + .../outputs/AccessPolicyExcludeSaml.java | 24 + .../outputs/AccessPolicyInclude.java | 156 +- .../AccessPolicyIncludeAuthContext.java | 4 +- .../outputs/AccessPolicyIncludeAzure.java | 4 +- ...AccessPolicyIncludeExternalEvaluation.java | 16 + .../outputs/AccessPolicyIncludeGithub.java | 24 + .../outputs/AccessPolicyIncludeGsuite.java | 16 + .../outputs/AccessPolicyIncludeOkta.java | 16 + .../outputs/AccessPolicyIncludeSaml.java | 24 + .../outputs/AccessPolicyRequire.java | 156 +- .../AccessPolicyRequireAuthContext.java | 4 +- .../outputs/AccessPolicyRequireAzure.java | 4 +- ...AccessPolicyRequireExternalEvaluation.java | 16 + .../outputs/AccessPolicyRequireGithub.java | 24 + .../outputs/AccessPolicyRequireGsuite.java | 16 + .../outputs/AccessPolicyRequireOkta.java | 16 + .../outputs/AccessPolicyRequireSaml.java | 24 + .../outputs/DevicePostureRuleInput.java | 8 +- .../DevicePostureRuleInputLocation.java | 8 +- .../outputs/GetDevicePostureRulesResult.java | 4 +- ...etRulesetsRulesetRuleActionParameters.java | 22 + ...lesetRuleActionParametersCacheReserve.java | 82 + .../outputs/RulesetRuleActionParameters.java | 22 + ...lesetRuleActionParametersCacheReserve.java | 82 + .../outputs/TeamsAccountCertificate.java | 58 + .../cloudflare/outputs/TeamsAccountProxy.java | 4 +- .../WorkerScriptHyperdriveConfigBinding.java | 81 + .../WorkersScriptHyperdriveConfigBinding.java | 81 + .../outputs/ZeroTrustAccessGroupExclude.java | 156 +- ...eroTrustAccessGroupExcludeAuthContext.java | 4 +- .../ZeroTrustAccessGroupExcludeAzure.java | 4 +- ...tAccessGroupExcludeExternalEvaluation.java | 16 + .../ZeroTrustAccessGroupExcludeGithub.java | 24 + .../ZeroTrustAccessGroupExcludeGsuite.java | 16 + .../ZeroTrustAccessGroupExcludeOkta.java | 16 + .../ZeroTrustAccessGroupExcludeSaml.java | 24 + .../outputs/ZeroTrustAccessGroupInclude.java | 156 +- ...eroTrustAccessGroupIncludeAuthContext.java | 4 +- .../ZeroTrustAccessGroupIncludeAzure.java | 4 +- ...tAccessGroupIncludeExternalEvaluation.java | 16 + .../ZeroTrustAccessGroupIncludeGithub.java | 24 + .../ZeroTrustAccessGroupIncludeGsuite.java | 16 + .../ZeroTrustAccessGroupIncludeOkta.java | 16 + .../ZeroTrustAccessGroupIncludeSaml.java | 24 + .../outputs/ZeroTrustAccessGroupRequire.java | 156 +- ...eroTrustAccessGroupRequireAuthContext.java | 4 +- .../ZeroTrustAccessGroupRequireAzure.java | 4 +- ...tAccessGroupRequireExternalEvaluation.java | 16 + .../ZeroTrustAccessGroupRequireGithub.java | 24 + .../ZeroTrustAccessGroupRequireGsuite.java | 16 + .../ZeroTrustAccessGroupRequireOkta.java | 16 + .../ZeroTrustAccessGroupRequireSaml.java | 24 + .../outputs/ZeroTrustAccessPolicyExclude.java | 156 +- ...roTrustAccessPolicyExcludeAuthContext.java | 4 +- .../ZeroTrustAccessPolicyExcludeAzure.java | 4 +- ...AccessPolicyExcludeExternalEvaluation.java | 16 + .../ZeroTrustAccessPolicyExcludeGithub.java | 24 + .../ZeroTrustAccessPolicyExcludeGsuite.java | 16 + .../ZeroTrustAccessPolicyExcludeOkta.java | 16 + .../ZeroTrustAccessPolicyExcludeSaml.java | 24 + .../outputs/ZeroTrustAccessPolicyInclude.java | 156 +- ...roTrustAccessPolicyIncludeAuthContext.java | 4 +- .../ZeroTrustAccessPolicyIncludeAzure.java | 4 +- ...AccessPolicyIncludeExternalEvaluation.java | 16 + .../ZeroTrustAccessPolicyIncludeGithub.java | 24 + .../ZeroTrustAccessPolicyIncludeGsuite.java | 16 + .../ZeroTrustAccessPolicyIncludeOkta.java | 16 + .../ZeroTrustAccessPolicyIncludeSaml.java | 24 + .../outputs/ZeroTrustAccessPolicyRequire.java | 156 +- ...roTrustAccessPolicyRequireAuthContext.java | 4 +- .../ZeroTrustAccessPolicyRequireAzure.java | 4 +- ...AccessPolicyRequireExternalEvaluation.java | 16 + .../ZeroTrustAccessPolicyRequireGithub.java | 24 + .../ZeroTrustAccessPolicyRequireGsuite.java | 16 + .../ZeroTrustAccessPolicyRequireOkta.java | 16 + .../ZeroTrustAccessPolicyRequireSaml.java | 24 + .../ZeroTrustDevicePostureRuleInput.java | 16 +- ...roTrustDevicePostureRuleInputLocation.java | 4 +- .../ZeroTrustGatewaySettingsCertificate.java | 58 + .../ZeroTrustGatewaySettingsProxy.java | 4 +- .../ZoneSettingsOverrideInitialSetting.java | 13 + .../outputs/ZoneSettingsOverrideSettings.java | 13 + sdk/nodejs/accessPolicy.ts | 12 +- sdk/nodejs/botManagement.ts | 14 + sdk/nodejs/deviceSettingsPolicy.ts | 6 +- sdk/nodejs/getDevicePostureRules.ts | 6 +- sdk/nodejs/index.ts | 8 + sdk/nodejs/notificationPolicy.ts | 6 +- sdk/nodejs/teamsAccount.ts | 27 +- sdk/nodejs/tsconfig.json | 1 + sdk/nodejs/types/input.ts | 1263 +++++- sdk/nodejs/types/output.ts | 1280 +++++- sdk/nodejs/waitingRoom.ts | 7 +- sdk/nodejs/workerScript.ts | 5 + sdk/nodejs/workersScript.ts | 5 + sdk/nodejs/zeroTrustAccessPolicy.ts | 12 +- sdk/nodejs/zeroTrustDevicePostureRule.ts | 6 +- sdk/nodejs/zeroTrustDeviceProfiles.ts | 6 +- sdk/nodejs/zeroTrustGatewayCertificate.ts | 180 + sdk/nodejs/zeroTrustGatewaySettings.ts | 27 +- sdk/nodejs/zeroTrustRiskScoreIntegration.ts | 30 +- sdk/python/pulumi_cloudflare/__init__.py | 9 + sdk/python/pulumi_cloudflare/_inputs.py | 2015 ++++++++- sdk/python/pulumi_cloudflare/access_policy.py | 28 +- .../pulumi_cloudflare/bot_management.py | 47 + .../device_settings_policy.py | 14 +- .../get_device_posture_rules.py | 6 +- .../pulumi_cloudflare/notification_policy.py | 14 +- sdk/python/pulumi_cloudflare/outputs.py | 2033 ++++++++- sdk/python/pulumi_cloudflare/teams_account.py | 72 +- sdk/python/pulumi_cloudflare/waiting_room.py | 20 +- sdk/python/pulumi_cloudflare/worker_script.py | 34 + .../pulumi_cloudflare/workers_script.py | 34 + .../zero_trust_access_policy.py | 28 +- .../zero_trust_device_posture_rule.py | 14 +- .../zero_trust_device_profiles.py | 14 +- .../zero_trust_gateway_certificate.py | 472 +++ .../zero_trust_gateway_settings.py | 72 +- .../zero_trust_risk_score_integration.py | 67 +- 670 files changed, 30041 insertions(+), 2591 deletions(-) create mode 100644 sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveArgs.cs create mode 100644 sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveGetArgs.cs create mode 100644 sdk/dotnet/Inputs/TeamsAccountCertificateArgs.cs create mode 100644 sdk/dotnet/Inputs/TeamsAccountCertificateGetArgs.cs create mode 100644 sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingArgs.cs create mode 100644 sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingGetArgs.cs create mode 100644 sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingArgs.cs create mode 100644 sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingGetArgs.cs create mode 100644 sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateArgs.cs create mode 100644 sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateGetArgs.cs create mode 100644 sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersCacheReserveResult.cs create mode 100644 sdk/dotnet/Outputs/RulesetRuleActionParametersCacheReserve.cs create mode 100644 sdk/dotnet/Outputs/TeamsAccountCertificate.cs create mode 100644 sdk/dotnet/Outputs/WorkerScriptHyperdriveConfigBinding.cs create mode 100644 sdk/dotnet/Outputs/WorkersScriptHyperdriveConfigBinding.cs create mode 100644 sdk/dotnet/Outputs/ZeroTrustGatewaySettingsCertificate.cs create mode 100644 sdk/dotnet/ZeroTrustGatewayCertificate.cs create mode 100644 sdk/go/cloudflare/zeroTrustGatewayCertificate.go create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificate.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificateArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersCacheReserveArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountCertificateArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptHyperdriveConfigBindingArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptHyperdriveConfigBindingArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewayCertificateState.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsCertificateArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParametersCacheReserve.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParametersCacheReserve.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountCertificate.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkerScriptHyperdriveConfigBinding.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkersScriptHyperdriveConfigBinding.java create mode 100644 sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsCertificate.java create mode 100644 sdk/nodejs/zeroTrustGatewayCertificate.ts create mode 100644 sdk/python/pulumi_cloudflare/zero_trust_gateway_certificate.py diff --git a/sdk/dotnet/AccessPolicy.cs b/sdk/dotnet/AccessPolicy.cs index eb53c066e..6526130f4 100644 --- a/sdk/dotnet/AccessPolicy.cs +++ b/sdk/dotnet/AccessPolicy.cs @@ -32,7 +32,7 @@ namespace Pulumi.Cloudflare public partial class AccessPolicy : global::Pulumi.CustomResource { /// - /// The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + /// The account identifier to target for the resource. Conflicts with `zone_id`. /// [Output("accountId")] public Output AccountId { get; private set; } = null!; @@ -110,7 +110,7 @@ public partial class AccessPolicy : global::Pulumi.CustomResource public Output SessionDuration { get; private set; } = null!; /// - /// The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + /// The zone identifier to target for the resource. Conflicts with `account_id`. /// [Output("zoneId")] public Output ZoneId { get; private set; } = null!; @@ -162,7 +162,7 @@ public static AccessPolicy Get(string name, Input id, AccessPolicyState? public sealed class AccessPolicyArgs : global::Pulumi.ResourceArgs { /// - /// The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + /// The account identifier to target for the resource. Conflicts with `zone_id`. /// [Input("accountId")] public Input? AccountId { get; set; } @@ -263,7 +263,7 @@ public InputList Requires public Input? SessionDuration { get; set; } /// - /// The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + /// The zone identifier to target for the resource. Conflicts with `account_id`. /// [Input("zoneId")] public Input? ZoneId { get; set; } @@ -277,7 +277,7 @@ public AccessPolicyArgs() public sealed class AccessPolicyState : global::Pulumi.ResourceArgs { /// - /// The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + /// The account identifier to target for the resource. Conflicts with `zone_id`. /// [Input("accountId")] public Input? AccountId { get; set; } @@ -378,7 +378,7 @@ public InputList Requires public Input? SessionDuration { get; set; } /// - /// The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + /// The zone identifier to target for the resource. Conflicts with `account_id`. /// [Input("zoneId")] public Input? ZoneId { get; set; } diff --git a/sdk/dotnet/BotManagement.cs b/sdk/dotnet/BotManagement.cs index 29b010fe8..16041e8f5 100644 --- a/sdk/dotnet/BotManagement.cs +++ b/sdk/dotnet/BotManagement.cs @@ -51,6 +51,12 @@ namespace Pulumi.Cloudflare [CloudflareResourceType("cloudflare:index/botManagement:BotManagement")] public partial class BotManagement : global::Pulumi.CustomResource { + /// + /// Enable rule to block AI Scrapers and Crawlers. + /// + [Output("aiBotsProtection")] + public Output AiBotsProtection { get; private set; } = null!; + /// /// Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). /// @@ -163,6 +169,12 @@ public static BotManagement Get(string name, Input id, BotManagementStat public sealed class BotManagementArgs : global::Pulumi.ResourceArgs { + /// + /// Enable rule to block AI Scrapers and Crawlers. + /// + [Input("aiBotsProtection")] + public Input? AiBotsProtection { get; set; } + /// /// Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). /// @@ -231,6 +243,12 @@ public BotManagementArgs() public sealed class BotManagementState : global::Pulumi.ResourceArgs { + /// + /// Enable rule to block AI Scrapers and Crawlers. + /// + [Input("aiBotsProtection")] + public Input? AiBotsProtection { get; set; } + /// /// Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). /// diff --git a/sdk/dotnet/DeviceSettingsPolicy.cs b/sdk/dotnet/DeviceSettingsPolicy.cs index 0e8304a7b..ca84f3b67 100644 --- a/sdk/dotnet/DeviceSettingsPolicy.cs +++ b/sdk/dotnet/DeviceSettingsPolicy.cs @@ -168,7 +168,7 @@ public partial class DeviceSettingsPolicy : global::Pulumi.CustomResource public Output SwitchLocked { get; private set; } = null!; /// - /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. /// [Output("tunnelProtocol")] public Output TunnelProtocol { get; private set; } = null!; @@ -328,7 +328,7 @@ public sealed class DeviceSettingsPolicyArgs : global::Pulumi.ResourceArgs public Input? SwitchLocked { get; set; } /// - /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. /// [Input("tunnelProtocol")] public Input? TunnelProtocol { get; set; } @@ -450,7 +450,7 @@ public sealed class DeviceSettingsPolicyState : global::Pulumi.ResourceArgs public Input? SwitchLocked { get; set; } /// - /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. /// [Input("tunnelProtocol")] public Input? TunnelProtocol { get; set; } diff --git a/sdk/dotnet/GetDevicePostureRules.cs b/sdk/dotnet/GetDevicePostureRules.cs index e2b9a04c5..5da3078f1 100644 --- a/sdk/dotnet/GetDevicePostureRules.cs +++ b/sdk/dotnet/GetDevicePostureRules.cs @@ -80,7 +80,7 @@ public sealed class GetDevicePostureRulesArgs : global::Pulumi.InvokeArgs public string? Name { get; set; } /// - /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. /// [Input("type")] public string? Type { get; set; } @@ -106,7 +106,7 @@ public sealed class GetDevicePostureRulesInvokeArgs : global::Pulumi.InvokeArgs public Input? Name { get; set; } /// - /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. /// [Input("type")] public Input? Type { get; set; } @@ -138,7 +138,7 @@ public sealed class GetDevicePostureRulesResult /// public readonly ImmutableArray Rules; /// - /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. /// public readonly string? Type; diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeArgs.cs index f4f5fa6b0..0437cf2d0 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextArgs.cs index 22b04f486..034e74260 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessGroupExcludeAuthContextArgs : global::Pulumi.ResourceA public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextGetArgs.cs index 9b4689137..b8c338082 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessGroupExcludeAuthContextGetArgs : global::Pulumi.Resour public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeAzureArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeAzureArgs.cs index 1f07ed5f1..15292c122 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeAzureGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeAzureGetArgs.cs index 834c6586f..b2f91e166 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationArgs.cs index 19453dba5..692502e13 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationGetArgs.cs index cbab00349..65a03df0f 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeGetArgs.cs index a558f01c0..12bcad53d 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeGithubArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeGithubArgs.cs index 67b3ac7a9..9b9f63c84 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeGithubGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeGithubGetArgs.cs index 23296d82e..aa408ba82 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteArgs.cs index cb4380e3f..e8db57654 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessGroupExcludeGsuiteArgs : global::Pulumi.ResourceArgs { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteGetArgs.cs index f6e088b36..989c70934 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessGroupExcludeGsuiteGetArgs : global::Pulumi.ResourceArg { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeOktaArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeOktaArgs.cs index 609f80ca6..8722cd8f4 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeOktaGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeOktaGetArgs.cs index 07460d181..6b86bb9e9 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeSamlArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeSamlArgs.cs index 49fad6e13..708ca23a5 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupExcludeSamlGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupExcludeSamlGetArgs.cs index ed5222719..c5a3f8e1c 100644 --- a/sdk/dotnet/Inputs/AccessGroupExcludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupExcludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupExcludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeArgs.cs index d32809942..b3b38b545 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextArgs.cs index 742f361ca..ec8247d7a 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessGroupIncludeAuthContextArgs : global::Pulumi.ResourceA public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextGetArgs.cs index b57015ccb..69b7ed6fe 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessGroupIncludeAuthContextGetArgs : global::Pulumi.Resour public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeAzureArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeAzureArgs.cs index 606e6d39b..d2fc4b8b2 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeAzureGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeAzureGetArgs.cs index d8572ec6d..1fa4dcbf9 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationArgs.cs index 7c25534db..6a621d932 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationGetArgs.cs index 5f0facfa2..d3d473890 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeGetArgs.cs index 1e8f7c036..2d525be2c 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeGithubArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeGithubArgs.cs index ea5902c62..666d9431d 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeGithubGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeGithubGetArgs.cs index f852480d6..8a528bf62 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteArgs.cs index 94944f06b..2607db47e 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessGroupIncludeGsuiteArgs : global::Pulumi.ResourceArgs { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteGetArgs.cs index 7c467519a..93e6da117 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessGroupIncludeGsuiteGetArgs : global::Pulumi.ResourceArg { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeOktaArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeOktaArgs.cs index 182812df7..5ea8b1fe0 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeOktaGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeOktaGetArgs.cs index 23505c4d7..b8ee49ba0 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeSamlArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeSamlArgs.cs index 81f6d4401..6913d1275 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupIncludeSamlGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupIncludeSamlGetArgs.cs index 73b7617a7..540311f5a 100644 --- a/sdk/dotnet/Inputs/AccessGroupIncludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupIncludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupIncludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireArgs.cs index 4e5155f8f..6efa1b422 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupRequireAuthContextArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireAuthContextArgs.cs index 65edaee70..d187b4106 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessGroupRequireAuthContextArgs : global::Pulumi.ResourceA public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessGroupRequireAuthContextGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireAuthContextGetArgs.cs index f59a82405..5955563f7 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessGroupRequireAuthContextGetArgs : global::Pulumi.Resour public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessGroupRequireAzureArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireAzureArgs.cs index 8b7ea53a5..a24a66634 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireAzureArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireAzureGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireAzureGetArgs.cs index fa2501a00..e19651418 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationArgs.cs index f040c2660..92f11cb37 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationGetArgs.cs index 3d03b34ee..c4baad5fb 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireGetArgs.cs index 5405fe17a..ff3426346 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupRequireGithubArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireGithubArgs.cs index 6cff5193b..eca234f69 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireGithubArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupRequireGithubGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireGithubGetArgs.cs index f333cb1a3..34c446763 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupRequireGsuiteArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireGsuiteArgs.cs index f73ac28e4..f25cc97c6 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessGroupRequireGsuiteArgs : global::Pulumi.ResourceArgs { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireGsuiteGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireGsuiteGetArgs.cs index c3869d2a5..6933d323d 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessGroupRequireGsuiteGetArgs : global::Pulumi.ResourceArg { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireOktaArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireOktaArgs.cs index a12295893..a2ca99792 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireOktaArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupRequireOktaGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireOktaGetArgs.cs index 2b708ba94..38ae94829 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessGroupRequireSamlArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireSamlArgs.cs index 2182050b7..7d3251342 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireSamlArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessGroupRequireSamlGetArgs.cs b/sdk/dotnet/Inputs/AccessGroupRequireSamlGetArgs.cs index 33b293c47..be1877ec4 100644 --- a/sdk/dotnet/Inputs/AccessGroupRequireSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessGroupRequireSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessGroupRequireSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeArgs.cs index a26f0d8d8..f631a8780 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextArgs.cs index 3cf632b27..7f051eb50 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessPolicyExcludeAuthContextArgs : global::Pulumi.Resource public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextGetArgs.cs index 823069a9f..472471095 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessPolicyExcludeAuthContextGetArgs : global::Pulumi.Resou public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeAzureArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeAzureArgs.cs index 75e67d8fe..d7a8941bb 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeAzureGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeAzureGetArgs.cs index ec562aa25..c3690ecca 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationArgs.cs index 085c08bfe..9cd1a914e 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationGetArgs.cs index de6489f21..5599330c4 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeGetArgs.cs index 8430c11e1..dfe94ddf1 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeGithubArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeGithubArgs.cs index 651297691..e47e08f10 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeGithubGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeGithubGetArgs.cs index 193216dbe..99cec8d51 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteArgs.cs index fd9c25ebb..81466f4db 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessPolicyExcludeGsuiteArgs : global::Pulumi.ResourceArgs { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteGetArgs.cs index f17b06a1d..cc1147d5f 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessPolicyExcludeGsuiteGetArgs : global::Pulumi.ResourceAr { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeOktaArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeOktaArgs.cs index aa0a0f10e..df0b7f89b 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeOktaGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeOktaGetArgs.cs index e70c41d09..0d85dd2b0 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeSamlArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeSamlArgs.cs index c7ae67bb1..d8eaab2cd 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyExcludeSamlGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyExcludeSamlGetArgs.cs index bb3edbaeb..f17945d81 100644 --- a/sdk/dotnet/Inputs/AccessPolicyExcludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyExcludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyExcludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeArgs.cs index 1bff31b89..ce22b7bb9 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextArgs.cs index 9fb385f73..d1aad2dc7 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessPolicyIncludeAuthContextArgs : global::Pulumi.Resource public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextGetArgs.cs index fcbeda342..fee132e52 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessPolicyIncludeAuthContextGetArgs : global::Pulumi.Resou public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeAzureArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeAzureArgs.cs index 2ba1a3ce3..dec26791a 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeAzureGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeAzureGetArgs.cs index 2a8714ecc..df27e3638 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationArgs.cs index 3b498efcf..39456a9a9 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationGetArgs.cs index 2a922e6e4..5dffeff39 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeGetArgs.cs index 1b30c9b71..508872f7a 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeGithubArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeGithubArgs.cs index 449e1b3e5..5558a097f 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeGithubGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeGithubGetArgs.cs index 5d45769d7..69f444cf1 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteArgs.cs index ff52a6629..025fc48a4 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessPolicyIncludeGsuiteArgs : global::Pulumi.ResourceArgs { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteGetArgs.cs index 58adaa7d4..10dd3d120 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessPolicyIncludeGsuiteGetArgs : global::Pulumi.ResourceAr { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeOktaArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeOktaArgs.cs index f368d52ab..8a0fdfb31 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeOktaGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeOktaGetArgs.cs index f3ec3b590..3a71225d6 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeSamlArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeSamlArgs.cs index 78a593fe7..e11a8cc3c 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyIncludeSamlGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyIncludeSamlGetArgs.cs index 2fc6e298d..cc8bfb96d 100644 --- a/sdk/dotnet/Inputs/AccessPolicyIncludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyIncludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyIncludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireArgs.cs index f392ef80e..170260cc2 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextArgs.cs index 817328a30..719e4180d 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessPolicyRequireAuthContextArgs : global::Pulumi.Resource public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextGetArgs.cs index 7239800fd..7a0a2af1d 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class AccessPolicyRequireAuthContextGetArgs : global::Pulumi.Resou public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireAzureArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireAzureArgs.cs index e91bbe6a3..50de1a0db 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireAzureArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireAzureGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireAzureGetArgs.cs index 9cfe900ae..e6477782b 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationArgs.cs index 2caf16ffc..3a6138477 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationGetArgs.cs index 44981e0bb..fe8ba5f90 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireGetArgs.cs index 3c9242d92..e9a4a7f81 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,20 +106,34 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// [Input("externalEvaluation")] public Input? ExternalEvaluation { get; set; } [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -100,6 +142,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -108,6 +154,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -116,6 +166,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -126,7 +180,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -148,6 +202,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -156,6 +214,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -164,6 +226,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -172,6 +238,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireGithubArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireGithubArgs.cs index 8a6c5e387..83e5b6689 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireGithubArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireGithubGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireGithubGetArgs.cs index f53aac1c6..ee29ff37e 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteArgs.cs index d9b778e11..29bc70dd1 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessPolicyRequireGsuiteArgs : global::Pulumi.ResourceArgs { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteGetArgs.cs index 0a67b7c31..a0465394c 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class AccessPolicyRequireGsuiteGetArgs : global::Pulumi.ResourceAr { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireOktaArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireOktaArgs.cs index 09baae41a..6a4f31377 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireOktaArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireOktaGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireOktaGetArgs.cs index 5beec5c6c..6b6e824d5 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireSamlArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireSamlArgs.cs index 1fa74bdef..9e5792aee 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireSamlArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/AccessPolicyRequireSamlGetArgs.cs b/sdk/dotnet/Inputs/AccessPolicyRequireSamlGetArgs.cs index dc50563f4..6b95c83c8 100644 --- a/sdk/dotnet/Inputs/AccessPolicyRequireSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/AccessPolicyRequireSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class AccessPolicyRequireSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/DevicePostureRuleInputArgs.cs b/sdk/dotnet/Inputs/DevicePostureRuleInputArgs.cs index 3475a971a..c963f9483 100644 --- a/sdk/dotnet/Inputs/DevicePostureRuleInputArgs.cs +++ b/sdk/dotnet/Inputs/DevicePostureRuleInputArgs.cs @@ -136,7 +136,7 @@ public InputList ExtendedKeyUsages private InputList? _locations; /// - /// List of locations to check for client certificate posture check. + /// List of operating system locations to check for a client certificate.. /// public InputList Locations { @@ -247,7 +247,7 @@ public InputList Locations public Input? Version { get; set; } /// - /// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + /// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. /// [Input("versionOperator")] public Input? VersionOperator { get; set; } diff --git a/sdk/dotnet/Inputs/DevicePostureRuleInputGetArgs.cs b/sdk/dotnet/Inputs/DevicePostureRuleInputGetArgs.cs index 74eddd9ee..5ee434b9e 100644 --- a/sdk/dotnet/Inputs/DevicePostureRuleInputGetArgs.cs +++ b/sdk/dotnet/Inputs/DevicePostureRuleInputGetArgs.cs @@ -136,7 +136,7 @@ public InputList ExtendedKeyUsages private InputList? _locations; /// - /// List of locations to check for client certificate posture check. + /// List of operating system locations to check for a client certificate.. /// public InputList Locations { @@ -247,7 +247,7 @@ public InputList Locations public Input? Version { get; set; } /// - /// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + /// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. /// [Input("versionOperator")] public Input? VersionOperator { get; set; } diff --git a/sdk/dotnet/Inputs/DevicePostureRuleInputLocationArgs.cs b/sdk/dotnet/Inputs/DevicePostureRuleInputLocationArgs.cs index ae516d331..9631a89bb 100644 --- a/sdk/dotnet/Inputs/DevicePostureRuleInputLocationArgs.cs +++ b/sdk/dotnet/Inputs/DevicePostureRuleInputLocationArgs.cs @@ -16,7 +16,7 @@ public sealed class DevicePostureRuleInputLocationArgs : global::Pulumi.Resource private InputList? _paths; /// - /// List of paths to check for client certificate. + /// List of paths to check for client certificate rule. /// public InputList Paths { @@ -28,7 +28,7 @@ public InputList Paths private InputList? _trustStores; /// - /// List of trust stores to check for client certificate. Available values: `system`, `user`. + /// List of trust stores to check for client certificate rule. Available values: `system`, `user`. /// public InputList TrustStores { diff --git a/sdk/dotnet/Inputs/DevicePostureRuleInputLocationGetArgs.cs b/sdk/dotnet/Inputs/DevicePostureRuleInputLocationGetArgs.cs index 80ff529a2..c1e5ae789 100644 --- a/sdk/dotnet/Inputs/DevicePostureRuleInputLocationGetArgs.cs +++ b/sdk/dotnet/Inputs/DevicePostureRuleInputLocationGetArgs.cs @@ -16,7 +16,7 @@ public sealed class DevicePostureRuleInputLocationGetArgs : global::Pulumi.Resou private InputList? _paths; /// - /// List of paths to check for client certificate. + /// List of paths to check for client certificate rule. /// public InputList Paths { @@ -28,7 +28,7 @@ public InputList Paths private InputList? _trustStores; /// - /// List of trust stores to check for client certificate. Available values: `system`, `user`. + /// List of trust stores to check for client certificate rule. Available values: `system`, `user`. /// public InputList TrustStores { diff --git a/sdk/dotnet/Inputs/RulesetRuleActionParametersArgs.cs b/sdk/dotnet/Inputs/RulesetRuleActionParametersArgs.cs index 9a0438a63..66fc3c122 100644 --- a/sdk/dotnet/Inputs/RulesetRuleActionParametersArgs.cs +++ b/sdk/dotnet/Inputs/RulesetRuleActionParametersArgs.cs @@ -78,6 +78,12 @@ public InputList Autominifies [Input("cacheKey")] public Input? CacheKey { get; set; } + /// + /// List of cache reserve parameters to apply to the request. + /// + [Input("cacheReserve")] + public Input? CacheReserve { get; set; } + /// /// Content of the custom error response. /// diff --git a/sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveArgs.cs b/sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveArgs.cs new file mode 100644 index 000000000..d23568a3c --- /dev/null +++ b/sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class RulesetRuleActionParametersCacheReserveArgs : global::Pulumi.ResourceArgs + { + /// + /// Determines whether Cloudflare will write the eligible resource to cache reserve. + /// + [Input("eligible", required: true)] + public Input Eligible { get; set; } = null!; + + /// + /// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + /// + [Input("minimumFileSize")] + public Input? MinimumFileSize { get; set; } + + public RulesetRuleActionParametersCacheReserveArgs() + { + } + public static new RulesetRuleActionParametersCacheReserveArgs Empty => new RulesetRuleActionParametersCacheReserveArgs(); + } +} diff --git a/sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveGetArgs.cs b/sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveGetArgs.cs new file mode 100644 index 000000000..3dfc13b64 --- /dev/null +++ b/sdk/dotnet/Inputs/RulesetRuleActionParametersCacheReserveGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class RulesetRuleActionParametersCacheReserveGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Determines whether Cloudflare will write the eligible resource to cache reserve. + /// + [Input("eligible", required: true)] + public Input Eligible { get; set; } = null!; + + /// + /// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + /// + [Input("minimumFileSize")] + public Input? MinimumFileSize { get; set; } + + public RulesetRuleActionParametersCacheReserveGetArgs() + { + } + public static new RulesetRuleActionParametersCacheReserveGetArgs Empty => new RulesetRuleActionParametersCacheReserveGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/RulesetRuleActionParametersGetArgs.cs b/sdk/dotnet/Inputs/RulesetRuleActionParametersGetArgs.cs index 7a91d02c0..c326e2171 100644 --- a/sdk/dotnet/Inputs/RulesetRuleActionParametersGetArgs.cs +++ b/sdk/dotnet/Inputs/RulesetRuleActionParametersGetArgs.cs @@ -78,6 +78,12 @@ public InputList Autominifi [Input("cacheKey")] public Input? CacheKey { get; set; } + /// + /// List of cache reserve parameters to apply to the request. + /// + [Input("cacheReserve")] + public Input? CacheReserve { get; set; } + /// /// Content of the custom error response. /// diff --git a/sdk/dotnet/Inputs/TeamsAccountCertificateArgs.cs b/sdk/dotnet/Inputs/TeamsAccountCertificateArgs.cs new file mode 100644 index 000000000..a4138fd2a --- /dev/null +++ b/sdk/dotnet/Inputs/TeamsAccountCertificateArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class TeamsAccountCertificateArgs : global::Pulumi.ResourceArgs + { + /// + /// ID of certificate for TLS interception. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public TeamsAccountCertificateArgs() + { + } + public static new TeamsAccountCertificateArgs Empty => new TeamsAccountCertificateArgs(); + } +} diff --git a/sdk/dotnet/Inputs/TeamsAccountCertificateGetArgs.cs b/sdk/dotnet/Inputs/TeamsAccountCertificateGetArgs.cs new file mode 100644 index 000000000..12e8e7904 --- /dev/null +++ b/sdk/dotnet/Inputs/TeamsAccountCertificateGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class TeamsAccountCertificateGetArgs : global::Pulumi.ResourceArgs + { + /// + /// ID of certificate for TLS interception. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public TeamsAccountCertificateGetArgs() + { + } + public static new TeamsAccountCertificateGetArgs Empty => new TeamsAccountCertificateGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/TeamsAccountProxyArgs.cs b/sdk/dotnet/Inputs/TeamsAccountProxyArgs.cs index 705f3f30e..ae97a9551 100644 --- a/sdk/dotnet/Inputs/TeamsAccountProxyArgs.cs +++ b/sdk/dotnet/Inputs/TeamsAccountProxyArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class TeamsAccountProxyArgs : global::Pulumi.ResourceArgs { /// - /// Sets the time limit in seconds that a user can use an override code to bypass WARP + /// Sets the time limit in seconds that a user can use an override code to bypass WARP. /// [Input("disableForTime", required: true)] public Input DisableForTime { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/TeamsAccountProxyGetArgs.cs b/sdk/dotnet/Inputs/TeamsAccountProxyGetArgs.cs index e99fc8fdf..782d8a66a 100644 --- a/sdk/dotnet/Inputs/TeamsAccountProxyGetArgs.cs +++ b/sdk/dotnet/Inputs/TeamsAccountProxyGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class TeamsAccountProxyGetArgs : global::Pulumi.ResourceArgs { /// - /// Sets the time limit in seconds that a user can use an override code to bypass WARP + /// Sets the time limit in seconds that a user can use an override code to bypass WARP. /// [Input("disableForTime", required: true)] public Input DisableForTime { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingArgs.cs b/sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingArgs.cs new file mode 100644 index 000000000..3bcdf8495 --- /dev/null +++ b/sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class WorkerScriptHyperdriveConfigBindingArgs : global::Pulumi.ResourceArgs + { + /// + /// The global variable for the binding in your Worker code. + /// + [Input("binding", required: true)] + public Input Binding { get; set; } = null!; + + /// + /// The ID of the Hyperdrive config to use. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public WorkerScriptHyperdriveConfigBindingArgs() + { + } + public static new WorkerScriptHyperdriveConfigBindingArgs Empty => new WorkerScriptHyperdriveConfigBindingArgs(); + } +} diff --git a/sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingGetArgs.cs b/sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingGetArgs.cs new file mode 100644 index 000000000..be9e3eabe --- /dev/null +++ b/sdk/dotnet/Inputs/WorkerScriptHyperdriveConfigBindingGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class WorkerScriptHyperdriveConfigBindingGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The global variable for the binding in your Worker code. + /// + [Input("binding", required: true)] + public Input Binding { get; set; } = null!; + + /// + /// The ID of the Hyperdrive config to use. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public WorkerScriptHyperdriveConfigBindingGetArgs() + { + } + public static new WorkerScriptHyperdriveConfigBindingGetArgs Empty => new WorkerScriptHyperdriveConfigBindingGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingArgs.cs b/sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingArgs.cs new file mode 100644 index 000000000..8de802966 --- /dev/null +++ b/sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class WorkersScriptHyperdriveConfigBindingArgs : global::Pulumi.ResourceArgs + { + /// + /// The global variable for the binding in your Worker code. + /// + [Input("binding", required: true)] + public Input Binding { get; set; } = null!; + + /// + /// The ID of the Hyperdrive config to use. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public WorkersScriptHyperdriveConfigBindingArgs() + { + } + public static new WorkersScriptHyperdriveConfigBindingArgs Empty => new WorkersScriptHyperdriveConfigBindingArgs(); + } +} diff --git a/sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingGetArgs.cs b/sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingGetArgs.cs new file mode 100644 index 000000000..013ceb90c --- /dev/null +++ b/sdk/dotnet/Inputs/WorkersScriptHyperdriveConfigBindingGetArgs.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class WorkersScriptHyperdriveConfigBindingGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The global variable for the binding in your Worker code. + /// + [Input("binding", required: true)] + public Input Binding { get; set; } = null!; + + /// + /// The ID of the Hyperdrive config to use. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public WorkersScriptHyperdriveConfigBindingGetArgs() + { + } + public static new WorkersScriptHyperdriveConfigBindingGetArgs Empty => new WorkersScriptHyperdriveConfigBindingGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeArgs.cs index 443d17bc1..cadf4edfa 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Exter [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.cs index f3d88bcf6..94b9b50d1 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessGroupExcludeAuthContextArgs : global::Pulumi. public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextGetArgs.cs index 3e8666cb0..9f73822a4 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessGroupExcludeAuthContextGetArgs : global::Pulu public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureArgs.cs index 8b6019bb3..62aa9045a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureGetArgs.cs index b1f6709fe..15e31934a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.cs index c317af8d2..8bd83591d 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationGetArgs.cs index a2fb1bbf4..fe566b205 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGetArgs.cs index 5b06a8798..e57f58849 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthConte set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Ex [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubArgs.cs index 8de315ffa..61f87070f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubGetArgs.cs index 34e739e00..6652cd9df 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.cs index 00fdfbf1c..db194a0f6 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessGroupExcludeGsuiteArgs : global::Pulumi.Resou { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteGetArgs.cs index 020f0b01d..672ae0d27 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessGroupExcludeGsuiteGetArgs : global::Pulumi.Re { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaArgs.cs index 3940c9f31..39605bcc2 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaGetArgs.cs index 90b7ae55b..ef5a622c4 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlArgs.cs index 9442e8978..e1c76e4fa 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlGetArgs.cs index 0ed4260a1..3434caa5a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupExcludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupExcludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeArgs.cs index 0dd76d1e7..6dfa9647a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Exter [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.cs index 0dcb3c0f0..57c0703d0 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessGroupIncludeAuthContextArgs : global::Pulumi. public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextGetArgs.cs index f51cb8708..8502fb853 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessGroupIncludeAuthContextGetArgs : global::Pulu public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureArgs.cs index 5f727f81f..c1f0f6a67 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureGetArgs.cs index f4e9455f9..5ece371a8 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.cs index 0bdb7de74..55d7f0d85 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationGetArgs.cs index b72efae8a..f82701b89 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGetArgs.cs index 7343861e5..be3169643 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthConte set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Ex [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubArgs.cs index ca692379d..e45af09a5 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubGetArgs.cs index dcd8020e3..c1d4f30d6 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.cs index e7ea15031..e06f658b2 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessGroupIncludeGsuiteArgs : global::Pulumi.Resou { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteGetArgs.cs index d28f9148d..8be93d883 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessGroupIncludeGsuiteGetArgs : global::Pulumi.Re { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaArgs.cs index 3696389da..7c22c74c1 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaGetArgs.cs index 189e934a4..7b824b87f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlArgs.cs index 1aeb21b11..9a10bae30 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlGetArgs.cs index 04603656e..2067c7ec3 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupIncludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupIncludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireArgs.cs index 7e00f0476..f50b626af 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContexts set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Exter [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextArgs.cs index a469908d7..192516a45 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessGroupRequireAuthContextArgs : global::Pulumi. public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextGetArgs.cs index e0dcce59c..d7df18ba4 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessGroupRequireAuthContextGetArgs : global::Pulu public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureArgs.cs index ccadf17cf..f32af9fc8 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureGetArgs.cs index ddfeb409c..573fa0924 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.cs index 235dda075..772d1b446 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationGetArgs.cs index e7cbb4eb5..a4478026e 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGetArgs.cs index 74d57cfa4..541a9cff6 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthConte set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Ex [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubArgs.cs index 71c53ad80..81175d323 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubGetArgs.cs index 8f5e62c27..ae6d541b2 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteArgs.cs index 838ae2855..cf07897db 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessGroupRequireGsuiteArgs : global::Pulumi.Resou { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteGetArgs.cs index 0b37cd79d..be97f0e3a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessGroupRequireGsuiteGetArgs : global::Pulumi.Re { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaArgs.cs index fecc7ef71..5d399e8a5 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaGetArgs.cs index 393e421a3..793950c04 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlArgs.cs index af184a769..16aa95a6c 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlGetArgs.cs index daa5bd6b8..399c02e3a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessGroupRequireSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessGroupRequireSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeArgs.cs index 676dcea1b..3ec27fdf6 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContext set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Exte [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.cs index 831aebea2..748ea1e44 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessPolicyExcludeAuthContextArgs : global::Pulumi public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextGetArgs.cs index 2ed4b2826..181c39565 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessPolicyExcludeAuthContextGetArgs : global::Pul public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureArgs.cs index 93d84ea0a..be58b6c12 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureGetArgs.cs index dc3591fac..39fa30f7f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.cs index 36708b144..4f1bd952f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationGetArgs.cs index 8254e55a1..f5a3adc08 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGetArgs.cs index 200ae322e..6df837661 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthCont set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList E [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubArgs.cs index e69c1e972..0f005df00 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubGetArgs.cs index 9bea1b52f..ddca16074 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.cs index 6e32638b4..2058efdb9 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessPolicyExcludeGsuiteArgs : global::Pulumi.Reso { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteGetArgs.cs index 94de4f74e..ab632ce3f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessPolicyExcludeGsuiteGetArgs : global::Pulumi.R { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaArgs.cs index 6fb463979..3dfd40b95 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaGetArgs.cs index 42c17826d..9a19215b3 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlArgs.cs index f2b78a6bd..d160f10a9 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlGetArgs.cs index 759f88a21..2d1306d45 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyExcludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyExcludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeArgs.cs index 2f1f4fc74..7b3dd599f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContext set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Exte [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.cs index 87a2a10ed..2eb33fdd4 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessPolicyIncludeAuthContextArgs : global::Pulumi public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextGetArgs.cs index da7614fa4..5688a1247 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessPolicyIncludeAuthContextGetArgs : global::Pul public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureArgs.cs index 1bacfc230..82aad41a7 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureGetArgs.cs index 58b3f8b53..13f64d986 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.cs index 2b2bdcc74..68b36ecdf 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationGetArgs.cs index 4ca02636b..0166f1620 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGetArgs.cs index 96ce6c5da..417176937 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthCont set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList E [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubArgs.cs index eaae25778..7e7158ac8 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubGetArgs.cs index f4b8c8caf..563f5fe94 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.cs index d71706797..92d2b538f 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessPolicyIncludeGsuiteArgs : global::Pulumi.Reso { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteGetArgs.cs index 1975d5ffc..638684e03 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessPolicyIncludeGsuiteGetArgs : global::Pulumi.R { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaArgs.cs index 540e3512a..5b2eafdd6 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaGetArgs.cs index 1dda95128..5f43f2ef8 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlArgs.cs index e9cd134cf..b52de696d 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlGetArgs.cs index 2edc496c6..1af7c4e01 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyIncludeSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyIncludeSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireArgs.cs index ed6a0437a..5727d20fd 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthContext set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList Exte [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.cs index a131c5025..c531ecd8a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessPolicyRequireAuthContextArgs : global::Pulumi public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextGetArgs.cs index 30fc779be..b787a4959 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAuthContextGetArgs.cs @@ -25,7 +25,7 @@ public sealed class ZeroTrustAccessPolicyRequireAuthContextGetArgs : global::Pul public Input Id { get; set; } = null!; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId", required: true)] public Input IdentityProviderId { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureArgs.cs index ae7e493f5..20fc7c4d5 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireAzureArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureGetArgs.cs index b441322d7..1d6274fd1 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireAzureGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireAzureGetArgs : global::Pulumi.ResourceArgs { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.cs index 98df988de..3c6068793 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireExternalEvaluationArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationGetArgs.cs index c1cf2c106..bdd039034 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireExternalEvaluationGetArgs.cs @@ -12,9 +12,15 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireExternalEvaluationGetArgs : global::Pulumi.ResourceArgs { + /// + /// The API endpoint containing your business logic. + /// [Input("evaluateUrl")] public Input? EvaluateUrl { get; set; } + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// [Input("keysUrl")] public Input? KeysUrl { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGetArgs.cs index ffca54cdd..605753505 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGetArgs.cs @@ -12,6 +12,9 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireGetArgs : global::Pulumi.ResourceArgs { + /// + /// Matches any valid Access service token. + /// [Input("anyValidServiceToken")] public Input? AnyValidServiceToken { get; set; } @@ -23,20 +26,33 @@ public InputList AuthCont set => _authContexts = value; } + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// [Input("authMethod")] public Input? AuthMethod { get; set; } [Input("azures")] private InputList? _azures; + + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public InputList Azures { get => _azures ?? (_azures = new InputList()); set => _azures = value; } + /// + /// Matches any valid client certificate. + /// [Input("certificate")] public Input? Certificate { get; set; } + /// + /// Matches a valid client certificate common name. + /// [Input("commonName")] public Input? CommonName { get; set; } @@ -54,6 +70,10 @@ public InputList CommonNames [Input("devicePostures")] private InputList? _devicePostures; + + /// + /// The ID of a device posture integration. + /// public InputList DevicePostures { get => _devicePostures ?? (_devicePostures = new InputList()); @@ -62,6 +82,10 @@ public InputList DevicePostures [Input("emailDomains")] private InputList? _emailDomains; + + /// + /// The email domain to match. + /// public InputList EmailDomains { get => _emailDomains ?? (_emailDomains = new InputList()); @@ -70,6 +94,10 @@ public InputList EmailDomains [Input("emailLists")] private InputList? _emailLists; + + /// + /// The ID of a previously created email list. + /// public InputList EmailLists { get => _emailLists ?? (_emailLists = new InputList()); @@ -78,17 +106,28 @@ public InputList EmailLists [Input("emails")] private InputList? _emails; + + /// + /// The email of the user. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// Matches everyone. + /// [Input("everyone")] public Input? Everyone { get; set; } [Input("externalEvaluations")] private InputList? _externalEvaluations; + + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public InputList ExternalEvaluations { get => _externalEvaluations ?? (_externalEvaluations = new InputList()); @@ -97,6 +136,10 @@ public InputList E [Input("geos")] private InputList? _geos; + + /// + /// Matches a specific country. + /// public InputList Geos { get => _geos ?? (_geos = new InputList()); @@ -105,6 +148,10 @@ public InputList Geos [Input("githubs")] private InputList? _githubs; + + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public InputList Githubs { get => _githubs ?? (_githubs = new InputList()); @@ -113,6 +160,10 @@ public InputList Githubs [Input("groups")] private InputList? _groups; + + /// + /// The ID of a previously created Access group. + /// public InputList Groups { get => _groups ?? (_groups = new InputList()); @@ -121,6 +172,10 @@ public InputList Groups [Input("gsuites")] private InputList? _gsuites; + + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public InputList Gsuites { get => _gsuites ?? (_gsuites = new InputList()); @@ -131,7 +186,7 @@ public InputList Gsuites private InputList? _ipLists; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public InputList IpLists { @@ -153,6 +208,10 @@ public InputList Ips [Input("loginMethods")] private InputList? _loginMethods; + + /// + /// The ID of a configured identity provider. + /// public InputList LoginMethods { get => _loginMethods ?? (_loginMethods = new InputList()); @@ -161,6 +220,10 @@ public InputList LoginMethods [Input("oktas")] private InputList? _oktas; + + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public InputList Oktas { get => _oktas ?? (_oktas = new InputList()); @@ -169,6 +232,10 @@ public InputList Oktas [Input("samls")] private InputList? _samls; + + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public InputList Samls { get => _samls ?? (_samls = new InputList()); @@ -177,6 +244,10 @@ public InputList Samls [Input("serviceTokens")] private InputList? _serviceTokens; + + /// + /// The ID of an Access service token. + /// public InputList ServiceTokens { get => _serviceTokens ?? (_serviceTokens = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubArgs.cs index dfa39bce3..9ba2b170d 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireGithubArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubGetArgs.cs index 1400b5658..04ba2578b 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGithubGetArgs.cs @@ -12,14 +12,24 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireGithubGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Github identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } + /// + /// The name of the organization. + /// [Input("name")] public Input? Name { get; set; } [Input("teams")] private InputList? _teams; + + /// + /// The teams that should be matched. + /// public InputList Teams { get => _teams ?? (_teams = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.cs index 9aa4db2a7..fe546f8f5 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessPolicyRequireGsuiteArgs : global::Pulumi.Reso { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteGetArgs.cs index 1a4a681f2..b57b0c05e 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireGsuiteGetArgs.cs @@ -14,12 +14,19 @@ public sealed class ZeroTrustAccessPolicyRequireGsuiteGetArgs : global::Pulumi.R { [Input("emails")] private InputList? _emails; + + /// + /// The email of the Google Workspace group. + /// public InputList Emails { get => _emails ?? (_emails = new InputList()); set => _emails = value; } + /// + /// The ID of your Google Workspace identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaArgs.cs index 77f596cbd..95e6fc29c 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireOktaArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaGetArgs.cs index ccc66b7cb..96faf7ef3 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireOktaGetArgs.cs @@ -12,11 +12,18 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireOktaGetArgs : global::Pulumi.ResourceArgs { + /// + /// The ID of your Okta identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } [Input("names")] private InputList? _names; + + /// + /// The name of the Okta Group. + /// public InputList Names { get => _names ?? (_names = new InputList()); diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlArgs.cs index fdee59665..bd90fc21e 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireSamlArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlGetArgs.cs index cf789cbc8..0e91073c1 100644 --- a/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustAccessPolicyRequireSamlGetArgs.cs @@ -12,12 +12,21 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustAccessPolicyRequireSamlGetArgs : global::Pulumi.ResourceArgs { + /// + /// The name of the SAML attribute. + /// [Input("attributeName")] public Input? AttributeName { get; set; } + /// + /// The SAML attribute value to look for. + /// [Input("attributeValue")] public Input? AttributeValue { get; set; } + /// + /// The ID of your SAML identity provider. + /// [Input("identityProviderId")] public Input? IdentityProviderId { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputArgs.cs b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputArgs.cs index bc7c140ad..e07f0c25a 100644 --- a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputArgs.cs @@ -73,7 +73,7 @@ public InputList CheckDisks public Input? Domain { get; set; } /// - /// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + /// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. /// [Input("eidLastSeen")] public Input? EidLastSeen { get; set; } @@ -94,7 +94,7 @@ public InputList CheckDisks private InputList? _extendedKeyUsages; /// - /// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + /// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. /// public InputList ExtendedKeyUsages { @@ -136,7 +136,7 @@ public InputList ExtendedKeyUsages private InputList? _locations; /// - /// List of locations to check for client certificate. + /// List of operating system locations to check for a client certificate.. /// public InputList Locations { @@ -247,7 +247,7 @@ public InputList Locations public Input? Version { get; set; } /// - /// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + /// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. /// [Input("versionOperator")] public Input? VersionOperator { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputGetArgs.cs index 56d0260f8..4204f53c2 100644 --- a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputGetArgs.cs @@ -73,7 +73,7 @@ public InputList CheckDisks public Input? Domain { get; set; } /// - /// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + /// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. /// [Input("eidLastSeen")] public Input? EidLastSeen { get; set; } @@ -94,7 +94,7 @@ public InputList CheckDisks private InputList? _extendedKeyUsages; /// - /// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + /// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. /// public InputList ExtendedKeyUsages { @@ -136,7 +136,7 @@ public InputList ExtendedKeyUsages private InputList? _locations; /// - /// List of locations to check for client certificate. + /// List of operating system locations to check for a client certificate.. /// public InputList Locations { @@ -247,7 +247,7 @@ public InputList Location public Input? Version { get; set; } /// - /// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + /// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. /// [Input("versionOperator")] public Input? VersionOperator { get; set; } diff --git a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationArgs.cs b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationArgs.cs index e5b91928c..365ae38dc 100644 --- a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationArgs.cs @@ -28,7 +28,7 @@ public InputList Paths private InputList? _trustStores; /// - /// List of trust stores to check for client certificate rule. Available values: `system`, `user` + /// List of trust stores to check for client certificate rule. Available values: `system`, `user`. /// public InputList TrustStores { diff --git a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationGetArgs.cs index 50f0e0196..eb0579909 100644 --- a/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustDevicePostureRuleInputLocationGetArgs.cs @@ -28,7 +28,7 @@ public InputList Paths private InputList? _trustStores; /// - /// List of trust stores to check for client certificate rule. Available values: `system`, `user` + /// List of trust stores to check for client certificate rule. Available values: `system`, `user`. /// public InputList TrustStores { diff --git a/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateArgs.cs b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateArgs.cs new file mode 100644 index 000000000..b122333f7 --- /dev/null +++ b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class ZeroTrustGatewaySettingsCertificateArgs : global::Pulumi.ResourceArgs + { + /// + /// ID of certificate for TLS interception. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public ZeroTrustGatewaySettingsCertificateArgs() + { + } + public static new ZeroTrustGatewaySettingsCertificateArgs Empty => new ZeroTrustGatewaySettingsCertificateArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateGetArgs.cs new file mode 100644 index 000000000..9afa4e4a4 --- /dev/null +++ b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsCertificateGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Inputs +{ + + public sealed class ZeroTrustGatewaySettingsCertificateGetArgs : global::Pulumi.ResourceArgs + { + /// + /// ID of certificate for TLS interception. + /// + [Input("id", required: true)] + public Input Id { get; set; } = null!; + + public ZeroTrustGatewaySettingsCertificateGetArgs() + { + } + public static new ZeroTrustGatewaySettingsCertificateGetArgs Empty => new ZeroTrustGatewaySettingsCertificateGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyArgs.cs b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyArgs.cs index 5ee0abcfb..35bedf913 100644 --- a/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustGatewaySettingsProxyArgs : global::Pulumi.ResourceArgs { /// - /// Sets the time limit in seconds that a user can use an override code to bypass WARP + /// Sets the time limit in seconds that a user can use an override code to bypass WARP. /// [Input("disableForTime", required: true)] public Input DisableForTime { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyGetArgs.cs b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyGetArgs.cs index 6b354f9cb..0cee50766 100644 --- a/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyGetArgs.cs +++ b/sdk/dotnet/Inputs/ZeroTrustGatewaySettingsProxyGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Cloudflare.Inputs public sealed class ZeroTrustGatewaySettingsProxyGetArgs : global::Pulumi.ResourceArgs { /// - /// Sets the time limit in seconds that a user can use an override code to bypass WARP + /// Sets the time limit in seconds that a user can use an override code to bypass WARP. /// [Input("disableForTime", required: true)] public Input DisableForTime { get; set; } = null!; diff --git a/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingArgs.cs b/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingArgs.cs index a60334a49..2d885e95a 100644 --- a/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingArgs.cs +++ b/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingArgs.cs @@ -137,6 +137,9 @@ public InputList Ciphers [Input("pseudoIpv4")] public Input? PseudoIpv4 { get; set; } + [Input("replaceInsecureJs")] + public Input? ReplaceInsecureJs { get; set; } + [Input("responseBuffering")] public Input? ResponseBuffering { get; set; } diff --git a/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingGetArgs.cs b/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingGetArgs.cs index a880808c8..5f354fa20 100644 --- a/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingGetArgs.cs +++ b/sdk/dotnet/Inputs/ZoneSettingsOverrideInitialSettingGetArgs.cs @@ -137,6 +137,9 @@ public InputList Ciphers [Input("pseudoIpv4")] public Input? PseudoIpv4 { get; set; } + [Input("replaceInsecureJs")] + public Input? ReplaceInsecureJs { get; set; } + [Input("responseBuffering")] public Input? ResponseBuffering { get; set; } diff --git a/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsArgs.cs b/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsArgs.cs index 622475e3a..8b6c8f66a 100644 --- a/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsArgs.cs +++ b/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsArgs.cs @@ -137,6 +137,9 @@ public InputList Ciphers [Input("pseudoIpv4")] public Input? PseudoIpv4 { get; set; } + [Input("replaceInsecureJs")] + public Input? ReplaceInsecureJs { get; set; } + [Input("responseBuffering")] public Input? ResponseBuffering { get; set; } diff --git a/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsGetArgs.cs b/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsGetArgs.cs index 76179260c..a7c44bfbc 100644 --- a/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsGetArgs.cs +++ b/sdk/dotnet/Inputs/ZoneSettingsOverrideSettingsGetArgs.cs @@ -137,6 +137,9 @@ public InputList Ciphers [Input("pseudoIpv4")] public Input? PseudoIpv4 { get; set; } + [Input("replaceInsecureJs")] + public Input? ReplaceInsecureJs { get; set; } + [Input("responseBuffering")] public Input? ResponseBuffering { get; set; } diff --git a/sdk/dotnet/NotificationPolicy.cs b/sdk/dotnet/NotificationPolicy.cs index b3e04a64b..4a207d1d7 100644 --- a/sdk/dotnet/NotificationPolicy.cs +++ b/sdk/dotnet/NotificationPolicy.cs @@ -30,7 +30,7 @@ public partial class NotificationPolicy : global::Pulumi.CustomResource public Output AccountId { get; private set; } = null!; /// - /// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + /// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. /// [Output("alertType")] public Output AlertType { get; private set; } = null!; @@ -142,7 +142,7 @@ public sealed class NotificationPolicyArgs : global::Pulumi.ResourceArgs public Input AccountId { get; set; } = null!; /// - /// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + /// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. /// [Input("alertType", required: true)] public Input AlertType { get; set; } = null!; @@ -222,7 +222,7 @@ public sealed class NotificationPolicyState : global::Pulumi.ResourceArgs public Input? AccountId { get; set; } /// - /// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + /// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. /// [Input("alertType")] public Input? AlertType { get; set; } diff --git a/sdk/dotnet/Outputs/AccessGroupExclude.cs b/sdk/dotnet/Outputs/AccessGroupExclude.cs index 3e1cf2483..0db598f67 100644 --- a/sdk/dotnet/Outputs/AccessGroupExclude.cs +++ b/sdk/dotnet/Outputs/AccessGroupExclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupExclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly Outputs.AccessGroupExcludeExternalEvaluation? ExternalEvaluation; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeAuthContext.cs b/sdk/dotnet/Outputs/AccessGroupExcludeAuthContext.cs index 51f11d7e1..0c41e7156 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeAuthContext.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class AccessGroupExcludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeAzure.cs b/sdk/dotnet/Outputs/AccessGroupExcludeAzure.cs index f75fb9548..7872d62eb 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeAzure.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class AccessGroupExcludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeExternalEvaluation.cs b/sdk/dotnet/Outputs/AccessGroupExcludeExternalEvaluation.cs index 848f351a2..17a9b8bc8 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupExcludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeGithub.cs b/sdk/dotnet/Outputs/AccessGroupExcludeGithub.cs index 681bd64ed..fda29113e 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeGithub.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupExcludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeGsuite.cs b/sdk/dotnet/Outputs/AccessGroupExcludeGsuite.cs index ef8da43c3..dfc99b98e 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeGsuite.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupExcludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeOkta.cs b/sdk/dotnet/Outputs/AccessGroupExcludeOkta.cs index 96d78818e..8a52da5af 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeOkta.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupExcludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupExcludeSaml.cs b/sdk/dotnet/Outputs/AccessGroupExcludeSaml.cs index 355dcc1d4..ff905fbd9 100644 --- a/sdk/dotnet/Outputs/AccessGroupExcludeSaml.cs +++ b/sdk/dotnet/Outputs/AccessGroupExcludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupExcludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupInclude.cs b/sdk/dotnet/Outputs/AccessGroupInclude.cs index aa55ac229..000e9ad43 100644 --- a/sdk/dotnet/Outputs/AccessGroupInclude.cs +++ b/sdk/dotnet/Outputs/AccessGroupInclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupInclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly Outputs.AccessGroupIncludeExternalEvaluation? ExternalEvaluation; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeAuthContext.cs b/sdk/dotnet/Outputs/AccessGroupIncludeAuthContext.cs index eda1cf480..5ba2e8632 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeAuthContext.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class AccessGroupIncludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeAzure.cs b/sdk/dotnet/Outputs/AccessGroupIncludeAzure.cs index cc78442ae..4a74129dd 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeAzure.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class AccessGroupIncludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeExternalEvaluation.cs b/sdk/dotnet/Outputs/AccessGroupIncludeExternalEvaluation.cs index dce655b78..35b589960 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupIncludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeGithub.cs b/sdk/dotnet/Outputs/AccessGroupIncludeGithub.cs index 1aa47c671..86ce3645f 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeGithub.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupIncludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeGsuite.cs b/sdk/dotnet/Outputs/AccessGroupIncludeGsuite.cs index 39317b54a..4bb66d8f6 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeGsuite.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupIncludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeOkta.cs b/sdk/dotnet/Outputs/AccessGroupIncludeOkta.cs index da22058c7..c6f5244c2 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeOkta.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupIncludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupIncludeSaml.cs b/sdk/dotnet/Outputs/AccessGroupIncludeSaml.cs index 38667deeb..b61abd9cc 100644 --- a/sdk/dotnet/Outputs/AccessGroupIncludeSaml.cs +++ b/sdk/dotnet/Outputs/AccessGroupIncludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupIncludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupRequire.cs b/sdk/dotnet/Outputs/AccessGroupRequire.cs index d0edcee45..110dbc8cb 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequire.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequire.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupRequire { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly Outputs.AccessGroupRequireExternalEvaluation? ExternalEvaluation; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupRequireAuthContext.cs b/sdk/dotnet/Outputs/AccessGroupRequireAuthContext.cs index 7ca5ef2ad..c0b65881f 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireAuthContext.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireAuthContext.cs @@ -22,7 +22,7 @@ public sealed class AccessGroupRequireAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/AccessGroupRequireAzure.cs b/sdk/dotnet/Outputs/AccessGroupRequireAzure.cs index 99a44d685..7f520ada3 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireAzure.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class AccessGroupRequireAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/AccessGroupRequireExternalEvaluation.cs b/sdk/dotnet/Outputs/AccessGroupRequireExternalEvaluation.cs index 347f408f4..bd3fe2e93 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupRequireExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupRequireGithub.cs b/sdk/dotnet/Outputs/AccessGroupRequireGithub.cs index 2fd3e2e03..747d8a217 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireGithub.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupRequireGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupRequireGsuite.cs b/sdk/dotnet/Outputs/AccessGroupRequireGsuite.cs index e595af299..25f6d9573 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireGsuite.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupRequireGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupRequireOkta.cs b/sdk/dotnet/Outputs/AccessGroupRequireOkta.cs index b58cdcad8..d00783da2 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireOkta.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupRequireOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessGroupRequireSaml.cs b/sdk/dotnet/Outputs/AccessGroupRequireSaml.cs index 05f4cf0a1..b6fed9788 100644 --- a/sdk/dotnet/Outputs/AccessGroupRequireSaml.cs +++ b/sdk/dotnet/Outputs/AccessGroupRequireSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessGroupRequireSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyExclude.cs b/sdk/dotnet/Outputs/AccessPolicyExclude.cs index 5b637f5f1..8093e5cdb 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExclude.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyExclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly Outputs.AccessPolicyExcludeExternalEvaluation? ExternalEvaluation; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeAuthContext.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeAuthContext.cs index cb3f52ead..98c0bca0c 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeAuthContext.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class AccessPolicyExcludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeAzure.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeAzure.cs index d1af25290..73b9f1adc 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeAzure.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class AccessPolicyExcludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeExternalEvaluation.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeExternalEvaluation.cs index 8349271ef..ee5c946d9 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyExcludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeGithub.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeGithub.cs index 217c9209a..7a3d4a7d1 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeGithub.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyExcludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeGsuite.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeGsuite.cs index 6f0087c6b..deeab863a 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeGsuite.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyExcludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeOkta.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeOkta.cs index da0d8022e..f63bb82b2 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeOkta.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyExcludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyExcludeSaml.cs b/sdk/dotnet/Outputs/AccessPolicyExcludeSaml.cs index 968f825df..d55ab43df 100644 --- a/sdk/dotnet/Outputs/AccessPolicyExcludeSaml.cs +++ b/sdk/dotnet/Outputs/AccessPolicyExcludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyExcludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyInclude.cs b/sdk/dotnet/Outputs/AccessPolicyInclude.cs index 9bfa86a27..42349f48b 100644 --- a/sdk/dotnet/Outputs/AccessPolicyInclude.cs +++ b/sdk/dotnet/Outputs/AccessPolicyInclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyInclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly Outputs.AccessPolicyIncludeExternalEvaluation? ExternalEvaluation; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeAuthContext.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeAuthContext.cs index 99f101b35..29d7886cd 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeAuthContext.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class AccessPolicyIncludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeAzure.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeAzure.cs index 08af7f9b7..b9b115b72 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeAzure.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class AccessPolicyIncludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeExternalEvaluation.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeExternalEvaluation.cs index bc9965c6f..a067e9f21 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyIncludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeGithub.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeGithub.cs index 8767c57ea..b319f8e55 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeGithub.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyIncludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeGsuite.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeGsuite.cs index b35ad8f38..9b55cb21c 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeGsuite.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyIncludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeOkta.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeOkta.cs index 0d8aeff9d..29b553350 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeOkta.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyIncludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyIncludeSaml.cs b/sdk/dotnet/Outputs/AccessPolicyIncludeSaml.cs index c8a12f09c..924056404 100644 --- a/sdk/dotnet/Outputs/AccessPolicyIncludeSaml.cs +++ b/sdk/dotnet/Outputs/AccessPolicyIncludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyIncludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyRequire.cs b/sdk/dotnet/Outputs/AccessPolicyRequire.cs index 40ba4272c..560be66b5 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequire.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequire.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyRequire { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly Outputs.AccessPolicyRequireExternalEvaluation? ExternalEvaluation; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireAuthContext.cs b/sdk/dotnet/Outputs/AccessPolicyRequireAuthContext.cs index 54134b59c..1d4c26c6d 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireAuthContext.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireAuthContext.cs @@ -22,7 +22,7 @@ public sealed class AccessPolicyRequireAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireAzure.cs b/sdk/dotnet/Outputs/AccessPolicyRequireAzure.cs index 251ddd186..78c59bf39 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireAzure.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class AccessPolicyRequireAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireExternalEvaluation.cs b/sdk/dotnet/Outputs/AccessPolicyRequireExternalEvaluation.cs index 3293220aa..008aae7b5 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyRequireExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireGithub.cs b/sdk/dotnet/Outputs/AccessPolicyRequireGithub.cs index b812c001e..b8dc9cec9 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireGithub.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyRequireGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireGsuite.cs b/sdk/dotnet/Outputs/AccessPolicyRequireGsuite.cs index ad69d298c..f91a9b42f 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireGsuite.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyRequireGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireOkta.cs b/sdk/dotnet/Outputs/AccessPolicyRequireOkta.cs index 3be4a9a42..ec34a1388 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireOkta.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyRequireOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/AccessPolicyRequireSaml.cs b/sdk/dotnet/Outputs/AccessPolicyRequireSaml.cs index 534d38f23..dd3d61d77 100644 --- a/sdk/dotnet/Outputs/AccessPolicyRequireSaml.cs +++ b/sdk/dotnet/Outputs/AccessPolicyRequireSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class AccessPolicyRequireSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/DevicePostureRuleInput.cs b/sdk/dotnet/Outputs/DevicePostureRuleInput.cs index 9b260465d..66e4df5f1 100644 --- a/sdk/dotnet/Outputs/DevicePostureRuleInput.cs +++ b/sdk/dotnet/Outputs/DevicePostureRuleInput.cs @@ -86,7 +86,7 @@ public sealed class DevicePostureRuleInput /// public readonly string? LastSeen; /// - /// List of locations to check for client certificate posture check. + /// List of operating system locations to check for a client certificate.. /// public readonly ImmutableArray Locations; /// @@ -158,7 +158,7 @@ public sealed class DevicePostureRuleInput /// public readonly string? Version; /// - /// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + /// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. /// public readonly string? VersionOperator; diff --git a/sdk/dotnet/Outputs/DevicePostureRuleInputLocation.cs b/sdk/dotnet/Outputs/DevicePostureRuleInputLocation.cs index ca3475fe7..4ab588f94 100644 --- a/sdk/dotnet/Outputs/DevicePostureRuleInputLocation.cs +++ b/sdk/dotnet/Outputs/DevicePostureRuleInputLocation.cs @@ -14,11 +14,11 @@ namespace Pulumi.Cloudflare.Outputs public sealed class DevicePostureRuleInputLocation { /// - /// List of paths to check for client certificate. + /// List of paths to check for client certificate rule. /// public readonly ImmutableArray Paths; /// - /// List of trust stores to check for client certificate. Available values: `system`, `user`. + /// List of trust stores to check for client certificate rule. Available values: `system`, `user`. /// public readonly ImmutableArray TrustStores; diff --git a/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersCacheReserveResult.cs b/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersCacheReserveResult.cs new file mode 100644 index 000000000..37d959435 --- /dev/null +++ b/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersCacheReserveResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Outputs +{ + + [OutputType] + public sealed class GetRulesetsRulesetRuleActionParametersCacheReserveResult + { + /// + /// Determines whether Cloudflare will write the eligible resource to cache reserve. + /// + public readonly bool Eligible; + /// + /// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + /// + public readonly int? MinimumFileSize; + + [OutputConstructor] + private GetRulesetsRulesetRuleActionParametersCacheReserveResult( + bool eligible, + + int? minimumFileSize) + { + Eligible = eligible; + MinimumFileSize = minimumFileSize; + } + } +} diff --git a/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersResult.cs b/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersResult.cs index 84f898b79..31746f497 100644 --- a/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersResult.cs +++ b/sdk/dotnet/Outputs/GetRulesetsRulesetRuleActionParametersResult.cs @@ -42,6 +42,10 @@ public sealed class GetRulesetsRulesetRuleActionParametersResult /// public readonly Outputs.GetRulesetsRulesetRuleActionParametersCacheKeyResult? CacheKey; /// + /// List of cache reserve parameters to apply to the request. + /// + public readonly Outputs.GetRulesetsRulesetRuleActionParametersCacheReserveResult? CacheReserve; + /// /// Content of the custom error response /// public readonly string? Content; @@ -227,6 +231,8 @@ private GetRulesetsRulesetRuleActionParametersResult( Outputs.GetRulesetsRulesetRuleActionParametersCacheKeyResult? cacheKey, + Outputs.GetRulesetsRulesetRuleActionParametersCacheReserveResult? cacheReserve, + string? content, string? contentType, @@ -320,6 +326,7 @@ private GetRulesetsRulesetRuleActionParametersResult( BrowserTtl = browserTtl; Cache = cache; CacheKey = cacheKey; + CacheReserve = cacheReserve; Content = content; ContentType = contentType; CookieFields = cookieFields; diff --git a/sdk/dotnet/Outputs/RulesetRuleActionParameters.cs b/sdk/dotnet/Outputs/RulesetRuleActionParameters.cs index 22c6a56c7..d4fac4791 100644 --- a/sdk/dotnet/Outputs/RulesetRuleActionParameters.cs +++ b/sdk/dotnet/Outputs/RulesetRuleActionParameters.cs @@ -46,6 +46,10 @@ public sealed class RulesetRuleActionParameters /// public readonly Outputs.RulesetRuleActionParametersCacheKey? CacheKey; /// + /// List of cache reserve parameters to apply to the request. + /// + public readonly Outputs.RulesetRuleActionParametersCacheReserve? CacheReserve; + /// /// Content of the custom error response. /// public readonly string? Content; @@ -241,6 +245,8 @@ private RulesetRuleActionParameters( Outputs.RulesetRuleActionParametersCacheKey? cacheKey, + Outputs.RulesetRuleActionParametersCacheReserve? cacheReserve, + string? content, string? contentType, @@ -339,6 +345,7 @@ private RulesetRuleActionParameters( BrowserTtl = browserTtl; Cache = cache; CacheKey = cacheKey; + CacheReserve = cacheReserve; Content = content; ContentType = contentType; CookieFields = cookieFields; diff --git a/sdk/dotnet/Outputs/RulesetRuleActionParametersCacheReserve.cs b/sdk/dotnet/Outputs/RulesetRuleActionParametersCacheReserve.cs new file mode 100644 index 000000000..2f80bdb1f --- /dev/null +++ b/sdk/dotnet/Outputs/RulesetRuleActionParametersCacheReserve.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Outputs +{ + + [OutputType] + public sealed class RulesetRuleActionParametersCacheReserve + { + /// + /// Determines whether Cloudflare will write the eligible resource to cache reserve. + /// + public readonly bool Eligible; + /// + /// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + /// + public readonly int? MinimumFileSize; + + [OutputConstructor] + private RulesetRuleActionParametersCacheReserve( + bool eligible, + + int? minimumFileSize) + { + Eligible = eligible; + MinimumFileSize = minimumFileSize; + } + } +} diff --git a/sdk/dotnet/Outputs/TeamsAccountCertificate.cs b/sdk/dotnet/Outputs/TeamsAccountCertificate.cs new file mode 100644 index 000000000..697ab6caf --- /dev/null +++ b/sdk/dotnet/Outputs/TeamsAccountCertificate.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Outputs +{ + + [OutputType] + public sealed class TeamsAccountCertificate + { + /// + /// ID of certificate for TLS interception. + /// + public readonly string Id; + + [OutputConstructor] + private TeamsAccountCertificate(string id) + { + Id = id; + } + } +} diff --git a/sdk/dotnet/Outputs/TeamsAccountProxy.cs b/sdk/dotnet/Outputs/TeamsAccountProxy.cs index 09ae12d9b..f2d109e8f 100644 --- a/sdk/dotnet/Outputs/TeamsAccountProxy.cs +++ b/sdk/dotnet/Outputs/TeamsAccountProxy.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class TeamsAccountProxy { /// - /// Sets the time limit in seconds that a user can use an override code to bypass WARP + /// Sets the time limit in seconds that a user can use an override code to bypass WARP. /// public readonly int DisableForTime; /// diff --git a/sdk/dotnet/Outputs/WorkerScriptHyperdriveConfigBinding.cs b/sdk/dotnet/Outputs/WorkerScriptHyperdriveConfigBinding.cs new file mode 100644 index 000000000..62c40580c --- /dev/null +++ b/sdk/dotnet/Outputs/WorkerScriptHyperdriveConfigBinding.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Outputs +{ + + [OutputType] + public sealed class WorkerScriptHyperdriveConfigBinding + { + /// + /// The global variable for the binding in your Worker code. + /// + public readonly string Binding; + /// + /// The ID of the Hyperdrive config to use. + /// + public readonly string Id; + + [OutputConstructor] + private WorkerScriptHyperdriveConfigBinding( + string binding, + + string id) + { + Binding = binding; + Id = id; + } + } +} diff --git a/sdk/dotnet/Outputs/WorkersScriptHyperdriveConfigBinding.cs b/sdk/dotnet/Outputs/WorkersScriptHyperdriveConfigBinding.cs new file mode 100644 index 000000000..8d31bd3bf --- /dev/null +++ b/sdk/dotnet/Outputs/WorkersScriptHyperdriveConfigBinding.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Outputs +{ + + [OutputType] + public sealed class WorkersScriptHyperdriveConfigBinding + { + /// + /// The global variable for the binding in your Worker code. + /// + public readonly string Binding; + /// + /// The ID of the Hyperdrive config to use. + /// + public readonly string Id; + + [OutputConstructor] + private WorkersScriptHyperdriveConfigBinding( + string binding, + + string id) + { + Binding = binding; + Id = id; + } + } +} diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExclude.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExclude.cs index f849bdcc8..6dcf0e572 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExclude.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupExclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly ImmutableArray ExternalEvaluations; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAuthContext.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAuthContext.cs index 84fb1a108..a8fb46871 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAuthContext.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class ZeroTrustAccessGroupExcludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAzure.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAzure.cs index 0c6b5df4b..b13efaa53 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAzure.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustAccessGroupExcludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.cs index 7216b6f96..baf4742b2 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupExcludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGithub.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGithub.cs index f1b660139..127f2184d 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGithub.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupExcludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGsuite.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGsuite.cs index f018a9fd8..6b5975dd3 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGsuite.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupExcludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeOkta.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeOkta.cs index 15e2db578..baebe0583 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeOkta.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupExcludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeSaml.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeSaml.cs index e0d7e7f9f..0f71b5979 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeSaml.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupExcludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupExcludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupInclude.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupInclude.cs index a0a83cc8d..3c27b3d99 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupInclude.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupInclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupInclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly ImmutableArray ExternalEvaluations; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAuthContext.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAuthContext.cs index fde165f95..7851de11c 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAuthContext.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class ZeroTrustAccessGroupIncludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAzure.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAzure.cs index b95998bde..eaa7788e0 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAzure.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustAccessGroupIncludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.cs index a19d86f4f..1767f7e3b 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupIncludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGithub.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGithub.cs index 048686ed7..b4d836453 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGithub.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupIncludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGsuite.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGsuite.cs index fb07ecf71..35e38665c 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGsuite.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupIncludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeOkta.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeOkta.cs index 724dbde75..5abe08f9a 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeOkta.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupIncludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeSaml.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeSaml.cs index 8accec677..c402b4a81 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeSaml.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupIncludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupIncludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequire.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequire.cs index e50a723c0..2afda9518 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequire.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequire.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupRequire { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly ImmutableArray ExternalEvaluations; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAuthContext.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAuthContext.cs index 5b59dead3..952c673d0 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAuthContext.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAuthContext.cs @@ -22,7 +22,7 @@ public sealed class ZeroTrustAccessGroupRequireAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAzure.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAzure.cs index fda48e447..976651b3e 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAzure.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustAccessGroupRequireAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireExternalEvaluation.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireExternalEvaluation.cs index ba2bb51f0..087c439fb 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupRequireExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGithub.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGithub.cs index 82ccf2400..d540b2526 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGithub.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupRequireGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGsuite.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGsuite.cs index 162f3cb86..f07227d1e 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGsuite.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupRequireGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireOkta.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireOkta.cs index 18b54e336..af9cf0ce7 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireOkta.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupRequireOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireSaml.cs b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireSaml.cs index 8706c385c..fe29ed99d 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireSaml.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessGroupRequireSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessGroupRequireSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExclude.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExclude.cs index 7aa8efb6d..da8692c4f 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExclude.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyExclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly ImmutableArray ExternalEvaluations; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAuthContext.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAuthContext.cs index 3c325affd..5cda16671 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAuthContext.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class ZeroTrustAccessPolicyExcludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAzure.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAzure.cs index ea029449e..6b384e49f 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAzure.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustAccessPolicyExcludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.cs index 8d2d1b2ec..b5a792f25 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyExcludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGithub.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGithub.cs index 7af741658..2f27c9012 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGithub.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyExcludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGsuite.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGsuite.cs index 59e23638f..8dbac2d4f 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGsuite.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyExcludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeOkta.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeOkta.cs index 54d3dbacf..29261e172 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeOkta.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyExcludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeSaml.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeSaml.cs index 31af8b978..30b462813 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeSaml.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyExcludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyExcludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyInclude.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyInclude.cs index 58ace1cac..4205e0c13 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyInclude.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyInclude.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyInclude { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly ImmutableArray ExternalEvaluations; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAuthContext.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAuthContext.cs index 335516516..c4a3c60f0 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAuthContext.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAuthContext.cs @@ -22,7 +22,7 @@ public sealed class ZeroTrustAccessPolicyIncludeAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAzure.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAzure.cs index 3133dc951..464fc1184 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAzure.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustAccessPolicyIncludeAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.cs index c71a15a2d..030510717 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyIncludeExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGithub.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGithub.cs index c87db9229..94f94b52c 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGithub.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyIncludeGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGsuite.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGsuite.cs index 10c4569d9..794cb0c5f 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGsuite.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyIncludeGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeOkta.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeOkta.cs index 5a2f0310d..c12717d53 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeOkta.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyIncludeOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeSaml.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeSaml.cs index 99d4dc365..25f084c9f 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeSaml.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyIncludeSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyIncludeSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequire.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequire.cs index 1a4a30214..fad1f4035 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequire.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequire.cs @@ -13,37 +13,94 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyRequire { + /// + /// Matches any valid Access service token. + /// public readonly bool? AnyValidServiceToken; public readonly ImmutableArray AuthContexts; + /// + /// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + /// public readonly string? AuthMethod; + /// + /// Matches an Azure group. Requires an Azure identity provider. + /// public readonly ImmutableArray Azures; + /// + /// Matches any valid client certificate. + /// public readonly bool? Certificate; + /// + /// Matches a valid client certificate common name. + /// public readonly string? CommonName; /// /// Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. /// public readonly ImmutableArray CommonNames; + /// + /// The ID of a device posture integration. + /// public readonly ImmutableArray DevicePostures; + /// + /// The email domain to match. + /// public readonly ImmutableArray EmailDomains; + /// + /// The ID of a previously created email list. + /// public readonly ImmutableArray EmailLists; + /// + /// The email of the user. + /// public readonly ImmutableArray Emails; + /// + /// Matches everyone. + /// public readonly bool? Everyone; + /// + /// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + /// public readonly ImmutableArray ExternalEvaluations; + /// + /// Matches a specific country. + /// public readonly ImmutableArray Geos; + /// + /// Matches a Github organization. Requires a Github identity provider. + /// public readonly ImmutableArray Githubs; + /// + /// The ID of a previously created Access group. + /// public readonly ImmutableArray Groups; + /// + /// Matches a group in Google Workspace. Requires a Google Workspace identity provider. + /// public readonly ImmutableArray Gsuites; /// - /// The ID of an existing IP list to reference. + /// The ID of a previously created IP list. /// public readonly ImmutableArray IpLists; /// /// An IPv4 or IPv6 CIDR block. /// public readonly ImmutableArray Ips; + /// + /// The ID of a configured identity provider. + /// public readonly ImmutableArray LoginMethods; + /// + /// Matches an Okta group. Requires an Okta identity provider. + /// public readonly ImmutableArray Oktas; + /// + /// Matches a SAML group. Requires a SAML identity provider. + /// public readonly ImmutableArray Samls; + /// + /// The ID of an Access service token. + /// public readonly ImmutableArray ServiceTokens; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAuthContext.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAuthContext.cs index 4872112e3..c1ca6c5be 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAuthContext.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAuthContext.cs @@ -22,7 +22,7 @@ public sealed class ZeroTrustAccessPolicyRequireAuthContext /// public readonly string Id; /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string IdentityProviderId; diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAzure.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAzure.cs index c2ed74701..993a7598c 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAzure.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireAzure.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustAccessPolicyRequireAzure { /// - /// The ID of the Azure Identity provider. + /// The ID of the Azure identity provider. /// public readonly string? IdentityProviderId; /// diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.cs index ba02def48..af78e827c 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyRequireExternalEvaluation { + /// + /// The API endpoint containing your business logic. + /// public readonly string? EvaluateUrl; + /// + /// The API endpoint containing the key that Access uses to verify that the response came from your API. + /// public readonly string? KeysUrl; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGithub.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGithub.cs index 29af5a92a..afb3159d2 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGithub.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGithub.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyRequireGithub { + /// + /// The ID of your Github identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the organization. + /// public readonly string? Name; + /// + /// The teams that should be matched. + /// public readonly ImmutableArray Teams; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGsuite.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGsuite.cs index 6fd847b35..6566a6fc6 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGsuite.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireGsuite.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyRequireGsuite { + /// + /// The email of the Google Workspace group. + /// public readonly ImmutableArray Emails; + /// + /// The ID of your Google Workspace identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireOkta.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireOkta.cs index 84df34d9d..c98066050 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireOkta.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireOkta.cs @@ -13,7 +13,13 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyRequireOkta { + /// + /// The ID of your Okta identity provider. + /// public readonly string? IdentityProviderId; + /// + /// The name of the Okta Group. + /// public readonly ImmutableArray Names; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireSaml.cs b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireSaml.cs index 25fce9e35..60eb4d087 100644 --- a/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireSaml.cs +++ b/sdk/dotnet/Outputs/ZeroTrustAccessPolicyRequireSaml.cs @@ -13,8 +13,17 @@ namespace Pulumi.Cloudflare.Outputs [OutputType] public sealed class ZeroTrustAccessPolicyRequireSaml { + /// + /// The name of the SAML attribute. + /// public readonly string? AttributeName; + /// + /// The SAML attribute value to look for. + /// public readonly string? AttributeValue; + /// + /// The ID of your SAML identity provider. + /// public readonly string? IdentityProviderId; [OutputConstructor] diff --git a/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInput.cs b/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInput.cs index 0a5239051..8dab93c74 100644 --- a/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInput.cs +++ b/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInput.cs @@ -50,7 +50,7 @@ public sealed class ZeroTrustDevicePostureRuleInput /// public readonly string? Domain; /// - /// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + /// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. /// public readonly string? EidLastSeen; /// @@ -62,7 +62,7 @@ public sealed class ZeroTrustDevicePostureRuleInput /// public readonly bool? Exists; /// - /// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + /// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. /// public readonly ImmutableArray ExtendedKeyUsages; /// @@ -86,7 +86,7 @@ public sealed class ZeroTrustDevicePostureRuleInput /// public readonly string? LastSeen; /// - /// List of locations to check for client certificate. + /// List of operating system locations to check for a client certificate.. /// public readonly ImmutableArray Locations; /// @@ -158,7 +158,7 @@ public sealed class ZeroTrustDevicePostureRuleInput /// public readonly string? Version; /// - /// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + /// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. /// public readonly string? VersionOperator; diff --git a/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInputLocation.cs b/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInputLocation.cs index 99ef3df4b..214422b45 100644 --- a/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInputLocation.cs +++ b/sdk/dotnet/Outputs/ZeroTrustDevicePostureRuleInputLocation.cs @@ -18,7 +18,7 @@ public sealed class ZeroTrustDevicePostureRuleInputLocation /// public readonly ImmutableArray Paths; /// - /// List of trust stores to check for client certificate rule. Available values: `system`, `user` + /// List of trust stores to check for client certificate rule. Available values: `system`, `user`. /// public readonly ImmutableArray TrustStores; diff --git a/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsCertificate.cs b/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsCertificate.cs new file mode 100644 index 000000000..d788c299d --- /dev/null +++ b/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsCertificate.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare.Outputs +{ + + [OutputType] + public sealed class ZeroTrustGatewaySettingsCertificate + { + /// + /// ID of certificate for TLS interception. + /// + public readonly string Id; + + [OutputConstructor] + private ZeroTrustGatewaySettingsCertificate(string id) + { + Id = id; + } + } +} diff --git a/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsProxy.cs b/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsProxy.cs index 9e612cff5..f34283177 100644 --- a/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsProxy.cs +++ b/sdk/dotnet/Outputs/ZeroTrustGatewaySettingsProxy.cs @@ -14,7 +14,7 @@ namespace Pulumi.Cloudflare.Outputs public sealed class ZeroTrustGatewaySettingsProxy { /// - /// Sets the time limit in seconds that a user can use an override code to bypass WARP + /// Sets the time limit in seconds that a user can use an override code to bypass WARP. /// public readonly int DisableForTime; /// diff --git a/sdk/dotnet/Outputs/ZoneSettingsOverrideInitialSetting.cs b/sdk/dotnet/Outputs/ZoneSettingsOverrideInitialSetting.cs index 794cdf28b..4fcb0cdc7 100644 --- a/sdk/dotnet/Outputs/ZoneSettingsOverrideInitialSetting.cs +++ b/sdk/dotnet/Outputs/ZoneSettingsOverrideInitialSetting.cs @@ -53,6 +53,7 @@ public sealed class ZoneSettingsOverrideInitialSetting public readonly string? PrivacyPass; public readonly string? ProxyReadTimeout; public readonly string? PseudoIpv4; + public readonly string? ReplaceInsecureJs; public readonly string? ResponseBuffering; public readonly string? RocketLoader; public readonly Outputs.ZoneSettingsOverrideInitialSettingSecurityHeader? SecurityHeader; @@ -153,6 +154,8 @@ private ZoneSettingsOverrideInitialSetting( string? pseudoIpv4, + string? replaceInsecureJs, + string? responseBuffering, string? rocketLoader, @@ -227,6 +230,7 @@ private ZoneSettingsOverrideInitialSetting( PrivacyPass = privacyPass; ProxyReadTimeout = proxyReadTimeout; PseudoIpv4 = pseudoIpv4; + ReplaceInsecureJs = replaceInsecureJs; ResponseBuffering = responseBuffering; RocketLoader = rocketLoader; SecurityHeader = securityHeader; diff --git a/sdk/dotnet/Outputs/ZoneSettingsOverrideSettings.cs b/sdk/dotnet/Outputs/ZoneSettingsOverrideSettings.cs index 32aa7ce71..ec1a2b58d 100644 --- a/sdk/dotnet/Outputs/ZoneSettingsOverrideSettings.cs +++ b/sdk/dotnet/Outputs/ZoneSettingsOverrideSettings.cs @@ -53,6 +53,7 @@ public sealed class ZoneSettingsOverrideSettings public readonly string? PrivacyPass; public readonly string? ProxyReadTimeout; public readonly string? PseudoIpv4; + public readonly string? ReplaceInsecureJs; public readonly string? ResponseBuffering; public readonly string? RocketLoader; public readonly Outputs.ZoneSettingsOverrideSettingsSecurityHeader? SecurityHeader; @@ -153,6 +154,8 @@ private ZoneSettingsOverrideSettings( string? pseudoIpv4, + string? replaceInsecureJs, + string? responseBuffering, string? rocketLoader, @@ -227,6 +230,7 @@ private ZoneSettingsOverrideSettings( PrivacyPass = privacyPass; ProxyReadTimeout = proxyReadTimeout; PseudoIpv4 = pseudoIpv4; + ReplaceInsecureJs = replaceInsecureJs; ResponseBuffering = responseBuffering; RocketLoader = rocketLoader; SecurityHeader = securityHeader; diff --git a/sdk/dotnet/TeamsAccount.cs b/sdk/dotnet/TeamsAccount.cs index bb9f9e018..ed4a525f6 100644 --- a/sdk/dotnet/TeamsAccount.cs +++ b/sdk/dotnet/TeamsAccount.cs @@ -61,6 +61,7 @@ namespace Pulumi.Cloudflare /// Udp = true, /// RootCa = true, /// VirtualIp = false, + /// DisableForTime = 3600, /// }, /// UrlBrowserIsolationEnabled = true, /// Logging = new Cloudflare.Inputs.TeamsAccountLoggingArgs @@ -134,7 +135,13 @@ public partial class TeamsAccount : global::Pulumi.CustomResource public Output BodyScanning { get; private set; } = null!; /// - /// Configuration for custom certificates / BYO-PKI. + /// Configuration for TLS interception certificate. This will be required starting Feb 2025. + /// + [Output("certificate")] + public Output Certificate { get; private set; } = null!; + + /// + /// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. /// [Output("customCertificate")] public Output CustomCertificate { get; private set; } = null!; @@ -273,7 +280,13 @@ public sealed class TeamsAccountArgs : global::Pulumi.ResourceArgs public Input? BodyScanning { get; set; } /// - /// Configuration for custom certificates / BYO-PKI. + /// Configuration for TLS interception certificate. This will be required starting Feb 2025. + /// + [Input("certificate")] + public Input? Certificate { get; set; } + + /// + /// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. /// [Input("customCertificate")] public Input? CustomCertificate { get; set; } @@ -374,7 +387,13 @@ public sealed class TeamsAccountState : global::Pulumi.ResourceArgs public Input? BodyScanning { get; set; } /// - /// Configuration for custom certificates / BYO-PKI. + /// Configuration for TLS interception certificate. This will be required starting Feb 2025. + /// + [Input("certificate")] + public Input? Certificate { get; set; } + + /// + /// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. /// [Input("customCertificate")] public Input? CustomCertificate { get; set; } diff --git a/sdk/dotnet/WaitingRoom.cs b/sdk/dotnet/WaitingRoom.cs index 1309dd168..8a62407e2 100644 --- a/sdk/dotnet/WaitingRoom.cs +++ b/sdk/dotnet/WaitingRoom.cs @@ -45,6 +45,10 @@ namespace Pulumi.Cloudflare /// }, /// }, /// QueueingStatusCode = 200, + /// EnabledOriginCommands = new[] + /// { + /// "revoke", + /// }, /// }); /// /// }); @@ -98,7 +102,7 @@ public partial class WaitingRoom : global::Pulumi.CustomResource public Output DisableSessionRenewal { get; private set; } = null!; /// - /// The list of enabled origin commands for the waiting room. Available values: `revoke` + /// The list of enabled origin commands for the waiting room. Available values: `revoke`. /// [Output("enabledOriginCommands")] public Output> EnabledOriginCommands { get; private set; } = null!; @@ -267,7 +271,7 @@ public InputList AdditionalRoutes private InputList? _enabledOriginCommands; /// - /// The list of enabled origin commands for the waiting room. Available values: `revoke` + /// The list of enabled origin commands for the waiting room. Available values: `revoke`. /// public InputList EnabledOriginCommands { @@ -401,7 +405,7 @@ public InputList AdditionalRoutes private InputList? _enabledOriginCommands; /// - /// The list of enabled origin commands for the waiting room. Available values: `revoke` + /// The list of enabled origin commands for the waiting room. Available values: `revoke`. /// public InputList EnabledOriginCommands { diff --git a/sdk/dotnet/WorkerScript.cs b/sdk/dotnet/WorkerScript.cs index 24f7f8aaf..9fc35f600 100644 --- a/sdk/dotnet/WorkerScript.cs +++ b/sdk/dotnet/WorkerScript.cs @@ -148,6 +148,9 @@ public partial class WorkerScript : global::Pulumi.CustomResource [Output("dispatchNamespace")] public Output DispatchNamespace { get; private set; } = null!; + [Output("hyperdriveConfigBindings")] + public Output> HyperdriveConfigBindings { get; private set; } = null!; + [Output("kvNamespaceBindings")] public Output> KvNamespaceBindings { get; private set; } = null!; @@ -291,6 +294,14 @@ public InputList D1DatabaseBindings [Input("dispatchNamespace")] public Input? DispatchNamespace { get; set; } + [Input("hyperdriveConfigBindings")] + private InputList? _hyperdriveConfigBindings; + public InputList HyperdriveConfigBindings + { + get => _hyperdriveConfigBindings ?? (_hyperdriveConfigBindings = new InputList()); + set => _hyperdriveConfigBindings = value; + } + [Input("kvNamespaceBindings")] private InputList? _kvNamespaceBindings; public InputList KvNamespaceBindings @@ -441,6 +452,14 @@ public InputList D1DatabaseBindings [Input("dispatchNamespace")] public Input? DispatchNamespace { get; set; } + [Input("hyperdriveConfigBindings")] + private InputList? _hyperdriveConfigBindings; + public InputList HyperdriveConfigBindings + { + get => _hyperdriveConfigBindings ?? (_hyperdriveConfigBindings = new InputList()); + set => _hyperdriveConfigBindings = value; + } + [Input("kvNamespaceBindings")] private InputList? _kvNamespaceBindings; public InputList KvNamespaceBindings diff --git a/sdk/dotnet/WorkersScript.cs b/sdk/dotnet/WorkersScript.cs index a26845fd8..34e050f48 100644 --- a/sdk/dotnet/WorkersScript.cs +++ b/sdk/dotnet/WorkersScript.cs @@ -148,6 +148,9 @@ public partial class WorkersScript : global::Pulumi.CustomResource [Output("dispatchNamespace")] public Output DispatchNamespace { get; private set; } = null!; + [Output("hyperdriveConfigBindings")] + public Output> HyperdriveConfigBindings { get; private set; } = null!; + [Output("kvNamespaceBindings")] public Output> KvNamespaceBindings { get; private set; } = null!; @@ -291,6 +294,14 @@ public InputList D1DatabaseBindings [Input("dispatchNamespace")] public Input? DispatchNamespace { get; set; } + [Input("hyperdriveConfigBindings")] + private InputList? _hyperdriveConfigBindings; + public InputList HyperdriveConfigBindings + { + get => _hyperdriveConfigBindings ?? (_hyperdriveConfigBindings = new InputList()); + set => _hyperdriveConfigBindings = value; + } + [Input("kvNamespaceBindings")] private InputList? _kvNamespaceBindings; public InputList KvNamespaceBindings @@ -441,6 +452,14 @@ public InputList D1DatabaseBinding [Input("dispatchNamespace")] public Input? DispatchNamespace { get; set; } + [Input("hyperdriveConfigBindings")] + private InputList? _hyperdriveConfigBindings; + public InputList HyperdriveConfigBindings + { + get => _hyperdriveConfigBindings ?? (_hyperdriveConfigBindings = new InputList()); + set => _hyperdriveConfigBindings = value; + } + [Input("kvNamespaceBindings")] private InputList? _kvNamespaceBindings; public InputList KvNamespaceBindings diff --git a/sdk/dotnet/ZeroTrustAccessPolicy.cs b/sdk/dotnet/ZeroTrustAccessPolicy.cs index 7e0e8d788..42014c1c8 100644 --- a/sdk/dotnet/ZeroTrustAccessPolicy.cs +++ b/sdk/dotnet/ZeroTrustAccessPolicy.cs @@ -32,7 +32,7 @@ namespace Pulumi.Cloudflare public partial class ZeroTrustAccessPolicy : global::Pulumi.CustomResource { /// - /// The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + /// The account identifier to target for the resource. Conflicts with `zone_id`. /// [Output("accountId")] public Output AccountId { get; private set; } = null!; @@ -110,7 +110,7 @@ public partial class ZeroTrustAccessPolicy : global::Pulumi.CustomResource public Output SessionDuration { get; private set; } = null!; /// - /// The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + /// The zone identifier to target for the resource. Conflicts with `account_id`. /// [Output("zoneId")] public Output ZoneId { get; private set; } = null!; @@ -162,7 +162,7 @@ public static ZeroTrustAccessPolicy Get(string name, Input id, ZeroTrust public sealed class ZeroTrustAccessPolicyArgs : global::Pulumi.ResourceArgs { /// - /// The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + /// The account identifier to target for the resource. Conflicts with `zone_id`. /// [Input("accountId")] public Input? AccountId { get; set; } @@ -263,7 +263,7 @@ public InputList Requires public Input? SessionDuration { get; set; } /// - /// The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + /// The zone identifier to target for the resource. Conflicts with `account_id`. /// [Input("zoneId")] public Input? ZoneId { get; set; } @@ -277,7 +277,7 @@ public ZeroTrustAccessPolicyArgs() public sealed class ZeroTrustAccessPolicyState : global::Pulumi.ResourceArgs { /// - /// The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + /// The account identifier to target for the resource. Conflicts with `zone_id`. /// [Input("accountId")] public Input? AccountId { get; set; } @@ -378,7 +378,7 @@ public InputList Requires public Input? SessionDuration { get; set; } /// - /// The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + /// The zone identifier to target for the resource. Conflicts with `account_id`. /// [Input("zoneId")] public Input? ZoneId { get; set; } diff --git a/sdk/dotnet/ZeroTrustDevicePostureRule.cs b/sdk/dotnet/ZeroTrustDevicePostureRule.cs index 99fd5fe3a..b4191084a 100644 --- a/sdk/dotnet/ZeroTrustDevicePostureRule.cs +++ b/sdk/dotnet/ZeroTrustDevicePostureRule.cs @@ -103,7 +103,7 @@ public partial class ZeroTrustDevicePostureRule : global::Pulumi.CustomResource public Output Schedule { get; private set; } = null!; /// - /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. /// [Output("type")] public Output Type { get; private set; } = null!; @@ -206,7 +206,7 @@ public InputList Matches public Input? Schedule { get; set; } /// - /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; @@ -271,7 +271,7 @@ public InputList Matches public Input? Schedule { get; set; } /// - /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + /// The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. /// [Input("type")] public Input? Type { get; set; } diff --git a/sdk/dotnet/ZeroTrustDeviceProfiles.cs b/sdk/dotnet/ZeroTrustDeviceProfiles.cs index fe2fdf814..680429524 100644 --- a/sdk/dotnet/ZeroTrustDeviceProfiles.cs +++ b/sdk/dotnet/ZeroTrustDeviceProfiles.cs @@ -167,7 +167,7 @@ public partial class ZeroTrustDeviceProfiles : global::Pulumi.CustomResource public Output SwitchLocked { get; private set; } = null!; /// - /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. /// [Output("tunnelProtocol")] public Output TunnelProtocol { get; private set; } = null!; @@ -327,7 +327,7 @@ public sealed class ZeroTrustDeviceProfilesArgs : global::Pulumi.ResourceArgs public Input? SwitchLocked { get; set; } /// - /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. /// [Input("tunnelProtocol")] public Input? TunnelProtocol { get; set; } @@ -449,7 +449,7 @@ public sealed class ZeroTrustDeviceProfilesState : global::Pulumi.ResourceArgs public Input? SwitchLocked { get; set; } /// - /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + /// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. /// [Input("tunnelProtocol")] public Input? TunnelProtocol { get; set; } diff --git a/sdk/dotnet/ZeroTrustGatewayCertificate.cs b/sdk/dotnet/ZeroTrustGatewayCertificate.cs new file mode 100644 index 000000000..7195780e2 --- /dev/null +++ b/sdk/dotnet/ZeroTrustGatewayCertificate.cs @@ -0,0 +1,216 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Cloudflare +{ + /// + /// Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can + /// be specified for Gateway TLS interception and block pages. + /// + [CloudflareResourceType("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate")] + public partial class ZeroTrustGatewayCertificate : global::Pulumi.CustomResource + { + /// + /// The account identifier to target for the resource. + /// + [Output("accountId")] + public Output AccountId { get; private set; } = null!; + + /// + /// Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + /// + [Output("activate")] + public Output Activate { get; private set; } = null!; + + /// + /// The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + /// + [Output("bindingStatus")] + public Output BindingStatus { get; private set; } = null!; + + [Output("createdAt")] + public Output CreatedAt { get; private set; } = null!; + + /// + /// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + /// + [Output("custom")] + public Output Custom { get; private set; } = null!; + + [Output("expiresOn")] + public Output ExpiresOn { get; private set; } = null!; + + /// + /// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + /// + [Output("gatewayManaged")] + public Output GatewayManaged { get; private set; } = null!; + + /// + /// Whether the certificate is in use by Gateway for TLS interception and the block page. + /// + [Output("inUse")] + public Output InUse { get; private set; } = null!; + + [Output("qsPackId")] + public Output QsPackId { get; private set; } = null!; + + [Output("uploadedOn")] + public Output UploadedOn { get; private set; } = null!; + + /// + /// Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + /// + [Output("validityPeriodDays")] + public Output ValidityPeriodDays { get; private set; } = null!; + + + /// + /// Create a ZeroTrustGatewayCertificate resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ZeroTrustGatewayCertificate(string name, ZeroTrustGatewayCertificateArgs args, CustomResourceOptions? options = null) + : base("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", name, args ?? new ZeroTrustGatewayCertificateArgs(), MakeResourceOptions(options, "")) + { + } + + private ZeroTrustGatewayCertificate(string name, Input id, ZeroTrustGatewayCertificateState? state = null, CustomResourceOptions? options = null) + : base("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ZeroTrustGatewayCertificate resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static ZeroTrustGatewayCertificate Get(string name, Input id, ZeroTrustGatewayCertificateState? state = null, CustomResourceOptions? options = null) + { + return new ZeroTrustGatewayCertificate(name, id, state, options); + } + } + + public sealed class ZeroTrustGatewayCertificateArgs : global::Pulumi.ResourceArgs + { + /// + /// The account identifier to target for the resource. + /// + [Input("accountId", required: true)] + public Input AccountId { get; set; } = null!; + + /// + /// Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + /// + [Input("activate")] + public Input? Activate { get; set; } + + /// + /// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + /// + [Input("custom")] + public Input? Custom { get; set; } + + /// + /// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + /// + [Input("gatewayManaged")] + public Input? GatewayManaged { get; set; } + + /// + /// Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + /// + [Input("validityPeriodDays")] + public Input? ValidityPeriodDays { get; set; } + + public ZeroTrustGatewayCertificateArgs() + { + } + public static new ZeroTrustGatewayCertificateArgs Empty => new ZeroTrustGatewayCertificateArgs(); + } + + public sealed class ZeroTrustGatewayCertificateState : global::Pulumi.ResourceArgs + { + /// + /// The account identifier to target for the resource. + /// + [Input("accountId")] + public Input? AccountId { get; set; } + + /// + /// Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + /// + [Input("activate")] + public Input? Activate { get; set; } + + /// + /// The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + /// + [Input("bindingStatus")] + public Input? BindingStatus { get; set; } + + [Input("createdAt")] + public Input? CreatedAt { get; set; } + + /// + /// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + /// + [Input("custom")] + public Input? Custom { get; set; } + + [Input("expiresOn")] + public Input? ExpiresOn { get; set; } + + /// + /// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + /// + [Input("gatewayManaged")] + public Input? GatewayManaged { get; set; } + + /// + /// Whether the certificate is in use by Gateway for TLS interception and the block page. + /// + [Input("inUse")] + public Input? InUse { get; set; } + + [Input("qsPackId")] + public Input? QsPackId { get; set; } + + [Input("uploadedOn")] + public Input? UploadedOn { get; set; } + + /// + /// Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + /// + [Input("validityPeriodDays")] + public Input? ValidityPeriodDays { get; set; } + + public ZeroTrustGatewayCertificateState() + { + } + public static new ZeroTrustGatewayCertificateState Empty => new ZeroTrustGatewayCertificateState(); + } +} diff --git a/sdk/dotnet/ZeroTrustGatewaySettings.cs b/sdk/dotnet/ZeroTrustGatewaySettings.cs index 07d00b617..446923097 100644 --- a/sdk/dotnet/ZeroTrustGatewaySettings.cs +++ b/sdk/dotnet/ZeroTrustGatewaySettings.cs @@ -61,6 +61,7 @@ namespace Pulumi.Cloudflare /// Udp = true, /// RootCa = true, /// VirtualIp = false, + /// DisableForTime = 3600, /// }, /// UrlBrowserIsolationEnabled = true, /// Logging = new Cloudflare.Inputs.ZeroTrustGatewaySettingsLoggingArgs @@ -134,7 +135,13 @@ public partial class ZeroTrustGatewaySettings : global::Pulumi.CustomResource public Output BodyScanning { get; private set; } = null!; /// - /// Configuration for custom certificates / BYO-PKI. + /// Configuration for TLS interception certificate. This will be required starting Feb 2025. + /// + [Output("certificate")] + public Output Certificate { get; private set; } = null!; + + /// + /// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. /// [Output("customCertificate")] public Output CustomCertificate { get; private set; } = null!; @@ -273,7 +280,13 @@ public sealed class ZeroTrustGatewaySettingsArgs : global::Pulumi.ResourceArgs public Input? BodyScanning { get; set; } /// - /// Configuration for custom certificates / BYO-PKI. + /// Configuration for TLS interception certificate. This will be required starting Feb 2025. + /// + [Input("certificate")] + public Input? Certificate { get; set; } + + /// + /// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. /// [Input("customCertificate")] public Input? CustomCertificate { get; set; } @@ -374,7 +387,13 @@ public sealed class ZeroTrustGatewaySettingsState : global::Pulumi.ResourceArgs public Input? BodyScanning { get; set; } /// - /// Configuration for custom certificates / BYO-PKI. + /// Configuration for TLS interception certificate. This will be required starting Feb 2025. + /// + [Input("certificate")] + public Input? Certificate { get; set; } + + /// + /// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. /// [Input("customCertificate")] public Input? CustomCertificate { get; set; } diff --git a/sdk/dotnet/ZeroTrustRiskScoreIntegration.cs b/sdk/dotnet/ZeroTrustRiskScoreIntegration.cs index 42e2dda95..cd114464b 100644 --- a/sdk/dotnet/ZeroTrustRiskScoreIntegration.cs +++ b/sdk/dotnet/ZeroTrustRiskScoreIntegration.cs @@ -9,6 +9,9 @@ namespace Pulumi.Cloudflare { + /// + /// The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta. + /// [CloudflareResourceType("cloudflare:index/zeroTrustRiskScoreIntegration:ZeroTrustRiskScoreIntegration")] public partial class ZeroTrustRiskScoreIntegration : global::Pulumi.CustomResource { @@ -25,16 +28,13 @@ public partial class ZeroTrustRiskScoreIntegration : global::Pulumi.CustomResour public Output Active { get; private set; } = null!; /// - /// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - /// https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + /// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body /// [Output("integrationType")] public Output IntegrationType { get; private set; } = null!; /// - /// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - /// omitted, a random UUIDv4 is used. - /// https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + /// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider /// [Output("referenceId")] public Output ReferenceId { get; private set; } = null!; @@ -46,8 +46,7 @@ public partial class ZeroTrustRiskScoreIntegration : global::Pulumi.CustomResour public Output TenantUrl { get; private set; } = null!; /// - /// The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - /// https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + /// The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 /// [Output("wellKnownUrl")] public Output WellKnownUrl { get; private set; } = null!; @@ -111,16 +110,13 @@ public sealed class ZeroTrustRiskScoreIntegrationArgs : global::Pulumi.ResourceA public Input? Active { get; set; } /// - /// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - /// https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + /// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body /// [Input("integrationType", required: true)] public Input IntegrationType { get; set; } = null!; /// - /// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - /// omitted, a random UUIDv4 is used. - /// https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + /// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider /// [Input("referenceId")] public Input? ReferenceId { get; set; } @@ -152,16 +148,13 @@ public sealed class ZeroTrustRiskScoreIntegrationState : global::Pulumi.Resource public Input? Active { get; set; } /// - /// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - /// https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + /// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body /// [Input("integrationType")] public Input? IntegrationType { get; set; } /// - /// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - /// omitted, a random UUIDv4 is used. - /// https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + /// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider /// [Input("referenceId")] public Input? ReferenceId { get; set; } @@ -173,8 +166,7 @@ public sealed class ZeroTrustRiskScoreIntegrationState : global::Pulumi.Resource public Input? TenantUrl { get; set; } /// - /// The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - /// https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + /// The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 /// [Input("wellKnownUrl")] public Input? WellKnownUrl { get; set; } diff --git a/sdk/go/cloudflare/accessPolicy.go b/sdk/go/cloudflare/accessPolicy.go index dbab62c4a..3c8675d52 100644 --- a/sdk/go/cloudflare/accessPolicy.go +++ b/sdk/go/cloudflare/accessPolicy.go @@ -33,7 +33,7 @@ import ( type AccessPolicy struct { pulumi.CustomResourceState - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId pulumi.StringPtrOutput `pulumi:"accountId"` // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId pulumi.StringPtrOutput `pulumi:"applicationId"` @@ -59,7 +59,7 @@ type AccessPolicy struct { Requires AccessPolicyRequireArrayOutput `pulumi:"requires"` // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration pulumi.StringPtrOutput `pulumi:"sessionDuration"` - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId pulumi.StringPtrOutput `pulumi:"zoneId"` } @@ -102,7 +102,7 @@ func GetAccessPolicy(ctx *pulumi.Context, // Input properties used for looking up and filtering AccessPolicy resources. type accessPolicyState struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId *string `pulumi:"accountId"` // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId *string `pulumi:"applicationId"` @@ -128,12 +128,12 @@ type accessPolicyState struct { Requires []AccessPolicyRequire `pulumi:"requires"` // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration *string `pulumi:"sessionDuration"` - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId *string `pulumi:"zoneId"` } type AccessPolicyState struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId pulumi.StringPtrInput // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId pulumi.StringPtrInput @@ -159,7 +159,7 @@ type AccessPolicyState struct { Requires AccessPolicyRequireArrayInput // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration pulumi.StringPtrInput - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId pulumi.StringPtrInput } @@ -168,7 +168,7 @@ func (AccessPolicyState) ElementType() reflect.Type { } type accessPolicyArgs struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId *string `pulumi:"accountId"` // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId *string `pulumi:"applicationId"` @@ -194,13 +194,13 @@ type accessPolicyArgs struct { Requires []AccessPolicyRequire `pulumi:"requires"` // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration *string `pulumi:"sessionDuration"` - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId *string `pulumi:"zoneId"` } // The set of arguments for constructing a AccessPolicy resource. type AccessPolicyArgs struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId pulumi.StringPtrInput // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId pulumi.StringPtrInput @@ -226,7 +226,7 @@ type AccessPolicyArgs struct { Requires AccessPolicyRequireArrayInput // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration pulumi.StringPtrInput - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId pulumi.StringPtrInput } @@ -317,7 +317,7 @@ func (o AccessPolicyOutput) ToAccessPolicyOutputWithContext(ctx context.Context) return o } -// The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** +// The account identifier to target for the resource. Conflicts with `zoneId`. func (o AccessPolicyOutput) AccountId() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicy) pulumi.StringPtrOutput { return v.AccountId }).(pulumi.StringPtrOutput) } @@ -385,7 +385,7 @@ func (o AccessPolicyOutput) SessionDuration() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicy) pulumi.StringPtrOutput { return v.SessionDuration }).(pulumi.StringPtrOutput) } -// The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** +// The zone identifier to target for the resource. Conflicts with `accountId`. func (o AccessPolicyOutput) ZoneId() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicy) pulumi.StringPtrOutput { return v.ZoneId }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/cloudflare/botManagement.go b/sdk/go/cloudflare/botManagement.go index 10a81b43d..eb51b2153 100644 --- a/sdk/go/cloudflare/botManagement.go +++ b/sdk/go/cloudflare/botManagement.go @@ -60,6 +60,8 @@ import ( type BotManagement struct { pulumi.CustomResourceState + // Enable rule to block AI Scrapers and Crawlers. + AiBotsProtection pulumi.StringOutput `pulumi:"aiBotsProtection"` // Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). AutoUpdateModel pulumi.BoolPtrOutput `pulumi:"autoUpdateModel"` // Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). @@ -117,6 +119,8 @@ func GetBotManagement(ctx *pulumi.Context, // Input properties used for looking up and filtering BotManagement resources. type botManagementState struct { + // Enable rule to block AI Scrapers and Crawlers. + AiBotsProtection *string `pulumi:"aiBotsProtection"` // Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). AutoUpdateModel *bool `pulumi:"autoUpdateModel"` // Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). @@ -142,6 +146,8 @@ type botManagementState struct { } type BotManagementState struct { + // Enable rule to block AI Scrapers and Crawlers. + AiBotsProtection pulumi.StringPtrInput // Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). AutoUpdateModel pulumi.BoolPtrInput // Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). @@ -171,6 +177,8 @@ func (BotManagementState) ElementType() reflect.Type { } type botManagementArgs struct { + // Enable rule to block AI Scrapers and Crawlers. + AiBotsProtection *string `pulumi:"aiBotsProtection"` // Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). AutoUpdateModel *bool `pulumi:"autoUpdateModel"` // Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). @@ -195,6 +203,8 @@ type botManagementArgs struct { // The set of arguments for constructing a BotManagement resource. type BotManagementArgs struct { + // Enable rule to block AI Scrapers and Crawlers. + AiBotsProtection pulumi.StringPtrInput // Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). AutoUpdateModel pulumi.BoolPtrInput // Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). @@ -304,6 +314,11 @@ func (o BotManagementOutput) ToBotManagementOutputWithContext(ctx context.Contex return o } +// Enable rule to block AI Scrapers and Crawlers. +func (o BotManagementOutput) AiBotsProtection() pulumi.StringOutput { + return o.ApplyT(func(v *BotManagement) pulumi.StringOutput { return v.AiBotsProtection }).(pulumi.StringOutput) +} + // Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). func (o BotManagementOutput) AutoUpdateModel() pulumi.BoolPtrOutput { return o.ApplyT(func(v *BotManagement) pulumi.BoolPtrOutput { return v.AutoUpdateModel }).(pulumi.BoolPtrOutput) diff --git a/sdk/go/cloudflare/deviceSettingsPolicy.go b/sdk/go/cloudflare/deviceSettingsPolicy.go index 32bb5736b..947a47ee4 100644 --- a/sdk/go/cloudflare/deviceSettingsPolicy.go +++ b/sdk/go/cloudflare/deviceSettingsPolicy.go @@ -104,7 +104,7 @@ type DeviceSettingsPolicy struct { SupportUrl pulumi.StringPtrOutput `pulumi:"supportUrl"` // Enablement of the ZT client switch lock. SwitchLocked pulumi.BoolPtrOutput `pulumi:"switchLocked"` - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol pulumi.StringPtrOutput `pulumi:"tunnelProtocol"` } @@ -183,7 +183,7 @@ type deviceSettingsPolicyState struct { SupportUrl *string `pulumi:"supportUrl"` // Enablement of the ZT client switch lock. SwitchLocked *bool `pulumi:"switchLocked"` - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol *string `pulumi:"tunnelProtocol"` } @@ -224,7 +224,7 @@ type DeviceSettingsPolicyState struct { SupportUrl pulumi.StringPtrInput // Enablement of the ZT client switch lock. SwitchLocked pulumi.BoolPtrInput - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol pulumi.StringPtrInput } @@ -269,7 +269,7 @@ type deviceSettingsPolicyArgs struct { SupportUrl *string `pulumi:"supportUrl"` // Enablement of the ZT client switch lock. SwitchLocked *bool `pulumi:"switchLocked"` - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol *string `pulumi:"tunnelProtocol"` } @@ -311,7 +311,7 @@ type DeviceSettingsPolicyArgs struct { SupportUrl pulumi.StringPtrInput // Enablement of the ZT client switch lock. SwitchLocked pulumi.BoolPtrInput - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol pulumi.StringPtrInput } @@ -492,7 +492,7 @@ func (o DeviceSettingsPolicyOutput) SwitchLocked() pulumi.BoolPtrOutput { return o.ApplyT(func(v *DeviceSettingsPolicy) pulumi.BoolPtrOutput { return v.SwitchLocked }).(pulumi.BoolPtrOutput) } -// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` +// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. func (o DeviceSettingsPolicyOutput) TunnelProtocol() pulumi.StringPtrOutput { return o.ApplyT(func(v *DeviceSettingsPolicy) pulumi.StringPtrOutput { return v.TunnelProtocol }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/cloudflare/getDevicePostureRules.go b/sdk/go/cloudflare/getDevicePostureRules.go index 181e0a67a..a69c5193a 100644 --- a/sdk/go/cloudflare/getDevicePostureRules.go +++ b/sdk/go/cloudflare/getDevicePostureRules.go @@ -56,7 +56,7 @@ type GetDevicePostureRulesArgs struct { AccountId string `pulumi:"accountId"` // Name of the Device Posture Rule. Name *string `pulumi:"name"` - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type *string `pulumi:"type"` } @@ -70,7 +70,7 @@ type GetDevicePostureRulesResult struct { Name *string `pulumi:"name"` // A list of matching Device Posture Rules. Rules []GetDevicePostureRulesRule `pulumi:"rules"` - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type *string `pulumi:"type"` } @@ -93,7 +93,7 @@ type GetDevicePostureRulesOutputArgs struct { AccountId pulumi.StringInput `pulumi:"accountId"` // Name of the Device Posture Rule. Name pulumi.StringPtrInput `pulumi:"name"` - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type pulumi.StringPtrInput `pulumi:"type"` } @@ -136,7 +136,7 @@ func (o GetDevicePostureRulesResultOutput) Rules() GetDevicePostureRulesRuleArra return o.ApplyT(func(v GetDevicePostureRulesResult) []GetDevicePostureRulesRule { return v.Rules }).(GetDevicePostureRulesRuleArrayOutput) } -// The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. +// The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. func (o GetDevicePostureRulesResultOutput) Type() pulumi.StringPtrOutput { return o.ApplyT(func(v GetDevicePostureRulesResult) *string { return v.Type }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/cloudflare/init.go b/sdk/go/cloudflare/init.go index a55d8a975..efa010c5d 100644 --- a/sdk/go/cloudflare/init.go +++ b/sdk/go/cloudflare/init.go @@ -303,6 +303,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &ZeroTrustDlpProfile{} case "cloudflare:index/zeroTrustDnsLocation:ZeroTrustDnsLocation": r = &ZeroTrustDnsLocation{} + case "cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate": + r = &ZeroTrustGatewayCertificate{} case "cloudflare:index/zeroTrustGatewayPolicy:ZeroTrustGatewayPolicy": r = &ZeroTrustGatewayPolicy{} case "cloudflare:index/zeroTrustGatewayProxyEndpoint:ZeroTrustGatewayProxyEndpoint": @@ -1079,6 +1081,11 @@ func init() { "index/zeroTrustDnsLocation", &module{version}, ) + pulumi.RegisterResourceModule( + "cloudflare", + "index/zeroTrustGatewayCertificate", + &module{version}, + ) pulumi.RegisterResourceModule( "cloudflare", "index/zeroTrustGatewayPolicy", diff --git a/sdk/go/cloudflare/notificationPolicy.go b/sdk/go/cloudflare/notificationPolicy.go index 25bf91f8c..4ab5c18c7 100644 --- a/sdk/go/cloudflare/notificationPolicy.go +++ b/sdk/go/cloudflare/notificationPolicy.go @@ -26,7 +26,7 @@ type NotificationPolicy struct { // The account identifier to target for the resource. AccountId pulumi.StringOutput `pulumi:"accountId"` - // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. AlertType pulumi.StringOutput `pulumi:"alertType"` // When the notification policy was created. Created pulumi.StringOutput `pulumi:"created"` @@ -92,7 +92,7 @@ func GetNotificationPolicy(ctx *pulumi.Context, type notificationPolicyState struct { // The account identifier to target for the resource. AccountId *string `pulumi:"accountId"` - // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. AlertType *string `pulumi:"alertType"` // When the notification policy was created. Created *string `pulumi:"created"` @@ -117,7 +117,7 @@ type notificationPolicyState struct { type NotificationPolicyState struct { // The account identifier to target for the resource. AccountId pulumi.StringPtrInput - // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. AlertType pulumi.StringPtrInput // When the notification policy was created. Created pulumi.StringPtrInput @@ -146,7 +146,7 @@ func (NotificationPolicyState) ElementType() reflect.Type { type notificationPolicyArgs struct { // The account identifier to target for the resource. AccountId string `pulumi:"accountId"` - // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. AlertType string `pulumi:"alertType"` // Description of the notification policy. Description *string `pulumi:"description"` @@ -168,7 +168,7 @@ type notificationPolicyArgs struct { type NotificationPolicyArgs struct { // The account identifier to target for the resource. AccountId pulumi.StringInput - // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + // The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. AlertType pulumi.StringInput // Description of the notification policy. Description pulumi.StringPtrInput @@ -278,7 +278,7 @@ func (o NotificationPolicyOutput) AccountId() pulumi.StringOutput { return o.ApplyT(func(v *NotificationPolicy) pulumi.StringOutput { return v.AccountId }).(pulumi.StringOutput) } -// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. +// The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. func (o NotificationPolicyOutput) AlertType() pulumi.StringOutput { return o.ApplyT(func(v *NotificationPolicy) pulumi.StringOutput { return v.AlertType }).(pulumi.StringOutput) } diff --git a/sdk/go/cloudflare/pulumiTypes.go b/sdk/go/cloudflare/pulumiTypes.go index 4205722aa..5f20253dd 100644 --- a/sdk/go/cloudflare/pulumiTypes.go +++ b/sdk/go/cloudflare/pulumiTypes.go @@ -2517,32 +2517,51 @@ func (o AccessApplicationScimConfigMappingOperationsPtrOutput) Update() pulumi.B } type AccessGroupExclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []AccessGroupExcludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []AccessGroupExcludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []AccessGroupExcludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation *AccessGroupExcludeExternalEvaluation `pulumi:"externalEvaluation"` - Geos []string `pulumi:"geos"` - Githubs []AccessGroupExcludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []AccessGroupExcludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []AccessGroupExcludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []AccessGroupExcludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []AccessGroupExcludeOkta `pulumi:"oktas"` - Samls []AccessGroupExcludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []AccessGroupExcludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []AccessGroupExcludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // AccessGroupExcludeInput is an input type that accepts AccessGroupExcludeArgs and AccessGroupExcludeOutput values. @@ -2557,32 +2576,51 @@ type AccessGroupExcludeInput interface { } type AccessGroupExcludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts AccessGroupExcludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures AccessGroupExcludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures AccessGroupExcludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation AccessGroupExcludeExternalEvaluationPtrInput `pulumi:"externalEvaluation"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs AccessGroupExcludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites AccessGroupExcludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs AccessGroupExcludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites AccessGroupExcludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas AccessGroupExcludeOktaArrayInput `pulumi:"oktas"` - Samls AccessGroupExcludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas AccessGroupExcludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls AccessGroupExcludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (AccessGroupExcludeArgs) ElementType() reflect.Type { @@ -2636,6 +2674,7 @@ func (o AccessGroupExcludeOutput) ToAccessGroupExcludeOutputWithContext(ctx cont return o } +// Matches any valid Access service token. func (o AccessGroupExcludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupExclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -2644,18 +2683,22 @@ func (o AccessGroupExcludeOutput) AuthContexts() AccessGroupExcludeAuthContextAr return o.ApplyT(func(v AccessGroupExclude) []AccessGroupExcludeAuthContext { return v.AuthContexts }).(AccessGroupExcludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o AccessGroupExcludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o AccessGroupExcludeOutput) Azures() AccessGroupExcludeAzureArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []AccessGroupExcludeAzure { return v.Azures }).(AccessGroupExcludeAzureArrayOutput) } +// Matches any valid client certificate. func (o AccessGroupExcludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupExclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o AccessGroupExcludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -2665,47 +2708,57 @@ func (o AccessGroupExcludeOutput) CommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o AccessGroupExcludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o AccessGroupExcludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o AccessGroupExcludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o AccessGroupExcludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o AccessGroupExcludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupExclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o AccessGroupExcludeOutput) ExternalEvaluation() AccessGroupExcludeExternalEvaluationPtrOutput { return o.ApplyT(func(v AccessGroupExclude) *AccessGroupExcludeExternalEvaluation { return v.ExternalEvaluation }).(AccessGroupExcludeExternalEvaluationPtrOutput) } +// Matches a specific country. func (o AccessGroupExcludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o AccessGroupExcludeOutput) Githubs() AccessGroupExcludeGithubArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []AccessGroupExcludeGithub { return v.Githubs }).(AccessGroupExcludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o AccessGroupExcludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o AccessGroupExcludeOutput) Gsuites() AccessGroupExcludeGsuiteArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []AccessGroupExcludeGsuite { return v.Gsuites }).(AccessGroupExcludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o AccessGroupExcludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -2715,18 +2768,22 @@ func (o AccessGroupExcludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o AccessGroupExcludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o AccessGroupExcludeOutput) Oktas() AccessGroupExcludeOktaArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []AccessGroupExcludeOkta { return v.Oktas }).(AccessGroupExcludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o AccessGroupExcludeOutput) Samls() AccessGroupExcludeSamlArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []AccessGroupExcludeSaml { return v.Samls }).(AccessGroupExcludeSamlArrayOutput) } +// The ID of an Access service token. func (o AccessGroupExcludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -2756,7 +2813,7 @@ type AccessGroupExcludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -2776,7 +2833,7 @@ type AccessGroupExcludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -2841,7 +2898,7 @@ func (o AccessGroupExcludeAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v AccessGroupExcludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessGroupExcludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v AccessGroupExcludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -2867,7 +2924,7 @@ func (o AccessGroupExcludeAuthContextArrayOutput) Index(i pulumi.IntInput) Acces } type AccessGroupExcludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -2885,7 +2942,7 @@ type AccessGroupExcludeAzureInput interface { } type AccessGroupExcludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -2942,7 +2999,7 @@ func (o AccessGroupExcludeAzureOutput) ToAccessGroupExcludeAzureOutputWithContex return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessGroupExcludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -2973,8 +3030,10 @@ func (o AccessGroupExcludeAzureArrayOutput) Index(i pulumi.IntInput) AccessGroup } type AccessGroupExcludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // AccessGroupExcludeExternalEvaluationInput is an input type that accepts AccessGroupExcludeExternalEvaluationArgs and AccessGroupExcludeExternalEvaluationOutput values. @@ -2989,8 +3048,10 @@ type AccessGroupExcludeExternalEvaluationInput interface { } type AccessGroupExcludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (AccessGroupExcludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -3070,10 +3131,12 @@ func (o AccessGroupExcludeExternalEvaluationOutput) ToAccessGroupExcludeExternal }).(AccessGroupExcludeExternalEvaluationPtrOutput) } +// The API endpoint containing your business logic. func (o AccessGroupExcludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessGroupExcludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -3102,6 +3165,7 @@ func (o AccessGroupExcludeExternalEvaluationPtrOutput) Elem() AccessGroupExclude }).(AccessGroupExcludeExternalEvaluationOutput) } +// The API endpoint containing your business logic. func (o AccessGroupExcludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessGroupExcludeExternalEvaluation) *string { if v == nil { @@ -3111,6 +3175,7 @@ func (o AccessGroupExcludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.Stri }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessGroupExcludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessGroupExcludeExternalEvaluation) *string { if v == nil { @@ -3121,9 +3186,12 @@ func (o AccessGroupExcludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPt } type AccessGroupExcludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // AccessGroupExcludeGithubInput is an input type that accepts AccessGroupExcludeGithubArgs and AccessGroupExcludeGithubOutput values. @@ -3138,9 +3206,12 @@ type AccessGroupExcludeGithubInput interface { } type AccessGroupExcludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (AccessGroupExcludeGithubArgs) ElementType() reflect.Type { @@ -3194,14 +3265,17 @@ func (o AccessGroupExcludeGithubOutput) ToAccessGroupExcludeGithubOutputWithCont return o } +// The ID of your Github identity provider. func (o AccessGroupExcludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o AccessGroupExcludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o AccessGroupExcludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExcludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -3227,8 +3301,10 @@ func (o AccessGroupExcludeGithubArrayOutput) Index(i pulumi.IntInput) AccessGrou } type AccessGroupExcludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // AccessGroupExcludeGsuiteInput is an input type that accepts AccessGroupExcludeGsuiteArgs and AccessGroupExcludeGsuiteOutput values. @@ -3243,8 +3319,10 @@ type AccessGroupExcludeGsuiteInput interface { } type AccessGroupExcludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (AccessGroupExcludeGsuiteArgs) ElementType() reflect.Type { @@ -3298,10 +3376,12 @@ func (o AccessGroupExcludeGsuiteOutput) ToAccessGroupExcludeGsuiteOutputWithCont return o } +// The email of the Google Workspace group. func (o AccessGroupExcludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExcludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o AccessGroupExcludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -3327,8 +3407,10 @@ func (o AccessGroupExcludeGsuiteArrayOutput) Index(i pulumi.IntInput) AccessGrou } type AccessGroupExcludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // AccessGroupExcludeOktaInput is an input type that accepts AccessGroupExcludeOktaArgs and AccessGroupExcludeOktaOutput values. @@ -3343,8 +3425,10 @@ type AccessGroupExcludeOktaInput interface { } type AccessGroupExcludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (AccessGroupExcludeOktaArgs) ElementType() reflect.Type { @@ -3398,10 +3482,12 @@ func (o AccessGroupExcludeOktaOutput) ToAccessGroupExcludeOktaOutputWithContext( return o } +// The ID of your Okta identity provider. func (o AccessGroupExcludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o AccessGroupExcludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupExcludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -3427,8 +3513,11 @@ func (o AccessGroupExcludeOktaArrayOutput) Index(i pulumi.IntInput) AccessGroupE } type AccessGroupExcludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -3444,8 +3533,11 @@ type AccessGroupExcludeSamlInput interface { } type AccessGroupExcludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -3500,14 +3592,17 @@ func (o AccessGroupExcludeSamlOutput) ToAccessGroupExcludeSamlOutputWithContext( return o } +// The name of the SAML attribute. func (o AccessGroupExcludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o AccessGroupExcludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o AccessGroupExcludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupExcludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -3533,32 +3628,51 @@ func (o AccessGroupExcludeSamlArrayOutput) Index(i pulumi.IntInput) AccessGroupE } type AccessGroupInclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []AccessGroupIncludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []AccessGroupIncludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []AccessGroupIncludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation *AccessGroupIncludeExternalEvaluation `pulumi:"externalEvaluation"` - Geos []string `pulumi:"geos"` - Githubs []AccessGroupIncludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []AccessGroupIncludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []AccessGroupIncludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []AccessGroupIncludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []AccessGroupIncludeOkta `pulumi:"oktas"` - Samls []AccessGroupIncludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []AccessGroupIncludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []AccessGroupIncludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // AccessGroupIncludeInput is an input type that accepts AccessGroupIncludeArgs and AccessGroupIncludeOutput values. @@ -3573,32 +3687,51 @@ type AccessGroupIncludeInput interface { } type AccessGroupIncludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts AccessGroupIncludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures AccessGroupIncludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures AccessGroupIncludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation AccessGroupIncludeExternalEvaluationPtrInput `pulumi:"externalEvaluation"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs AccessGroupIncludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites AccessGroupIncludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs AccessGroupIncludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites AccessGroupIncludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas AccessGroupIncludeOktaArrayInput `pulumi:"oktas"` - Samls AccessGroupIncludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas AccessGroupIncludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls AccessGroupIncludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (AccessGroupIncludeArgs) ElementType() reflect.Type { @@ -3652,6 +3785,7 @@ func (o AccessGroupIncludeOutput) ToAccessGroupIncludeOutputWithContext(ctx cont return o } +// Matches any valid Access service token. func (o AccessGroupIncludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupInclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -3660,18 +3794,22 @@ func (o AccessGroupIncludeOutput) AuthContexts() AccessGroupIncludeAuthContextAr return o.ApplyT(func(v AccessGroupInclude) []AccessGroupIncludeAuthContext { return v.AuthContexts }).(AccessGroupIncludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o AccessGroupIncludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupInclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o AccessGroupIncludeOutput) Azures() AccessGroupIncludeAzureArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []AccessGroupIncludeAzure { return v.Azures }).(AccessGroupIncludeAzureArrayOutput) } +// Matches any valid client certificate. func (o AccessGroupIncludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupInclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o AccessGroupIncludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupInclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -3681,47 +3819,57 @@ func (o AccessGroupIncludeOutput) CommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o AccessGroupIncludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o AccessGroupIncludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o AccessGroupIncludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o AccessGroupIncludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o AccessGroupIncludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupInclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o AccessGroupIncludeOutput) ExternalEvaluation() AccessGroupIncludeExternalEvaluationPtrOutput { return o.ApplyT(func(v AccessGroupInclude) *AccessGroupIncludeExternalEvaluation { return v.ExternalEvaluation }).(AccessGroupIncludeExternalEvaluationPtrOutput) } +// Matches a specific country. func (o AccessGroupIncludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o AccessGroupIncludeOutput) Githubs() AccessGroupIncludeGithubArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []AccessGroupIncludeGithub { return v.Githubs }).(AccessGroupIncludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o AccessGroupIncludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o AccessGroupIncludeOutput) Gsuites() AccessGroupIncludeGsuiteArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []AccessGroupIncludeGsuite { return v.Gsuites }).(AccessGroupIncludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o AccessGroupIncludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -3731,18 +3879,22 @@ func (o AccessGroupIncludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o AccessGroupIncludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o AccessGroupIncludeOutput) Oktas() AccessGroupIncludeOktaArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []AccessGroupIncludeOkta { return v.Oktas }).(AccessGroupIncludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o AccessGroupIncludeOutput) Samls() AccessGroupIncludeSamlArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []AccessGroupIncludeSaml { return v.Samls }).(AccessGroupIncludeSamlArrayOutput) } +// The ID of an Access service token. func (o AccessGroupIncludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupInclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -3772,7 +3924,7 @@ type AccessGroupIncludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -3792,7 +3944,7 @@ type AccessGroupIncludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -3857,7 +4009,7 @@ func (o AccessGroupIncludeAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v AccessGroupIncludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessGroupIncludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v AccessGroupIncludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -3883,7 +4035,7 @@ func (o AccessGroupIncludeAuthContextArrayOutput) Index(i pulumi.IntInput) Acces } type AccessGroupIncludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -3901,7 +4053,7 @@ type AccessGroupIncludeAzureInput interface { } type AccessGroupIncludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -3958,7 +4110,7 @@ func (o AccessGroupIncludeAzureOutput) ToAccessGroupIncludeAzureOutputWithContex return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessGroupIncludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -3989,8 +4141,10 @@ func (o AccessGroupIncludeAzureArrayOutput) Index(i pulumi.IntInput) AccessGroup } type AccessGroupIncludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // AccessGroupIncludeExternalEvaluationInput is an input type that accepts AccessGroupIncludeExternalEvaluationArgs and AccessGroupIncludeExternalEvaluationOutput values. @@ -4005,8 +4159,10 @@ type AccessGroupIncludeExternalEvaluationInput interface { } type AccessGroupIncludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (AccessGroupIncludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -4086,10 +4242,12 @@ func (o AccessGroupIncludeExternalEvaluationOutput) ToAccessGroupIncludeExternal }).(AccessGroupIncludeExternalEvaluationPtrOutput) } +// The API endpoint containing your business logic. func (o AccessGroupIncludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessGroupIncludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -4118,6 +4276,7 @@ func (o AccessGroupIncludeExternalEvaluationPtrOutput) Elem() AccessGroupInclude }).(AccessGroupIncludeExternalEvaluationOutput) } +// The API endpoint containing your business logic. func (o AccessGroupIncludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessGroupIncludeExternalEvaluation) *string { if v == nil { @@ -4127,6 +4286,7 @@ func (o AccessGroupIncludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.Stri }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessGroupIncludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessGroupIncludeExternalEvaluation) *string { if v == nil { @@ -4137,9 +4297,12 @@ func (o AccessGroupIncludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPt } type AccessGroupIncludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // AccessGroupIncludeGithubInput is an input type that accepts AccessGroupIncludeGithubArgs and AccessGroupIncludeGithubOutput values. @@ -4154,9 +4317,12 @@ type AccessGroupIncludeGithubInput interface { } type AccessGroupIncludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (AccessGroupIncludeGithubArgs) ElementType() reflect.Type { @@ -4210,14 +4376,17 @@ func (o AccessGroupIncludeGithubOutput) ToAccessGroupIncludeGithubOutputWithCont return o } +// The ID of your Github identity provider. func (o AccessGroupIncludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o AccessGroupIncludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o AccessGroupIncludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupIncludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -4243,8 +4412,10 @@ func (o AccessGroupIncludeGithubArrayOutput) Index(i pulumi.IntInput) AccessGrou } type AccessGroupIncludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // AccessGroupIncludeGsuiteInput is an input type that accepts AccessGroupIncludeGsuiteArgs and AccessGroupIncludeGsuiteOutput values. @@ -4259,8 +4430,10 @@ type AccessGroupIncludeGsuiteInput interface { } type AccessGroupIncludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (AccessGroupIncludeGsuiteArgs) ElementType() reflect.Type { @@ -4314,10 +4487,12 @@ func (o AccessGroupIncludeGsuiteOutput) ToAccessGroupIncludeGsuiteOutputWithCont return o } +// The email of the Google Workspace group. func (o AccessGroupIncludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupIncludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o AccessGroupIncludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -4343,8 +4518,10 @@ func (o AccessGroupIncludeGsuiteArrayOutput) Index(i pulumi.IntInput) AccessGrou } type AccessGroupIncludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // AccessGroupIncludeOktaInput is an input type that accepts AccessGroupIncludeOktaArgs and AccessGroupIncludeOktaOutput values. @@ -4359,8 +4536,10 @@ type AccessGroupIncludeOktaInput interface { } type AccessGroupIncludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (AccessGroupIncludeOktaArgs) ElementType() reflect.Type { @@ -4414,10 +4593,12 @@ func (o AccessGroupIncludeOktaOutput) ToAccessGroupIncludeOktaOutputWithContext( return o } +// The ID of your Okta identity provider. func (o AccessGroupIncludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o AccessGroupIncludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupIncludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -4443,8 +4624,11 @@ func (o AccessGroupIncludeOktaArrayOutput) Index(i pulumi.IntInput) AccessGroupI } type AccessGroupIncludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -4460,8 +4644,11 @@ type AccessGroupIncludeSamlInput interface { } type AccessGroupIncludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -4516,14 +4703,17 @@ func (o AccessGroupIncludeSamlOutput) ToAccessGroupIncludeSamlOutputWithContext( return o } +// The name of the SAML attribute. func (o AccessGroupIncludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o AccessGroupIncludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o AccessGroupIncludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupIncludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -4549,32 +4739,51 @@ func (o AccessGroupIncludeSamlArrayOutput) Index(i pulumi.IntInput) AccessGroupI } type AccessGroupRequire struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []AccessGroupRequireAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []AccessGroupRequireAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []AccessGroupRequireAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation *AccessGroupRequireExternalEvaluation `pulumi:"externalEvaluation"` - Geos []string `pulumi:"geos"` - Githubs []AccessGroupRequireGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []AccessGroupRequireGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []AccessGroupRequireGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []AccessGroupRequireGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []AccessGroupRequireOkta `pulumi:"oktas"` - Samls []AccessGroupRequireSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []AccessGroupRequireOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []AccessGroupRequireSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // AccessGroupRequireInput is an input type that accepts AccessGroupRequireArgs and AccessGroupRequireOutput values. @@ -4589,32 +4798,51 @@ type AccessGroupRequireInput interface { } type AccessGroupRequireArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts AccessGroupRequireAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures AccessGroupRequireAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures AccessGroupRequireAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation AccessGroupRequireExternalEvaluationPtrInput `pulumi:"externalEvaluation"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs AccessGroupRequireGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites AccessGroupRequireGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs AccessGroupRequireGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites AccessGroupRequireGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas AccessGroupRequireOktaArrayInput `pulumi:"oktas"` - Samls AccessGroupRequireSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas AccessGroupRequireOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls AccessGroupRequireSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (AccessGroupRequireArgs) ElementType() reflect.Type { @@ -4668,6 +4896,7 @@ func (o AccessGroupRequireOutput) ToAccessGroupRequireOutputWithContext(ctx cont return o } +// Matches any valid Access service token. func (o AccessGroupRequireOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupRequire) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -4676,18 +4905,22 @@ func (o AccessGroupRequireOutput) AuthContexts() AccessGroupRequireAuthContextAr return o.ApplyT(func(v AccessGroupRequire) []AccessGroupRequireAuthContext { return v.AuthContexts }).(AccessGroupRequireAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o AccessGroupRequireOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequire) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o AccessGroupRequireOutput) Azures() AccessGroupRequireAzureArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []AccessGroupRequireAzure { return v.Azures }).(AccessGroupRequireAzureArrayOutput) } +// Matches any valid client certificate. func (o AccessGroupRequireOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupRequire) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o AccessGroupRequireOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequire) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -4697,47 +4930,57 @@ func (o AccessGroupRequireOutput) CommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o AccessGroupRequireOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o AccessGroupRequireOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o AccessGroupRequireOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o AccessGroupRequireOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o AccessGroupRequireOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessGroupRequire) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o AccessGroupRequireOutput) ExternalEvaluation() AccessGroupRequireExternalEvaluationPtrOutput { return o.ApplyT(func(v AccessGroupRequire) *AccessGroupRequireExternalEvaluation { return v.ExternalEvaluation }).(AccessGroupRequireExternalEvaluationPtrOutput) } +// Matches a specific country. func (o AccessGroupRequireOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o AccessGroupRequireOutput) Githubs() AccessGroupRequireGithubArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []AccessGroupRequireGithub { return v.Githubs }).(AccessGroupRequireGithubArrayOutput) } +// The ID of a previously created Access group. func (o AccessGroupRequireOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o AccessGroupRequireOutput) Gsuites() AccessGroupRequireGsuiteArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []AccessGroupRequireGsuite { return v.Gsuites }).(AccessGroupRequireGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o AccessGroupRequireOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -4747,18 +4990,22 @@ func (o AccessGroupRequireOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o AccessGroupRequireOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o AccessGroupRequireOutput) Oktas() AccessGroupRequireOktaArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []AccessGroupRequireOkta { return v.Oktas }).(AccessGroupRequireOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o AccessGroupRequireOutput) Samls() AccessGroupRequireSamlArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []AccessGroupRequireSaml { return v.Samls }).(AccessGroupRequireSamlArrayOutput) } +// The ID of an Access service token. func (o AccessGroupRequireOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequire) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -4788,7 +5035,7 @@ type AccessGroupRequireAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -4808,7 +5055,7 @@ type AccessGroupRequireAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -4873,7 +5120,7 @@ func (o AccessGroupRequireAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v AccessGroupRequireAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessGroupRequireAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v AccessGroupRequireAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -4899,7 +5146,7 @@ func (o AccessGroupRequireAuthContextArrayOutput) Index(i pulumi.IntInput) Acces } type AccessGroupRequireAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -4917,7 +5164,7 @@ type AccessGroupRequireAzureInput interface { } type AccessGroupRequireAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -4974,7 +5221,7 @@ func (o AccessGroupRequireAzureOutput) ToAccessGroupRequireAzureOutputWithContex return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessGroupRequireAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -5005,8 +5252,10 @@ func (o AccessGroupRequireAzureArrayOutput) Index(i pulumi.IntInput) AccessGroup } type AccessGroupRequireExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // AccessGroupRequireExternalEvaluationInput is an input type that accepts AccessGroupRequireExternalEvaluationArgs and AccessGroupRequireExternalEvaluationOutput values. @@ -5021,8 +5270,10 @@ type AccessGroupRequireExternalEvaluationInput interface { } type AccessGroupRequireExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (AccessGroupRequireExternalEvaluationArgs) ElementType() reflect.Type { @@ -5102,10 +5353,12 @@ func (o AccessGroupRequireExternalEvaluationOutput) ToAccessGroupRequireExternal }).(AccessGroupRequireExternalEvaluationPtrOutput) } +// The API endpoint containing your business logic. func (o AccessGroupRequireExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessGroupRequireExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -5134,6 +5387,7 @@ func (o AccessGroupRequireExternalEvaluationPtrOutput) Elem() AccessGroupRequire }).(AccessGroupRequireExternalEvaluationOutput) } +// The API endpoint containing your business logic. func (o AccessGroupRequireExternalEvaluationPtrOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessGroupRequireExternalEvaluation) *string { if v == nil { @@ -5143,6 +5397,7 @@ func (o AccessGroupRequireExternalEvaluationPtrOutput) EvaluateUrl() pulumi.Stri }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessGroupRequireExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessGroupRequireExternalEvaluation) *string { if v == nil { @@ -5153,9 +5408,12 @@ func (o AccessGroupRequireExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPt } type AccessGroupRequireGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // AccessGroupRequireGithubInput is an input type that accepts AccessGroupRequireGithubArgs and AccessGroupRequireGithubOutput values. @@ -5170,9 +5428,12 @@ type AccessGroupRequireGithubInput interface { } type AccessGroupRequireGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (AccessGroupRequireGithubArgs) ElementType() reflect.Type { @@ -5226,14 +5487,17 @@ func (o AccessGroupRequireGithubOutput) ToAccessGroupRequireGithubOutputWithCont return o } +// The ID of your Github identity provider. func (o AccessGroupRequireGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o AccessGroupRequireGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o AccessGroupRequireGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequireGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -5259,8 +5523,10 @@ func (o AccessGroupRequireGithubArrayOutput) Index(i pulumi.IntInput) AccessGrou } type AccessGroupRequireGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // AccessGroupRequireGsuiteInput is an input type that accepts AccessGroupRequireGsuiteArgs and AccessGroupRequireGsuiteOutput values. @@ -5275,8 +5541,10 @@ type AccessGroupRequireGsuiteInput interface { } type AccessGroupRequireGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (AccessGroupRequireGsuiteArgs) ElementType() reflect.Type { @@ -5330,10 +5598,12 @@ func (o AccessGroupRequireGsuiteOutput) ToAccessGroupRequireGsuiteOutputWithCont return o } +// The email of the Google Workspace group. func (o AccessGroupRequireGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequireGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o AccessGroupRequireGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -5359,8 +5629,10 @@ func (o AccessGroupRequireGsuiteArrayOutput) Index(i pulumi.IntInput) AccessGrou } type AccessGroupRequireOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // AccessGroupRequireOktaInput is an input type that accepts AccessGroupRequireOktaArgs and AccessGroupRequireOktaOutput values. @@ -5375,8 +5647,10 @@ type AccessGroupRequireOktaInput interface { } type AccessGroupRequireOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (AccessGroupRequireOktaArgs) ElementType() reflect.Type { @@ -5430,10 +5704,12 @@ func (o AccessGroupRequireOktaOutput) ToAccessGroupRequireOktaOutputWithContext( return o } +// The ID of your Okta identity provider. func (o AccessGroupRequireOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o AccessGroupRequireOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessGroupRequireOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -5459,8 +5735,11 @@ func (o AccessGroupRequireOktaArrayOutput) Index(i pulumi.IntInput) AccessGroupR } type AccessGroupRequireSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -5476,8 +5755,11 @@ type AccessGroupRequireSamlInput interface { } type AccessGroupRequireSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -5532,14 +5814,17 @@ func (o AccessGroupRequireSamlOutput) ToAccessGroupRequireSamlOutputWithContext( return o } +// The name of the SAML attribute. func (o AccessGroupRequireSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o AccessGroupRequireSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o AccessGroupRequireSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessGroupRequireSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -6399,32 +6684,51 @@ func (o AccessPolicyApprovalGroupArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyExclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []AccessPolicyExcludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []AccessPolicyExcludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []AccessPolicyExcludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation *AccessPolicyExcludeExternalEvaluation `pulumi:"externalEvaluation"` - Geos []string `pulumi:"geos"` - Githubs []AccessPolicyExcludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []AccessPolicyExcludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []AccessPolicyExcludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []AccessPolicyExcludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []AccessPolicyExcludeOkta `pulumi:"oktas"` - Samls []AccessPolicyExcludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []AccessPolicyExcludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []AccessPolicyExcludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // AccessPolicyExcludeInput is an input type that accepts AccessPolicyExcludeArgs and AccessPolicyExcludeOutput values. @@ -6439,32 +6743,51 @@ type AccessPolicyExcludeInput interface { } type AccessPolicyExcludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts AccessPolicyExcludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures AccessPolicyExcludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures AccessPolicyExcludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation AccessPolicyExcludeExternalEvaluationPtrInput `pulumi:"externalEvaluation"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs AccessPolicyExcludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites AccessPolicyExcludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs AccessPolicyExcludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites AccessPolicyExcludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas AccessPolicyExcludeOktaArrayInput `pulumi:"oktas"` - Samls AccessPolicyExcludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas AccessPolicyExcludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls AccessPolicyExcludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (AccessPolicyExcludeArgs) ElementType() reflect.Type { @@ -6518,6 +6841,7 @@ func (o AccessPolicyExcludeOutput) ToAccessPolicyExcludeOutputWithContext(ctx co return o } +// Matches any valid Access service token. func (o AccessPolicyExcludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyExclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -6526,18 +6850,22 @@ func (o AccessPolicyExcludeOutput) AuthContexts() AccessPolicyExcludeAuthContext return o.ApplyT(func(v AccessPolicyExclude) []AccessPolicyExcludeAuthContext { return v.AuthContexts }).(AccessPolicyExcludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o AccessPolicyExcludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o AccessPolicyExcludeOutput) Azures() AccessPolicyExcludeAzureArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []AccessPolicyExcludeAzure { return v.Azures }).(AccessPolicyExcludeAzureArrayOutput) } +// Matches any valid client certificate. func (o AccessPolicyExcludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyExclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o AccessPolicyExcludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -6547,47 +6875,57 @@ func (o AccessPolicyExcludeOutput) CommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o AccessPolicyExcludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o AccessPolicyExcludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o AccessPolicyExcludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o AccessPolicyExcludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o AccessPolicyExcludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyExclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o AccessPolicyExcludeOutput) ExternalEvaluation() AccessPolicyExcludeExternalEvaluationPtrOutput { return o.ApplyT(func(v AccessPolicyExclude) *AccessPolicyExcludeExternalEvaluation { return v.ExternalEvaluation }).(AccessPolicyExcludeExternalEvaluationPtrOutput) } +// Matches a specific country. func (o AccessPolicyExcludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o AccessPolicyExcludeOutput) Githubs() AccessPolicyExcludeGithubArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []AccessPolicyExcludeGithub { return v.Githubs }).(AccessPolicyExcludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o AccessPolicyExcludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o AccessPolicyExcludeOutput) Gsuites() AccessPolicyExcludeGsuiteArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []AccessPolicyExcludeGsuite { return v.Gsuites }).(AccessPolicyExcludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o AccessPolicyExcludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -6597,18 +6935,22 @@ func (o AccessPolicyExcludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o AccessPolicyExcludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o AccessPolicyExcludeOutput) Oktas() AccessPolicyExcludeOktaArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []AccessPolicyExcludeOkta { return v.Oktas }).(AccessPolicyExcludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o AccessPolicyExcludeOutput) Samls() AccessPolicyExcludeSamlArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []AccessPolicyExcludeSaml { return v.Samls }).(AccessPolicyExcludeSamlArrayOutput) } +// The ID of an Access service token. func (o AccessPolicyExcludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -6638,7 +6980,7 @@ type AccessPolicyExcludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -6658,7 +7000,7 @@ type AccessPolicyExcludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -6723,7 +7065,7 @@ func (o AccessPolicyExcludeAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v AccessPolicyExcludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessPolicyExcludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v AccessPolicyExcludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -6749,7 +7091,7 @@ func (o AccessPolicyExcludeAuthContextArrayOutput) Index(i pulumi.IntInput) Acce } type AccessPolicyExcludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -6767,7 +7109,7 @@ type AccessPolicyExcludeAzureInput interface { } type AccessPolicyExcludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -6824,7 +7166,7 @@ func (o AccessPolicyExcludeAzureOutput) ToAccessPolicyExcludeAzureOutputWithCont return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessPolicyExcludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -6855,8 +7197,10 @@ func (o AccessPolicyExcludeAzureArrayOutput) Index(i pulumi.IntInput) AccessPoli } type AccessPolicyExcludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // AccessPolicyExcludeExternalEvaluationInput is an input type that accepts AccessPolicyExcludeExternalEvaluationArgs and AccessPolicyExcludeExternalEvaluationOutput values. @@ -6871,8 +7215,10 @@ type AccessPolicyExcludeExternalEvaluationInput interface { } type AccessPolicyExcludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (AccessPolicyExcludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -6952,10 +7298,12 @@ func (o AccessPolicyExcludeExternalEvaluationOutput) ToAccessPolicyExcludeExtern }).(AccessPolicyExcludeExternalEvaluationPtrOutput) } +// The API endpoint containing your business logic. func (o AccessPolicyExcludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessPolicyExcludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -6984,6 +7332,7 @@ func (o AccessPolicyExcludeExternalEvaluationPtrOutput) Elem() AccessPolicyExclu }).(AccessPolicyExcludeExternalEvaluationOutput) } +// The API endpoint containing your business logic. func (o AccessPolicyExcludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicyExcludeExternalEvaluation) *string { if v == nil { @@ -6993,6 +7342,7 @@ func (o AccessPolicyExcludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.Str }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessPolicyExcludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicyExcludeExternalEvaluation) *string { if v == nil { @@ -7003,9 +7353,12 @@ func (o AccessPolicyExcludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringP } type AccessPolicyExcludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // AccessPolicyExcludeGithubInput is an input type that accepts AccessPolicyExcludeGithubArgs and AccessPolicyExcludeGithubOutput values. @@ -7020,9 +7373,12 @@ type AccessPolicyExcludeGithubInput interface { } type AccessPolicyExcludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (AccessPolicyExcludeGithubArgs) ElementType() reflect.Type { @@ -7076,14 +7432,17 @@ func (o AccessPolicyExcludeGithubOutput) ToAccessPolicyExcludeGithubOutputWithCo return o } +// The ID of your Github identity provider. func (o AccessPolicyExcludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o AccessPolicyExcludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o AccessPolicyExcludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExcludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -7109,8 +7468,10 @@ func (o AccessPolicyExcludeGithubArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyExcludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // AccessPolicyExcludeGsuiteInput is an input type that accepts AccessPolicyExcludeGsuiteArgs and AccessPolicyExcludeGsuiteOutput values. @@ -7125,8 +7486,10 @@ type AccessPolicyExcludeGsuiteInput interface { } type AccessPolicyExcludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (AccessPolicyExcludeGsuiteArgs) ElementType() reflect.Type { @@ -7180,10 +7543,12 @@ func (o AccessPolicyExcludeGsuiteOutput) ToAccessPolicyExcludeGsuiteOutputWithCo return o } +// The email of the Google Workspace group. func (o AccessPolicyExcludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExcludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o AccessPolicyExcludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -7209,8 +7574,10 @@ func (o AccessPolicyExcludeGsuiteArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyExcludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // AccessPolicyExcludeOktaInput is an input type that accepts AccessPolicyExcludeOktaArgs and AccessPolicyExcludeOktaOutput values. @@ -7225,8 +7592,10 @@ type AccessPolicyExcludeOktaInput interface { } type AccessPolicyExcludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (AccessPolicyExcludeOktaArgs) ElementType() reflect.Type { @@ -7280,10 +7649,12 @@ func (o AccessPolicyExcludeOktaOutput) ToAccessPolicyExcludeOktaOutputWithContex return o } +// The ID of your Okta identity provider. func (o AccessPolicyExcludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o AccessPolicyExcludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyExcludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -7309,8 +7680,11 @@ func (o AccessPolicyExcludeOktaArrayOutput) Index(i pulumi.IntInput) AccessPolic } type AccessPolicyExcludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -7326,8 +7700,11 @@ type AccessPolicyExcludeSamlInput interface { } type AccessPolicyExcludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -7382,14 +7759,17 @@ func (o AccessPolicyExcludeSamlOutput) ToAccessPolicyExcludeSamlOutputWithContex return o } +// The name of the SAML attribute. func (o AccessPolicyExcludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o AccessPolicyExcludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o AccessPolicyExcludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyExcludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -7415,32 +7795,51 @@ func (o AccessPolicyExcludeSamlArrayOutput) Index(i pulumi.IntInput) AccessPolic } type AccessPolicyInclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []AccessPolicyIncludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []AccessPolicyIncludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []AccessPolicyIncludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation *AccessPolicyIncludeExternalEvaluation `pulumi:"externalEvaluation"` - Geos []string `pulumi:"geos"` - Githubs []AccessPolicyIncludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []AccessPolicyIncludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []AccessPolicyIncludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []AccessPolicyIncludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []AccessPolicyIncludeOkta `pulumi:"oktas"` - Samls []AccessPolicyIncludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []AccessPolicyIncludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []AccessPolicyIncludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // AccessPolicyIncludeInput is an input type that accepts AccessPolicyIncludeArgs and AccessPolicyIncludeOutput values. @@ -7455,32 +7854,51 @@ type AccessPolicyIncludeInput interface { } type AccessPolicyIncludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts AccessPolicyIncludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures AccessPolicyIncludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures AccessPolicyIncludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation AccessPolicyIncludeExternalEvaluationPtrInput `pulumi:"externalEvaluation"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs AccessPolicyIncludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites AccessPolicyIncludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs AccessPolicyIncludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites AccessPolicyIncludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas AccessPolicyIncludeOktaArrayInput `pulumi:"oktas"` - Samls AccessPolicyIncludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas AccessPolicyIncludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls AccessPolicyIncludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (AccessPolicyIncludeArgs) ElementType() reflect.Type { @@ -7534,6 +7952,7 @@ func (o AccessPolicyIncludeOutput) ToAccessPolicyIncludeOutputWithContext(ctx co return o } +// Matches any valid Access service token. func (o AccessPolicyIncludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyInclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -7542,18 +7961,22 @@ func (o AccessPolicyIncludeOutput) AuthContexts() AccessPolicyIncludeAuthContext return o.ApplyT(func(v AccessPolicyInclude) []AccessPolicyIncludeAuthContext { return v.AuthContexts }).(AccessPolicyIncludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o AccessPolicyIncludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyInclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o AccessPolicyIncludeOutput) Azures() AccessPolicyIncludeAzureArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []AccessPolicyIncludeAzure { return v.Azures }).(AccessPolicyIncludeAzureArrayOutput) } +// Matches any valid client certificate. func (o AccessPolicyIncludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyInclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o AccessPolicyIncludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyInclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -7563,47 +7986,57 @@ func (o AccessPolicyIncludeOutput) CommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o AccessPolicyIncludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o AccessPolicyIncludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o AccessPolicyIncludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o AccessPolicyIncludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o AccessPolicyIncludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyInclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o AccessPolicyIncludeOutput) ExternalEvaluation() AccessPolicyIncludeExternalEvaluationPtrOutput { return o.ApplyT(func(v AccessPolicyInclude) *AccessPolicyIncludeExternalEvaluation { return v.ExternalEvaluation }).(AccessPolicyIncludeExternalEvaluationPtrOutput) } +// Matches a specific country. func (o AccessPolicyIncludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o AccessPolicyIncludeOutput) Githubs() AccessPolicyIncludeGithubArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []AccessPolicyIncludeGithub { return v.Githubs }).(AccessPolicyIncludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o AccessPolicyIncludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o AccessPolicyIncludeOutput) Gsuites() AccessPolicyIncludeGsuiteArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []AccessPolicyIncludeGsuite { return v.Gsuites }).(AccessPolicyIncludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o AccessPolicyIncludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -7613,18 +8046,22 @@ func (o AccessPolicyIncludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o AccessPolicyIncludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o AccessPolicyIncludeOutput) Oktas() AccessPolicyIncludeOktaArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []AccessPolicyIncludeOkta { return v.Oktas }).(AccessPolicyIncludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o AccessPolicyIncludeOutput) Samls() AccessPolicyIncludeSamlArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []AccessPolicyIncludeSaml { return v.Samls }).(AccessPolicyIncludeSamlArrayOutput) } +// The ID of an Access service token. func (o AccessPolicyIncludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyInclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -7654,7 +8091,7 @@ type AccessPolicyIncludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -7674,7 +8111,7 @@ type AccessPolicyIncludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -7739,7 +8176,7 @@ func (o AccessPolicyIncludeAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v AccessPolicyIncludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessPolicyIncludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v AccessPolicyIncludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -7765,7 +8202,7 @@ func (o AccessPolicyIncludeAuthContextArrayOutput) Index(i pulumi.IntInput) Acce } type AccessPolicyIncludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -7783,7 +8220,7 @@ type AccessPolicyIncludeAzureInput interface { } type AccessPolicyIncludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -7840,7 +8277,7 @@ func (o AccessPolicyIncludeAzureOutput) ToAccessPolicyIncludeAzureOutputWithCont return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessPolicyIncludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -7871,8 +8308,10 @@ func (o AccessPolicyIncludeAzureArrayOutput) Index(i pulumi.IntInput) AccessPoli } type AccessPolicyIncludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // AccessPolicyIncludeExternalEvaluationInput is an input type that accepts AccessPolicyIncludeExternalEvaluationArgs and AccessPolicyIncludeExternalEvaluationOutput values. @@ -7887,8 +8326,10 @@ type AccessPolicyIncludeExternalEvaluationInput interface { } type AccessPolicyIncludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (AccessPolicyIncludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -7968,10 +8409,12 @@ func (o AccessPolicyIncludeExternalEvaluationOutput) ToAccessPolicyIncludeExtern }).(AccessPolicyIncludeExternalEvaluationPtrOutput) } +// The API endpoint containing your business logic. func (o AccessPolicyIncludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessPolicyIncludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -8000,6 +8443,7 @@ func (o AccessPolicyIncludeExternalEvaluationPtrOutput) Elem() AccessPolicyInclu }).(AccessPolicyIncludeExternalEvaluationOutput) } +// The API endpoint containing your business logic. func (o AccessPolicyIncludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicyIncludeExternalEvaluation) *string { if v == nil { @@ -8009,6 +8453,7 @@ func (o AccessPolicyIncludeExternalEvaluationPtrOutput) EvaluateUrl() pulumi.Str }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessPolicyIncludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicyIncludeExternalEvaluation) *string { if v == nil { @@ -8019,9 +8464,12 @@ func (o AccessPolicyIncludeExternalEvaluationPtrOutput) KeysUrl() pulumi.StringP } type AccessPolicyIncludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // AccessPolicyIncludeGithubInput is an input type that accepts AccessPolicyIncludeGithubArgs and AccessPolicyIncludeGithubOutput values. @@ -8036,9 +8484,12 @@ type AccessPolicyIncludeGithubInput interface { } type AccessPolicyIncludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (AccessPolicyIncludeGithubArgs) ElementType() reflect.Type { @@ -8092,14 +8543,17 @@ func (o AccessPolicyIncludeGithubOutput) ToAccessPolicyIncludeGithubOutputWithCo return o } +// The ID of your Github identity provider. func (o AccessPolicyIncludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o AccessPolicyIncludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o AccessPolicyIncludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyIncludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -8125,8 +8579,10 @@ func (o AccessPolicyIncludeGithubArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyIncludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // AccessPolicyIncludeGsuiteInput is an input type that accepts AccessPolicyIncludeGsuiteArgs and AccessPolicyIncludeGsuiteOutput values. @@ -8141,8 +8597,10 @@ type AccessPolicyIncludeGsuiteInput interface { } type AccessPolicyIncludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (AccessPolicyIncludeGsuiteArgs) ElementType() reflect.Type { @@ -8196,10 +8654,12 @@ func (o AccessPolicyIncludeGsuiteOutput) ToAccessPolicyIncludeGsuiteOutputWithCo return o } +// The email of the Google Workspace group. func (o AccessPolicyIncludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyIncludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o AccessPolicyIncludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -8225,8 +8685,10 @@ func (o AccessPolicyIncludeGsuiteArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyIncludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // AccessPolicyIncludeOktaInput is an input type that accepts AccessPolicyIncludeOktaArgs and AccessPolicyIncludeOktaOutput values. @@ -8241,8 +8703,10 @@ type AccessPolicyIncludeOktaInput interface { } type AccessPolicyIncludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (AccessPolicyIncludeOktaArgs) ElementType() reflect.Type { @@ -8296,10 +8760,12 @@ func (o AccessPolicyIncludeOktaOutput) ToAccessPolicyIncludeOktaOutputWithContex return o } +// The ID of your Okta identity provider. func (o AccessPolicyIncludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o AccessPolicyIncludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyIncludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -8325,8 +8791,11 @@ func (o AccessPolicyIncludeOktaArrayOutput) Index(i pulumi.IntInput) AccessPolic } type AccessPolicyIncludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -8342,8 +8811,11 @@ type AccessPolicyIncludeSamlInput interface { } type AccessPolicyIncludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -8398,14 +8870,17 @@ func (o AccessPolicyIncludeSamlOutput) ToAccessPolicyIncludeSamlOutputWithContex return o } +// The name of the SAML attribute. func (o AccessPolicyIncludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o AccessPolicyIncludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o AccessPolicyIncludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyIncludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -8431,32 +8906,51 @@ func (o AccessPolicyIncludeSamlArrayOutput) Index(i pulumi.IntInput) AccessPolic } type AccessPolicyRequire struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []AccessPolicyRequireAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []AccessPolicyRequireAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []AccessPolicyRequireAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation *AccessPolicyRequireExternalEvaluation `pulumi:"externalEvaluation"` - Geos []string `pulumi:"geos"` - Githubs []AccessPolicyRequireGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []AccessPolicyRequireGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []AccessPolicyRequireGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []AccessPolicyRequireGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []AccessPolicyRequireOkta `pulumi:"oktas"` - Samls []AccessPolicyRequireSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []AccessPolicyRequireOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []AccessPolicyRequireSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // AccessPolicyRequireInput is an input type that accepts AccessPolicyRequireArgs and AccessPolicyRequireOutput values. @@ -8471,32 +8965,51 @@ type AccessPolicyRequireInput interface { } type AccessPolicyRequireArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts AccessPolicyRequireAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures AccessPolicyRequireAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures AccessPolicyRequireAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluation AccessPolicyRequireExternalEvaluationPtrInput `pulumi:"externalEvaluation"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs AccessPolicyRequireGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites AccessPolicyRequireGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs AccessPolicyRequireGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites AccessPolicyRequireGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas AccessPolicyRequireOktaArrayInput `pulumi:"oktas"` - Samls AccessPolicyRequireSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas AccessPolicyRequireOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls AccessPolicyRequireSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (AccessPolicyRequireArgs) ElementType() reflect.Type { @@ -8550,6 +9063,7 @@ func (o AccessPolicyRequireOutput) ToAccessPolicyRequireOutputWithContext(ctx co return o } +// Matches any valid Access service token. func (o AccessPolicyRequireOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyRequire) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -8558,18 +9072,22 @@ func (o AccessPolicyRequireOutput) AuthContexts() AccessPolicyRequireAuthContext return o.ApplyT(func(v AccessPolicyRequire) []AccessPolicyRequireAuthContext { return v.AuthContexts }).(AccessPolicyRequireAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o AccessPolicyRequireOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequire) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o AccessPolicyRequireOutput) Azures() AccessPolicyRequireAzureArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []AccessPolicyRequireAzure { return v.Azures }).(AccessPolicyRequireAzureArrayOutput) } +// Matches any valid client certificate. func (o AccessPolicyRequireOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyRequire) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o AccessPolicyRequireOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequire) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -8579,47 +9097,57 @@ func (o AccessPolicyRequireOutput) CommonNames() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o AccessPolicyRequireOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o AccessPolicyRequireOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o AccessPolicyRequireOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o AccessPolicyRequireOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o AccessPolicyRequireOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v AccessPolicyRequire) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o AccessPolicyRequireOutput) ExternalEvaluation() AccessPolicyRequireExternalEvaluationPtrOutput { return o.ApplyT(func(v AccessPolicyRequire) *AccessPolicyRequireExternalEvaluation { return v.ExternalEvaluation }).(AccessPolicyRequireExternalEvaluationPtrOutput) } +// Matches a specific country. func (o AccessPolicyRequireOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o AccessPolicyRequireOutput) Githubs() AccessPolicyRequireGithubArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []AccessPolicyRequireGithub { return v.Githubs }).(AccessPolicyRequireGithubArrayOutput) } +// The ID of a previously created Access group. func (o AccessPolicyRequireOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o AccessPolicyRequireOutput) Gsuites() AccessPolicyRequireGsuiteArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []AccessPolicyRequireGsuite { return v.Gsuites }).(AccessPolicyRequireGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o AccessPolicyRequireOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -8629,18 +9157,22 @@ func (o AccessPolicyRequireOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o AccessPolicyRequireOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o AccessPolicyRequireOutput) Oktas() AccessPolicyRequireOktaArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []AccessPolicyRequireOkta { return v.Oktas }).(AccessPolicyRequireOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o AccessPolicyRequireOutput) Samls() AccessPolicyRequireSamlArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []AccessPolicyRequireSaml { return v.Samls }).(AccessPolicyRequireSamlArrayOutput) } +// The ID of an Access service token. func (o AccessPolicyRequireOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequire) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -8670,7 +9202,7 @@ type AccessPolicyRequireAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -8690,7 +9222,7 @@ type AccessPolicyRequireAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -8755,7 +9287,7 @@ func (o AccessPolicyRequireAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v AccessPolicyRequireAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessPolicyRequireAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v AccessPolicyRequireAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -8781,7 +9313,7 @@ func (o AccessPolicyRequireAuthContextArrayOutput) Index(i pulumi.IntInput) Acce } type AccessPolicyRequireAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -8799,7 +9331,7 @@ type AccessPolicyRequireAzureInput interface { } type AccessPolicyRequireAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -8856,7 +9388,7 @@ func (o AccessPolicyRequireAzureOutput) ToAccessPolicyRequireAzureOutputWithCont return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o AccessPolicyRequireAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -8887,8 +9419,10 @@ func (o AccessPolicyRequireAzureArrayOutput) Index(i pulumi.IntInput) AccessPoli } type AccessPolicyRequireExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // AccessPolicyRequireExternalEvaluationInput is an input type that accepts AccessPolicyRequireExternalEvaluationArgs and AccessPolicyRequireExternalEvaluationOutput values. @@ -8903,8 +9437,10 @@ type AccessPolicyRequireExternalEvaluationInput interface { } type AccessPolicyRequireExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (AccessPolicyRequireExternalEvaluationArgs) ElementType() reflect.Type { @@ -8984,10 +9520,12 @@ func (o AccessPolicyRequireExternalEvaluationOutput) ToAccessPolicyRequireExtern }).(AccessPolicyRequireExternalEvaluationPtrOutput) } +// The API endpoint containing your business logic. func (o AccessPolicyRequireExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessPolicyRequireExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -9016,6 +9554,7 @@ func (o AccessPolicyRequireExternalEvaluationPtrOutput) Elem() AccessPolicyRequi }).(AccessPolicyRequireExternalEvaluationOutput) } +// The API endpoint containing your business logic. func (o AccessPolicyRequireExternalEvaluationPtrOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicyRequireExternalEvaluation) *string { if v == nil { @@ -9025,6 +9564,7 @@ func (o AccessPolicyRequireExternalEvaluationPtrOutput) EvaluateUrl() pulumi.Str }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o AccessPolicyRequireExternalEvaluationPtrOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *AccessPolicyRequireExternalEvaluation) *string { if v == nil { @@ -9035,9 +9575,12 @@ func (o AccessPolicyRequireExternalEvaluationPtrOutput) KeysUrl() pulumi.StringP } type AccessPolicyRequireGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // AccessPolicyRequireGithubInput is an input type that accepts AccessPolicyRequireGithubArgs and AccessPolicyRequireGithubOutput values. @@ -9052,9 +9595,12 @@ type AccessPolicyRequireGithubInput interface { } type AccessPolicyRequireGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (AccessPolicyRequireGithubArgs) ElementType() reflect.Type { @@ -9108,14 +9654,17 @@ func (o AccessPolicyRequireGithubOutput) ToAccessPolicyRequireGithubOutputWithCo return o } +// The ID of your Github identity provider. func (o AccessPolicyRequireGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o AccessPolicyRequireGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o AccessPolicyRequireGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequireGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -9141,8 +9690,10 @@ func (o AccessPolicyRequireGithubArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyRequireGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // AccessPolicyRequireGsuiteInput is an input type that accepts AccessPolicyRequireGsuiteArgs and AccessPolicyRequireGsuiteOutput values. @@ -9157,8 +9708,10 @@ type AccessPolicyRequireGsuiteInput interface { } type AccessPolicyRequireGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (AccessPolicyRequireGsuiteArgs) ElementType() reflect.Type { @@ -9212,10 +9765,12 @@ func (o AccessPolicyRequireGsuiteOutput) ToAccessPolicyRequireGsuiteOutputWithCo return o } +// The email of the Google Workspace group. func (o AccessPolicyRequireGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequireGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o AccessPolicyRequireGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -9241,8 +9796,10 @@ func (o AccessPolicyRequireGsuiteArrayOutput) Index(i pulumi.IntInput) AccessPol } type AccessPolicyRequireOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // AccessPolicyRequireOktaInput is an input type that accepts AccessPolicyRequireOktaArgs and AccessPolicyRequireOktaOutput values. @@ -9257,8 +9814,10 @@ type AccessPolicyRequireOktaInput interface { } type AccessPolicyRequireOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (AccessPolicyRequireOktaArgs) ElementType() reflect.Type { @@ -9312,10 +9871,12 @@ func (o AccessPolicyRequireOktaOutput) ToAccessPolicyRequireOktaOutputWithContex return o } +// The ID of your Okta identity provider. func (o AccessPolicyRequireOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o AccessPolicyRequireOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPolicyRequireOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -9341,8 +9902,11 @@ func (o AccessPolicyRequireOktaArrayOutput) Index(i pulumi.IntInput) AccessPolic } type AccessPolicyRequireSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -9358,8 +9922,11 @@ type AccessPolicyRequireSamlInput interface { } type AccessPolicyRequireSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -9414,14 +9981,17 @@ func (o AccessPolicyRequireSamlOutput) ToAccessPolicyRequireSamlOutputWithContex return o } +// The name of the SAML attribute. func (o AccessPolicyRequireSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o AccessPolicyRequireSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o AccessPolicyRequireSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v AccessPolicyRequireSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -12198,7 +12768,7 @@ type DevicePostureRuleInputType struct { IssueCount *string `pulumi:"issueCount"` // The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. LastSeen *string `pulumi:"lastSeen"` - // List of locations to check for client certificate posture check. + // List of operating system locations to check for a client certificate.. Locations []DevicePostureRuleInputLocation `pulumi:"locations"` // The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. NetworkStatus *string `pulumi:"networkStatus"` @@ -12234,7 +12804,7 @@ type DevicePostureRuleInputType struct { TotalScore *int `pulumi:"totalScore"` // The operating system semantic version. Version *string `pulumi:"version"` - // The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + // The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. VersionOperator *string `pulumi:"versionOperator"` } @@ -12286,7 +12856,7 @@ type DevicePostureRuleInputTypeArgs struct { IssueCount pulumi.StringPtrInput `pulumi:"issueCount"` // The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. LastSeen pulumi.StringPtrInput `pulumi:"lastSeen"` - // List of locations to check for client certificate posture check. + // List of operating system locations to check for a client certificate.. Locations DevicePostureRuleInputLocationArrayInput `pulumi:"locations"` // The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. NetworkStatus pulumi.StringPtrInput `pulumi:"networkStatus"` @@ -12322,7 +12892,7 @@ type DevicePostureRuleInputTypeArgs struct { TotalScore pulumi.IntPtrInput `pulumi:"totalScore"` // The operating system semantic version. Version pulumi.StringPtrInput `pulumi:"version"` - // The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + // The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. VersionOperator pulumi.StringPtrInput `pulumi:"versionOperator"` } @@ -12467,7 +13037,7 @@ func (o DevicePostureRuleInputTypeOutput) LastSeen() pulumi.StringPtrOutput { return o.ApplyT(func(v DevicePostureRuleInputType) *string { return v.LastSeen }).(pulumi.StringPtrOutput) } -// List of locations to check for client certificate posture check. +// List of operating system locations to check for a client certificate.. func (o DevicePostureRuleInputTypeOutput) Locations() DevicePostureRuleInputLocationArrayOutput { return o.ApplyT(func(v DevicePostureRuleInputType) []DevicePostureRuleInputLocation { return v.Locations }).(DevicePostureRuleInputLocationArrayOutput) } @@ -12557,7 +13127,7 @@ func (o DevicePostureRuleInputTypeOutput) Version() pulumi.StringPtrOutput { return o.ApplyT(func(v DevicePostureRuleInputType) *string { return v.Version }).(pulumi.StringPtrOutput) } -// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. +// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. func (o DevicePostureRuleInputTypeOutput) VersionOperator() pulumi.StringPtrOutput { return o.ApplyT(func(v DevicePostureRuleInputType) *string { return v.VersionOperator }).(pulumi.StringPtrOutput) } @@ -12583,9 +13153,9 @@ func (o DevicePostureRuleInputTypeArrayOutput) Index(i pulumi.IntInput) DevicePo } type DevicePostureRuleInputLocation struct { - // List of paths to check for client certificate. + // List of paths to check for client certificate rule. Paths []string `pulumi:"paths"` - // List of trust stores to check for client certificate. Available values: `system`, `user`. + // List of trust stores to check for client certificate rule. Available values: `system`, `user`. TrustStores []string `pulumi:"trustStores"` } @@ -12601,9 +13171,9 @@ type DevicePostureRuleInputLocationInput interface { } type DevicePostureRuleInputLocationArgs struct { - // List of paths to check for client certificate. + // List of paths to check for client certificate rule. Paths pulumi.StringArrayInput `pulumi:"paths"` - // List of trust stores to check for client certificate. Available values: `system`, `user`. + // List of trust stores to check for client certificate rule. Available values: `system`, `user`. TrustStores pulumi.StringArrayInput `pulumi:"trustStores"` } @@ -12658,12 +13228,12 @@ func (o DevicePostureRuleInputLocationOutput) ToDevicePostureRuleInputLocationOu return o } -// List of paths to check for client certificate. +// List of paths to check for client certificate rule. func (o DevicePostureRuleInputLocationOutput) Paths() pulumi.StringArrayOutput { return o.ApplyT(func(v DevicePostureRuleInputLocation) []string { return v.Paths }).(pulumi.StringArrayOutput) } -// List of trust stores to check for client certificate. Available values: `system`, `user`. +// List of trust stores to check for client certificate rule. Available values: `system`, `user`. func (o DevicePostureRuleInputLocationOutput) TrustStores() pulumi.StringArrayOutput { return o.ApplyT(func(v DevicePostureRuleInputLocation) []string { return v.TrustStores }).(pulumi.StringArrayOutput) } @@ -26098,6 +26668,8 @@ type RulesetRuleActionParameters struct { Cache *bool `pulumi:"cache"` // List of cache key parameters to apply to the request. CacheKey *RulesetRuleActionParametersCacheKey `pulumi:"cacheKey"` + // List of cache reserve parameters to apply to the request. + CacheReserve *RulesetRuleActionParametersCacheReserve `pulumi:"cacheReserve"` // Content of the custom error response. Content *string `pulumi:"content"` // Content-Type of the custom error response. @@ -26217,6 +26789,8 @@ type RulesetRuleActionParametersArgs struct { Cache pulumi.BoolPtrInput `pulumi:"cache"` // List of cache key parameters to apply to the request. CacheKey RulesetRuleActionParametersCacheKeyPtrInput `pulumi:"cacheKey"` + // List of cache reserve parameters to apply to the request. + CacheReserve RulesetRuleActionParametersCacheReservePtrInput `pulumi:"cacheReserve"` // Content of the custom error response. Content pulumi.StringPtrInput `pulumi:"content"` // Content-Type of the custom error response. @@ -26425,6 +26999,11 @@ func (o RulesetRuleActionParametersOutput) CacheKey() RulesetRuleActionParameter return o.ApplyT(func(v RulesetRuleActionParameters) *RulesetRuleActionParametersCacheKey { return v.CacheKey }).(RulesetRuleActionParametersCacheKeyPtrOutput) } +// List of cache reserve parameters to apply to the request. +func (o RulesetRuleActionParametersOutput) CacheReserve() RulesetRuleActionParametersCacheReservePtrOutput { + return o.ApplyT(func(v RulesetRuleActionParameters) *RulesetRuleActionParametersCacheReserve { return v.CacheReserve }).(RulesetRuleActionParametersCacheReservePtrOutput) +} + // Content of the custom error response. func (o RulesetRuleActionParametersOutput) Content() pulumi.StringPtrOutput { return o.ApplyT(func(v RulesetRuleActionParameters) *string { return v.Content }).(pulumi.StringPtrOutput) @@ -26753,6 +27332,16 @@ func (o RulesetRuleActionParametersPtrOutput) CacheKey() RulesetRuleActionParame }).(RulesetRuleActionParametersCacheKeyPtrOutput) } +// List of cache reserve parameters to apply to the request. +func (o RulesetRuleActionParametersPtrOutput) CacheReserve() RulesetRuleActionParametersCacheReservePtrOutput { + return o.ApplyT(func(v *RulesetRuleActionParameters) *RulesetRuleActionParametersCacheReserve { + if v == nil { + return nil + } + return v.CacheReserve + }).(RulesetRuleActionParametersCacheReservePtrOutput) +} + // Content of the custom error response. func (o RulesetRuleActionParametersPtrOutput) Content() pulumi.StringPtrOutput { return o.ApplyT(func(v *RulesetRuleActionParameters) *string { @@ -28807,6 +29396,162 @@ func (o RulesetRuleActionParametersCacheKeyCustomKeyUserPtrOutput) Lang() pulumi }).(pulumi.BoolPtrOutput) } +type RulesetRuleActionParametersCacheReserve struct { + // Determines whether Cloudflare will write the eligible resource to cache reserve. + Eligible bool `pulumi:"eligible"` + // The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + MinimumFileSize *int `pulumi:"minimumFileSize"` +} + +// RulesetRuleActionParametersCacheReserveInput is an input type that accepts RulesetRuleActionParametersCacheReserveArgs and RulesetRuleActionParametersCacheReserveOutput values. +// You can construct a concrete instance of `RulesetRuleActionParametersCacheReserveInput` via: +// +// RulesetRuleActionParametersCacheReserveArgs{...} +type RulesetRuleActionParametersCacheReserveInput interface { + pulumi.Input + + ToRulesetRuleActionParametersCacheReserveOutput() RulesetRuleActionParametersCacheReserveOutput + ToRulesetRuleActionParametersCacheReserveOutputWithContext(context.Context) RulesetRuleActionParametersCacheReserveOutput +} + +type RulesetRuleActionParametersCacheReserveArgs struct { + // Determines whether Cloudflare will write the eligible resource to cache reserve. + Eligible pulumi.BoolInput `pulumi:"eligible"` + // The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + MinimumFileSize pulumi.IntPtrInput `pulumi:"minimumFileSize"` +} + +func (RulesetRuleActionParametersCacheReserveArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (i RulesetRuleActionParametersCacheReserveArgs) ToRulesetRuleActionParametersCacheReserveOutput() RulesetRuleActionParametersCacheReserveOutput { + return i.ToRulesetRuleActionParametersCacheReserveOutputWithContext(context.Background()) +} + +func (i RulesetRuleActionParametersCacheReserveArgs) ToRulesetRuleActionParametersCacheReserveOutputWithContext(ctx context.Context) RulesetRuleActionParametersCacheReserveOutput { + return pulumi.ToOutputWithContext(ctx, i).(RulesetRuleActionParametersCacheReserveOutput) +} + +func (i RulesetRuleActionParametersCacheReserveArgs) ToRulesetRuleActionParametersCacheReservePtrOutput() RulesetRuleActionParametersCacheReservePtrOutput { + return i.ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Background()) +} + +func (i RulesetRuleActionParametersCacheReserveArgs) ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) RulesetRuleActionParametersCacheReservePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RulesetRuleActionParametersCacheReserveOutput).ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx) +} + +// RulesetRuleActionParametersCacheReservePtrInput is an input type that accepts RulesetRuleActionParametersCacheReserveArgs, RulesetRuleActionParametersCacheReservePtr and RulesetRuleActionParametersCacheReservePtrOutput values. +// You can construct a concrete instance of `RulesetRuleActionParametersCacheReservePtrInput` via: +// +// RulesetRuleActionParametersCacheReserveArgs{...} +// +// or: +// +// nil +type RulesetRuleActionParametersCacheReservePtrInput interface { + pulumi.Input + + ToRulesetRuleActionParametersCacheReservePtrOutput() RulesetRuleActionParametersCacheReservePtrOutput + ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Context) RulesetRuleActionParametersCacheReservePtrOutput +} + +type rulesetRuleActionParametersCacheReservePtrType RulesetRuleActionParametersCacheReserveArgs + +func RulesetRuleActionParametersCacheReservePtr(v *RulesetRuleActionParametersCacheReserveArgs) RulesetRuleActionParametersCacheReservePtrInput { + return (*rulesetRuleActionParametersCacheReservePtrType)(v) +} + +func (*rulesetRuleActionParametersCacheReservePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**RulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (i *rulesetRuleActionParametersCacheReservePtrType) ToRulesetRuleActionParametersCacheReservePtrOutput() RulesetRuleActionParametersCacheReservePtrOutput { + return i.ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Background()) +} + +func (i *rulesetRuleActionParametersCacheReservePtrType) ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) RulesetRuleActionParametersCacheReservePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RulesetRuleActionParametersCacheReservePtrOutput) +} + +type RulesetRuleActionParametersCacheReserveOutput struct{ *pulumi.OutputState } + +func (RulesetRuleActionParametersCacheReserveOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (o RulesetRuleActionParametersCacheReserveOutput) ToRulesetRuleActionParametersCacheReserveOutput() RulesetRuleActionParametersCacheReserveOutput { + return o +} + +func (o RulesetRuleActionParametersCacheReserveOutput) ToRulesetRuleActionParametersCacheReserveOutputWithContext(ctx context.Context) RulesetRuleActionParametersCacheReserveOutput { + return o +} + +func (o RulesetRuleActionParametersCacheReserveOutput) ToRulesetRuleActionParametersCacheReservePtrOutput() RulesetRuleActionParametersCacheReservePtrOutput { + return o.ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Background()) +} + +func (o RulesetRuleActionParametersCacheReserveOutput) ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) RulesetRuleActionParametersCacheReservePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v RulesetRuleActionParametersCacheReserve) *RulesetRuleActionParametersCacheReserve { + return &v + }).(RulesetRuleActionParametersCacheReservePtrOutput) +} + +// Determines whether Cloudflare will write the eligible resource to cache reserve. +func (o RulesetRuleActionParametersCacheReserveOutput) Eligible() pulumi.BoolOutput { + return o.ApplyT(func(v RulesetRuleActionParametersCacheReserve) bool { return v.Eligible }).(pulumi.BoolOutput) +} + +// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. +func (o RulesetRuleActionParametersCacheReserveOutput) MinimumFileSize() pulumi.IntPtrOutput { + return o.ApplyT(func(v RulesetRuleActionParametersCacheReserve) *int { return v.MinimumFileSize }).(pulumi.IntPtrOutput) +} + +type RulesetRuleActionParametersCacheReservePtrOutput struct{ *pulumi.OutputState } + +func (RulesetRuleActionParametersCacheReservePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (o RulesetRuleActionParametersCacheReservePtrOutput) ToRulesetRuleActionParametersCacheReservePtrOutput() RulesetRuleActionParametersCacheReservePtrOutput { + return o +} + +func (o RulesetRuleActionParametersCacheReservePtrOutput) ToRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) RulesetRuleActionParametersCacheReservePtrOutput { + return o +} + +func (o RulesetRuleActionParametersCacheReservePtrOutput) Elem() RulesetRuleActionParametersCacheReserveOutput { + return o.ApplyT(func(v *RulesetRuleActionParametersCacheReserve) RulesetRuleActionParametersCacheReserve { + if v != nil { + return *v + } + var ret RulesetRuleActionParametersCacheReserve + return ret + }).(RulesetRuleActionParametersCacheReserveOutput) +} + +// Determines whether Cloudflare will write the eligible resource to cache reserve. +func (o RulesetRuleActionParametersCacheReservePtrOutput) Eligible() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *RulesetRuleActionParametersCacheReserve) *bool { + if v == nil { + return nil + } + return &v.Eligible + }).(pulumi.BoolPtrOutput) +} + +// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. +func (o RulesetRuleActionParametersCacheReservePtrOutput) MinimumFileSize() pulumi.IntPtrOutput { + return o.ApplyT(func(v *RulesetRuleActionParametersCacheReserve) *int { + if v == nil { + return nil + } + return v.MinimumFileSize + }).(pulumi.IntPtrOutput) +} + type RulesetRuleActionParametersEdgeTtl struct { // Default edge TTL. Default *int `pulumi:"default"` @@ -33530,6 +34275,143 @@ func (o TeamsAccountBodyScanningPtrOutput) InspectionMode() pulumi.StringPtrOutp }).(pulumi.StringPtrOutput) } +type TeamsAccountCertificate struct { + // ID of certificate for TLS interception. + Id string `pulumi:"id"` +} + +// TeamsAccountCertificateInput is an input type that accepts TeamsAccountCertificateArgs and TeamsAccountCertificateOutput values. +// You can construct a concrete instance of `TeamsAccountCertificateInput` via: +// +// TeamsAccountCertificateArgs{...} +type TeamsAccountCertificateInput interface { + pulumi.Input + + ToTeamsAccountCertificateOutput() TeamsAccountCertificateOutput + ToTeamsAccountCertificateOutputWithContext(context.Context) TeamsAccountCertificateOutput +} + +type TeamsAccountCertificateArgs struct { + // ID of certificate for TLS interception. + Id pulumi.StringInput `pulumi:"id"` +} + +func (TeamsAccountCertificateArgs) ElementType() reflect.Type { + return reflect.TypeOf((*TeamsAccountCertificate)(nil)).Elem() +} + +func (i TeamsAccountCertificateArgs) ToTeamsAccountCertificateOutput() TeamsAccountCertificateOutput { + return i.ToTeamsAccountCertificateOutputWithContext(context.Background()) +} + +func (i TeamsAccountCertificateArgs) ToTeamsAccountCertificateOutputWithContext(ctx context.Context) TeamsAccountCertificateOutput { + return pulumi.ToOutputWithContext(ctx, i).(TeamsAccountCertificateOutput) +} + +func (i TeamsAccountCertificateArgs) ToTeamsAccountCertificatePtrOutput() TeamsAccountCertificatePtrOutput { + return i.ToTeamsAccountCertificatePtrOutputWithContext(context.Background()) +} + +func (i TeamsAccountCertificateArgs) ToTeamsAccountCertificatePtrOutputWithContext(ctx context.Context) TeamsAccountCertificatePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TeamsAccountCertificateOutput).ToTeamsAccountCertificatePtrOutputWithContext(ctx) +} + +// TeamsAccountCertificatePtrInput is an input type that accepts TeamsAccountCertificateArgs, TeamsAccountCertificatePtr and TeamsAccountCertificatePtrOutput values. +// You can construct a concrete instance of `TeamsAccountCertificatePtrInput` via: +// +// TeamsAccountCertificateArgs{...} +// +// or: +// +// nil +type TeamsAccountCertificatePtrInput interface { + pulumi.Input + + ToTeamsAccountCertificatePtrOutput() TeamsAccountCertificatePtrOutput + ToTeamsAccountCertificatePtrOutputWithContext(context.Context) TeamsAccountCertificatePtrOutput +} + +type teamsAccountCertificatePtrType TeamsAccountCertificateArgs + +func TeamsAccountCertificatePtr(v *TeamsAccountCertificateArgs) TeamsAccountCertificatePtrInput { + return (*teamsAccountCertificatePtrType)(v) +} + +func (*teamsAccountCertificatePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**TeamsAccountCertificate)(nil)).Elem() +} + +func (i *teamsAccountCertificatePtrType) ToTeamsAccountCertificatePtrOutput() TeamsAccountCertificatePtrOutput { + return i.ToTeamsAccountCertificatePtrOutputWithContext(context.Background()) +} + +func (i *teamsAccountCertificatePtrType) ToTeamsAccountCertificatePtrOutputWithContext(ctx context.Context) TeamsAccountCertificatePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TeamsAccountCertificatePtrOutput) +} + +type TeamsAccountCertificateOutput struct{ *pulumi.OutputState } + +func (TeamsAccountCertificateOutput) ElementType() reflect.Type { + return reflect.TypeOf((*TeamsAccountCertificate)(nil)).Elem() +} + +func (o TeamsAccountCertificateOutput) ToTeamsAccountCertificateOutput() TeamsAccountCertificateOutput { + return o +} + +func (o TeamsAccountCertificateOutput) ToTeamsAccountCertificateOutputWithContext(ctx context.Context) TeamsAccountCertificateOutput { + return o +} + +func (o TeamsAccountCertificateOutput) ToTeamsAccountCertificatePtrOutput() TeamsAccountCertificatePtrOutput { + return o.ToTeamsAccountCertificatePtrOutputWithContext(context.Background()) +} + +func (o TeamsAccountCertificateOutput) ToTeamsAccountCertificatePtrOutputWithContext(ctx context.Context) TeamsAccountCertificatePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v TeamsAccountCertificate) *TeamsAccountCertificate { + return &v + }).(TeamsAccountCertificatePtrOutput) +} + +// ID of certificate for TLS interception. +func (o TeamsAccountCertificateOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v TeamsAccountCertificate) string { return v.Id }).(pulumi.StringOutput) +} + +type TeamsAccountCertificatePtrOutput struct{ *pulumi.OutputState } + +func (TeamsAccountCertificatePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**TeamsAccountCertificate)(nil)).Elem() +} + +func (o TeamsAccountCertificatePtrOutput) ToTeamsAccountCertificatePtrOutput() TeamsAccountCertificatePtrOutput { + return o +} + +func (o TeamsAccountCertificatePtrOutput) ToTeamsAccountCertificatePtrOutputWithContext(ctx context.Context) TeamsAccountCertificatePtrOutput { + return o +} + +func (o TeamsAccountCertificatePtrOutput) Elem() TeamsAccountCertificateOutput { + return o.ApplyT(func(v *TeamsAccountCertificate) TeamsAccountCertificate { + if v != nil { + return *v + } + var ret TeamsAccountCertificate + return ret + }).(TeamsAccountCertificateOutput) +} + +// ID of certificate for TLS interception. +func (o TeamsAccountCertificatePtrOutput) Id() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TeamsAccountCertificate) *string { + if v == nil { + return nil + } + return &v.Id + }).(pulumi.StringPtrOutput) +} + type TeamsAccountCustomCertificate struct { // Whether TLS encryption should use a custom certificate. Enabled bool `pulumi:"enabled"` @@ -34900,7 +35782,7 @@ func (o TeamsAccountPayloadLogPtrOutput) PublicKey() pulumi.StringPtrOutput { } type TeamsAccountProxy struct { - // Sets the time limit in seconds that a user can use an override code to bypass WARP + // Sets the time limit in seconds that a user can use an override code to bypass WARP. DisableForTime int `pulumi:"disableForTime"` // Whether root ca is enabled account wide for ZT clients. RootCa bool `pulumi:"rootCa"` @@ -34924,7 +35806,7 @@ type TeamsAccountProxyInput interface { } type TeamsAccountProxyArgs struct { - // Sets the time limit in seconds that a user can use an override code to bypass WARP + // Sets the time limit in seconds that a user can use an override code to bypass WARP. DisableForTime pulumi.IntInput `pulumi:"disableForTime"` // Whether root ca is enabled account wide for ZT clients. RootCa pulumi.BoolInput `pulumi:"rootCa"` @@ -35013,7 +35895,7 @@ func (o TeamsAccountProxyOutput) ToTeamsAccountProxyPtrOutputWithContext(ctx con }).(TeamsAccountProxyPtrOutput) } -// Sets the time limit in seconds that a user can use an override code to bypass WARP +// Sets the time limit in seconds that a user can use an override code to bypass WARP. func (o TeamsAccountProxyOutput) DisableForTime() pulumi.IntOutput { return o.ApplyT(func(v TeamsAccountProxy) int { return v.DisableForTime }).(pulumi.IntOutput) } @@ -35062,7 +35944,7 @@ func (o TeamsAccountProxyPtrOutput) Elem() TeamsAccountProxyOutput { }).(TeamsAccountProxyOutput) } -// Sets the time limit in seconds that a user can use an override code to bypass WARP +// Sets the time limit in seconds that a user can use an override code to bypass WARP. func (o TeamsAccountProxyPtrOutput) DisableForTime() pulumi.IntPtrOutput { return o.ApplyT(func(v *TeamsAccountProxy) *int { if v == nil { @@ -40215,6 +41097,112 @@ func (o WorkerScriptD1DatabaseBindingArrayOutput) Index(i pulumi.IntInput) Worke }).(WorkerScriptD1DatabaseBindingOutput) } +type WorkerScriptHyperdriveConfigBinding struct { + // The global variable for the binding in your Worker code. + Binding string `pulumi:"binding"` + // The ID of the Hyperdrive config to use. + Id string `pulumi:"id"` +} + +// WorkerScriptHyperdriveConfigBindingInput is an input type that accepts WorkerScriptHyperdriveConfigBindingArgs and WorkerScriptHyperdriveConfigBindingOutput values. +// You can construct a concrete instance of `WorkerScriptHyperdriveConfigBindingInput` via: +// +// WorkerScriptHyperdriveConfigBindingArgs{...} +type WorkerScriptHyperdriveConfigBindingInput interface { + pulumi.Input + + ToWorkerScriptHyperdriveConfigBindingOutput() WorkerScriptHyperdriveConfigBindingOutput + ToWorkerScriptHyperdriveConfigBindingOutputWithContext(context.Context) WorkerScriptHyperdriveConfigBindingOutput +} + +type WorkerScriptHyperdriveConfigBindingArgs struct { + // The global variable for the binding in your Worker code. + Binding pulumi.StringInput `pulumi:"binding"` + // The ID of the Hyperdrive config to use. + Id pulumi.StringInput `pulumi:"id"` +} + +func (WorkerScriptHyperdriveConfigBindingArgs) ElementType() reflect.Type { + return reflect.TypeOf((*WorkerScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (i WorkerScriptHyperdriveConfigBindingArgs) ToWorkerScriptHyperdriveConfigBindingOutput() WorkerScriptHyperdriveConfigBindingOutput { + return i.ToWorkerScriptHyperdriveConfigBindingOutputWithContext(context.Background()) +} + +func (i WorkerScriptHyperdriveConfigBindingArgs) ToWorkerScriptHyperdriveConfigBindingOutputWithContext(ctx context.Context) WorkerScriptHyperdriveConfigBindingOutput { + return pulumi.ToOutputWithContext(ctx, i).(WorkerScriptHyperdriveConfigBindingOutput) +} + +// WorkerScriptHyperdriveConfigBindingArrayInput is an input type that accepts WorkerScriptHyperdriveConfigBindingArray and WorkerScriptHyperdriveConfigBindingArrayOutput values. +// You can construct a concrete instance of `WorkerScriptHyperdriveConfigBindingArrayInput` via: +// +// WorkerScriptHyperdriveConfigBindingArray{ WorkerScriptHyperdriveConfigBindingArgs{...} } +type WorkerScriptHyperdriveConfigBindingArrayInput interface { + pulumi.Input + + ToWorkerScriptHyperdriveConfigBindingArrayOutput() WorkerScriptHyperdriveConfigBindingArrayOutput + ToWorkerScriptHyperdriveConfigBindingArrayOutputWithContext(context.Context) WorkerScriptHyperdriveConfigBindingArrayOutput +} + +type WorkerScriptHyperdriveConfigBindingArray []WorkerScriptHyperdriveConfigBindingInput + +func (WorkerScriptHyperdriveConfigBindingArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]WorkerScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (i WorkerScriptHyperdriveConfigBindingArray) ToWorkerScriptHyperdriveConfigBindingArrayOutput() WorkerScriptHyperdriveConfigBindingArrayOutput { + return i.ToWorkerScriptHyperdriveConfigBindingArrayOutputWithContext(context.Background()) +} + +func (i WorkerScriptHyperdriveConfigBindingArray) ToWorkerScriptHyperdriveConfigBindingArrayOutputWithContext(ctx context.Context) WorkerScriptHyperdriveConfigBindingArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(WorkerScriptHyperdriveConfigBindingArrayOutput) +} + +type WorkerScriptHyperdriveConfigBindingOutput struct{ *pulumi.OutputState } + +func (WorkerScriptHyperdriveConfigBindingOutput) ElementType() reflect.Type { + return reflect.TypeOf((*WorkerScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (o WorkerScriptHyperdriveConfigBindingOutput) ToWorkerScriptHyperdriveConfigBindingOutput() WorkerScriptHyperdriveConfigBindingOutput { + return o +} + +func (o WorkerScriptHyperdriveConfigBindingOutput) ToWorkerScriptHyperdriveConfigBindingOutputWithContext(ctx context.Context) WorkerScriptHyperdriveConfigBindingOutput { + return o +} + +// The global variable for the binding in your Worker code. +func (o WorkerScriptHyperdriveConfigBindingOutput) Binding() pulumi.StringOutput { + return o.ApplyT(func(v WorkerScriptHyperdriveConfigBinding) string { return v.Binding }).(pulumi.StringOutput) +} + +// The ID of the Hyperdrive config to use. +func (o WorkerScriptHyperdriveConfigBindingOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v WorkerScriptHyperdriveConfigBinding) string { return v.Id }).(pulumi.StringOutput) +} + +type WorkerScriptHyperdriveConfigBindingArrayOutput struct{ *pulumi.OutputState } + +func (WorkerScriptHyperdriveConfigBindingArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]WorkerScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (o WorkerScriptHyperdriveConfigBindingArrayOutput) ToWorkerScriptHyperdriveConfigBindingArrayOutput() WorkerScriptHyperdriveConfigBindingArrayOutput { + return o +} + +func (o WorkerScriptHyperdriveConfigBindingArrayOutput) ToWorkerScriptHyperdriveConfigBindingArrayOutputWithContext(ctx context.Context) WorkerScriptHyperdriveConfigBindingArrayOutput { + return o +} + +func (o WorkerScriptHyperdriveConfigBindingArrayOutput) Index(i pulumi.IntInput) WorkerScriptHyperdriveConfigBindingOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) WorkerScriptHyperdriveConfigBinding { + return vs[0].([]WorkerScriptHyperdriveConfigBinding)[vs[1].(int)] + }).(WorkerScriptHyperdriveConfigBindingOutput) +} + type WorkerScriptKvNamespaceBinding struct { // The global variable for the binding in your Worker code. Name string `pulumi:"name"` @@ -41275,6 +42263,112 @@ func (o WorkersScriptD1DatabaseBindingArrayOutput) Index(i pulumi.IntInput) Work }).(WorkersScriptD1DatabaseBindingOutput) } +type WorkersScriptHyperdriveConfigBinding struct { + // The global variable for the binding in your Worker code. + Binding string `pulumi:"binding"` + // The ID of the Hyperdrive config to use. + Id string `pulumi:"id"` +} + +// WorkersScriptHyperdriveConfigBindingInput is an input type that accepts WorkersScriptHyperdriveConfigBindingArgs and WorkersScriptHyperdriveConfigBindingOutput values. +// You can construct a concrete instance of `WorkersScriptHyperdriveConfigBindingInput` via: +// +// WorkersScriptHyperdriveConfigBindingArgs{...} +type WorkersScriptHyperdriveConfigBindingInput interface { + pulumi.Input + + ToWorkersScriptHyperdriveConfigBindingOutput() WorkersScriptHyperdriveConfigBindingOutput + ToWorkersScriptHyperdriveConfigBindingOutputWithContext(context.Context) WorkersScriptHyperdriveConfigBindingOutput +} + +type WorkersScriptHyperdriveConfigBindingArgs struct { + // The global variable for the binding in your Worker code. + Binding pulumi.StringInput `pulumi:"binding"` + // The ID of the Hyperdrive config to use. + Id pulumi.StringInput `pulumi:"id"` +} + +func (WorkersScriptHyperdriveConfigBindingArgs) ElementType() reflect.Type { + return reflect.TypeOf((*WorkersScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (i WorkersScriptHyperdriveConfigBindingArgs) ToWorkersScriptHyperdriveConfigBindingOutput() WorkersScriptHyperdriveConfigBindingOutput { + return i.ToWorkersScriptHyperdriveConfigBindingOutputWithContext(context.Background()) +} + +func (i WorkersScriptHyperdriveConfigBindingArgs) ToWorkersScriptHyperdriveConfigBindingOutputWithContext(ctx context.Context) WorkersScriptHyperdriveConfigBindingOutput { + return pulumi.ToOutputWithContext(ctx, i).(WorkersScriptHyperdriveConfigBindingOutput) +} + +// WorkersScriptHyperdriveConfigBindingArrayInput is an input type that accepts WorkersScriptHyperdriveConfigBindingArray and WorkersScriptHyperdriveConfigBindingArrayOutput values. +// You can construct a concrete instance of `WorkersScriptHyperdriveConfigBindingArrayInput` via: +// +// WorkersScriptHyperdriveConfigBindingArray{ WorkersScriptHyperdriveConfigBindingArgs{...} } +type WorkersScriptHyperdriveConfigBindingArrayInput interface { + pulumi.Input + + ToWorkersScriptHyperdriveConfigBindingArrayOutput() WorkersScriptHyperdriveConfigBindingArrayOutput + ToWorkersScriptHyperdriveConfigBindingArrayOutputWithContext(context.Context) WorkersScriptHyperdriveConfigBindingArrayOutput +} + +type WorkersScriptHyperdriveConfigBindingArray []WorkersScriptHyperdriveConfigBindingInput + +func (WorkersScriptHyperdriveConfigBindingArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]WorkersScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (i WorkersScriptHyperdriveConfigBindingArray) ToWorkersScriptHyperdriveConfigBindingArrayOutput() WorkersScriptHyperdriveConfigBindingArrayOutput { + return i.ToWorkersScriptHyperdriveConfigBindingArrayOutputWithContext(context.Background()) +} + +func (i WorkersScriptHyperdriveConfigBindingArray) ToWorkersScriptHyperdriveConfigBindingArrayOutputWithContext(ctx context.Context) WorkersScriptHyperdriveConfigBindingArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(WorkersScriptHyperdriveConfigBindingArrayOutput) +} + +type WorkersScriptHyperdriveConfigBindingOutput struct{ *pulumi.OutputState } + +func (WorkersScriptHyperdriveConfigBindingOutput) ElementType() reflect.Type { + return reflect.TypeOf((*WorkersScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (o WorkersScriptHyperdriveConfigBindingOutput) ToWorkersScriptHyperdriveConfigBindingOutput() WorkersScriptHyperdriveConfigBindingOutput { + return o +} + +func (o WorkersScriptHyperdriveConfigBindingOutput) ToWorkersScriptHyperdriveConfigBindingOutputWithContext(ctx context.Context) WorkersScriptHyperdriveConfigBindingOutput { + return o +} + +// The global variable for the binding in your Worker code. +func (o WorkersScriptHyperdriveConfigBindingOutput) Binding() pulumi.StringOutput { + return o.ApplyT(func(v WorkersScriptHyperdriveConfigBinding) string { return v.Binding }).(pulumi.StringOutput) +} + +// The ID of the Hyperdrive config to use. +func (o WorkersScriptHyperdriveConfigBindingOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v WorkersScriptHyperdriveConfigBinding) string { return v.Id }).(pulumi.StringOutput) +} + +type WorkersScriptHyperdriveConfigBindingArrayOutput struct{ *pulumi.OutputState } + +func (WorkersScriptHyperdriveConfigBindingArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]WorkersScriptHyperdriveConfigBinding)(nil)).Elem() +} + +func (o WorkersScriptHyperdriveConfigBindingArrayOutput) ToWorkersScriptHyperdriveConfigBindingArrayOutput() WorkersScriptHyperdriveConfigBindingArrayOutput { + return o +} + +func (o WorkersScriptHyperdriveConfigBindingArrayOutput) ToWorkersScriptHyperdriveConfigBindingArrayOutputWithContext(ctx context.Context) WorkersScriptHyperdriveConfigBindingArrayOutput { + return o +} + +func (o WorkersScriptHyperdriveConfigBindingArrayOutput) Index(i pulumi.IntInput) WorkersScriptHyperdriveConfigBindingOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) WorkersScriptHyperdriveConfigBinding { + return vs[0].([]WorkersScriptHyperdriveConfigBinding)[vs[1].(int)] + }).(WorkersScriptHyperdriveConfigBindingOutput) +} + type WorkersScriptKvNamespaceBinding struct { // The global variable for the binding in your Worker code. Name string `pulumi:"name"` @@ -44635,32 +45729,51 @@ func (o ZeroTrustAccessApplicationScimConfigMappingOperationsPtrOutput) Update() } type ZeroTrustAccessGroupExclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []ZeroTrustAccessGroupExcludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []ZeroTrustAccessGroupExcludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []ZeroTrustAccessGroupExcludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations []ZeroTrustAccessGroupExcludeExternalEvaluation `pulumi:"externalEvaluations"` - Geos []string `pulumi:"geos"` - Githubs []ZeroTrustAccessGroupExcludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []ZeroTrustAccessGroupExcludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []ZeroTrustAccessGroupExcludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []ZeroTrustAccessGroupExcludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []ZeroTrustAccessGroupExcludeOkta `pulumi:"oktas"` - Samls []ZeroTrustAccessGroupExcludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []ZeroTrustAccessGroupExcludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []ZeroTrustAccessGroupExcludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // ZeroTrustAccessGroupExcludeInput is an input type that accepts ZeroTrustAccessGroupExcludeArgs and ZeroTrustAccessGroupExcludeOutput values. @@ -44675,32 +45788,51 @@ type ZeroTrustAccessGroupExcludeInput interface { } type ZeroTrustAccessGroupExcludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts ZeroTrustAccessGroupExcludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures ZeroTrustAccessGroupExcludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures ZeroTrustAccessGroupExcludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations ZeroTrustAccessGroupExcludeExternalEvaluationArrayInput `pulumi:"externalEvaluations"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs ZeroTrustAccessGroupExcludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites ZeroTrustAccessGroupExcludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs ZeroTrustAccessGroupExcludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites ZeroTrustAccessGroupExcludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas ZeroTrustAccessGroupExcludeOktaArrayInput `pulumi:"oktas"` - Samls ZeroTrustAccessGroupExcludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas ZeroTrustAccessGroupExcludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls ZeroTrustAccessGroupExcludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (ZeroTrustAccessGroupExcludeArgs) ElementType() reflect.Type { @@ -44754,6 +45886,7 @@ func (o ZeroTrustAccessGroupExcludeOutput) ToZeroTrustAccessGroupExcludeOutputWi return o } +// Matches any valid Access service token. func (o ZeroTrustAccessGroupExcludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -44762,18 +45895,22 @@ func (o ZeroTrustAccessGroupExcludeOutput) AuthContexts() ZeroTrustAccessGroupEx return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeAuthContext { return v.AuthContexts }).(ZeroTrustAccessGroupExcludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o ZeroTrustAccessGroupExcludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o ZeroTrustAccessGroupExcludeOutput) Azures() ZeroTrustAccessGroupExcludeAzureArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeAzure { return v.Azures }).(ZeroTrustAccessGroupExcludeAzureArrayOutput) } +// Matches any valid client certificate. func (o ZeroTrustAccessGroupExcludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o ZeroTrustAccessGroupExcludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -44783,49 +45920,59 @@ func (o ZeroTrustAccessGroupExcludeOutput) CommonNames() pulumi.StringArrayOutpu return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o ZeroTrustAccessGroupExcludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o ZeroTrustAccessGroupExcludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o ZeroTrustAccessGroupExcludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o ZeroTrustAccessGroupExcludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o ZeroTrustAccessGroupExcludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o ZeroTrustAccessGroupExcludeOutput) ExternalEvaluations() ZeroTrustAccessGroupExcludeExternalEvaluationArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeExternalEvaluation { return v.ExternalEvaluations }).(ZeroTrustAccessGroupExcludeExternalEvaluationArrayOutput) } +// Matches a specific country. func (o ZeroTrustAccessGroupExcludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o ZeroTrustAccessGroupExcludeOutput) Githubs() ZeroTrustAccessGroupExcludeGithubArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeGithub { return v.Githubs }).(ZeroTrustAccessGroupExcludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o ZeroTrustAccessGroupExcludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o ZeroTrustAccessGroupExcludeOutput) Gsuites() ZeroTrustAccessGroupExcludeGsuiteArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeGsuite { return v.Gsuites }).(ZeroTrustAccessGroupExcludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o ZeroTrustAccessGroupExcludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -44835,18 +45982,22 @@ func (o ZeroTrustAccessGroupExcludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o ZeroTrustAccessGroupExcludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o ZeroTrustAccessGroupExcludeOutput) Oktas() ZeroTrustAccessGroupExcludeOktaArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeOkta { return v.Oktas }).(ZeroTrustAccessGroupExcludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o ZeroTrustAccessGroupExcludeOutput) Samls() ZeroTrustAccessGroupExcludeSamlArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []ZeroTrustAccessGroupExcludeSaml { return v.Samls }).(ZeroTrustAccessGroupExcludeSamlArrayOutput) } +// The ID of an Access service token. func (o ZeroTrustAccessGroupExcludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -44876,7 +46027,7 @@ type ZeroTrustAccessGroupExcludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -44896,7 +46047,7 @@ type ZeroTrustAccessGroupExcludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -44961,7 +46112,7 @@ func (o ZeroTrustAccessGroupExcludeAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessGroupExcludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -44987,7 +46138,7 @@ func (o ZeroTrustAccessGroupExcludeAuthContextArrayOutput) Index(i pulumi.IntInp } type ZeroTrustAccessGroupExcludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -45005,7 +46156,7 @@ type ZeroTrustAccessGroupExcludeAzureInput interface { } type ZeroTrustAccessGroupExcludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -45062,7 +46213,7 @@ func (o ZeroTrustAccessGroupExcludeAzureOutput) ToZeroTrustAccessGroupExcludeAzu return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessGroupExcludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -45093,8 +46244,10 @@ func (o ZeroTrustAccessGroupExcludeAzureArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessGroupExcludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // ZeroTrustAccessGroupExcludeExternalEvaluationInput is an input type that accepts ZeroTrustAccessGroupExcludeExternalEvaluationArgs and ZeroTrustAccessGroupExcludeExternalEvaluationOutput values. @@ -45109,8 +46262,10 @@ type ZeroTrustAccessGroupExcludeExternalEvaluationInput interface { } type ZeroTrustAccessGroupExcludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (ZeroTrustAccessGroupExcludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -45164,10 +46319,12 @@ func (o ZeroTrustAccessGroupExcludeExternalEvaluationOutput) ToZeroTrustAccessGr return o } +// The API endpoint containing your business logic. func (o ZeroTrustAccessGroupExcludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o ZeroTrustAccessGroupExcludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -45193,9 +46350,12 @@ func (o ZeroTrustAccessGroupExcludeExternalEvaluationArrayOutput) Index(i pulumi } type ZeroTrustAccessGroupExcludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // ZeroTrustAccessGroupExcludeGithubInput is an input type that accepts ZeroTrustAccessGroupExcludeGithubArgs and ZeroTrustAccessGroupExcludeGithubOutput values. @@ -45210,9 +46370,12 @@ type ZeroTrustAccessGroupExcludeGithubInput interface { } type ZeroTrustAccessGroupExcludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (ZeroTrustAccessGroupExcludeGithubArgs) ElementType() reflect.Type { @@ -45266,14 +46429,17 @@ func (o ZeroTrustAccessGroupExcludeGithubOutput) ToZeroTrustAccessGroupExcludeGi return o } +// The ID of your Github identity provider. func (o ZeroTrustAccessGroupExcludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o ZeroTrustAccessGroupExcludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o ZeroTrustAccessGroupExcludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -45299,8 +46465,10 @@ func (o ZeroTrustAccessGroupExcludeGithubArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessGroupExcludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // ZeroTrustAccessGroupExcludeGsuiteInput is an input type that accepts ZeroTrustAccessGroupExcludeGsuiteArgs and ZeroTrustAccessGroupExcludeGsuiteOutput values. @@ -45315,8 +46483,10 @@ type ZeroTrustAccessGroupExcludeGsuiteInput interface { } type ZeroTrustAccessGroupExcludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (ZeroTrustAccessGroupExcludeGsuiteArgs) ElementType() reflect.Type { @@ -45370,10 +46540,12 @@ func (o ZeroTrustAccessGroupExcludeGsuiteOutput) ToZeroTrustAccessGroupExcludeGs return o } +// The email of the Google Workspace group. func (o ZeroTrustAccessGroupExcludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o ZeroTrustAccessGroupExcludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -45399,8 +46571,10 @@ func (o ZeroTrustAccessGroupExcludeGsuiteArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessGroupExcludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // ZeroTrustAccessGroupExcludeOktaInput is an input type that accepts ZeroTrustAccessGroupExcludeOktaArgs and ZeroTrustAccessGroupExcludeOktaOutput values. @@ -45415,8 +46589,10 @@ type ZeroTrustAccessGroupExcludeOktaInput interface { } type ZeroTrustAccessGroupExcludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (ZeroTrustAccessGroupExcludeOktaArgs) ElementType() reflect.Type { @@ -45470,10 +46646,12 @@ func (o ZeroTrustAccessGroupExcludeOktaOutput) ToZeroTrustAccessGroupExcludeOkta return o } +// The ID of your Okta identity provider. func (o ZeroTrustAccessGroupExcludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o ZeroTrustAccessGroupExcludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -45499,8 +46677,11 @@ func (o ZeroTrustAccessGroupExcludeOktaArrayOutput) Index(i pulumi.IntInput) Zer } type ZeroTrustAccessGroupExcludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -45516,8 +46697,11 @@ type ZeroTrustAccessGroupExcludeSamlInput interface { } type ZeroTrustAccessGroupExcludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -45572,14 +46756,17 @@ func (o ZeroTrustAccessGroupExcludeSamlOutput) ToZeroTrustAccessGroupExcludeSaml return o } +// The name of the SAML attribute. func (o ZeroTrustAccessGroupExcludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o ZeroTrustAccessGroupExcludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o ZeroTrustAccessGroupExcludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupExcludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -45605,32 +46792,51 @@ func (o ZeroTrustAccessGroupExcludeSamlArrayOutput) Index(i pulumi.IntInput) Zer } type ZeroTrustAccessGroupInclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []ZeroTrustAccessGroupIncludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []ZeroTrustAccessGroupIncludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []ZeroTrustAccessGroupIncludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations []ZeroTrustAccessGroupIncludeExternalEvaluation `pulumi:"externalEvaluations"` - Geos []string `pulumi:"geos"` - Githubs []ZeroTrustAccessGroupIncludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []ZeroTrustAccessGroupIncludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []ZeroTrustAccessGroupIncludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []ZeroTrustAccessGroupIncludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []ZeroTrustAccessGroupIncludeOkta `pulumi:"oktas"` - Samls []ZeroTrustAccessGroupIncludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []ZeroTrustAccessGroupIncludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []ZeroTrustAccessGroupIncludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // ZeroTrustAccessGroupIncludeInput is an input type that accepts ZeroTrustAccessGroupIncludeArgs and ZeroTrustAccessGroupIncludeOutput values. @@ -45645,32 +46851,51 @@ type ZeroTrustAccessGroupIncludeInput interface { } type ZeroTrustAccessGroupIncludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts ZeroTrustAccessGroupIncludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures ZeroTrustAccessGroupIncludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures ZeroTrustAccessGroupIncludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations ZeroTrustAccessGroupIncludeExternalEvaluationArrayInput `pulumi:"externalEvaluations"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs ZeroTrustAccessGroupIncludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites ZeroTrustAccessGroupIncludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs ZeroTrustAccessGroupIncludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites ZeroTrustAccessGroupIncludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas ZeroTrustAccessGroupIncludeOktaArrayInput `pulumi:"oktas"` - Samls ZeroTrustAccessGroupIncludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas ZeroTrustAccessGroupIncludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls ZeroTrustAccessGroupIncludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (ZeroTrustAccessGroupIncludeArgs) ElementType() reflect.Type { @@ -45724,6 +46949,7 @@ func (o ZeroTrustAccessGroupIncludeOutput) ToZeroTrustAccessGroupIncludeOutputWi return o } +// Matches any valid Access service token. func (o ZeroTrustAccessGroupIncludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -45732,18 +46958,22 @@ func (o ZeroTrustAccessGroupIncludeOutput) AuthContexts() ZeroTrustAccessGroupIn return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeAuthContext { return v.AuthContexts }).(ZeroTrustAccessGroupIncludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o ZeroTrustAccessGroupIncludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o ZeroTrustAccessGroupIncludeOutput) Azures() ZeroTrustAccessGroupIncludeAzureArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeAzure { return v.Azures }).(ZeroTrustAccessGroupIncludeAzureArrayOutput) } +// Matches any valid client certificate. func (o ZeroTrustAccessGroupIncludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o ZeroTrustAccessGroupIncludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -45753,49 +46983,59 @@ func (o ZeroTrustAccessGroupIncludeOutput) CommonNames() pulumi.StringArrayOutpu return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o ZeroTrustAccessGroupIncludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o ZeroTrustAccessGroupIncludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o ZeroTrustAccessGroupIncludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o ZeroTrustAccessGroupIncludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o ZeroTrustAccessGroupIncludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o ZeroTrustAccessGroupIncludeOutput) ExternalEvaluations() ZeroTrustAccessGroupIncludeExternalEvaluationArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeExternalEvaluation { return v.ExternalEvaluations }).(ZeroTrustAccessGroupIncludeExternalEvaluationArrayOutput) } +// Matches a specific country. func (o ZeroTrustAccessGroupIncludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o ZeroTrustAccessGroupIncludeOutput) Githubs() ZeroTrustAccessGroupIncludeGithubArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeGithub { return v.Githubs }).(ZeroTrustAccessGroupIncludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o ZeroTrustAccessGroupIncludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o ZeroTrustAccessGroupIncludeOutput) Gsuites() ZeroTrustAccessGroupIncludeGsuiteArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeGsuite { return v.Gsuites }).(ZeroTrustAccessGroupIncludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o ZeroTrustAccessGroupIncludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -45805,18 +47045,22 @@ func (o ZeroTrustAccessGroupIncludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o ZeroTrustAccessGroupIncludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o ZeroTrustAccessGroupIncludeOutput) Oktas() ZeroTrustAccessGroupIncludeOktaArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeOkta { return v.Oktas }).(ZeroTrustAccessGroupIncludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o ZeroTrustAccessGroupIncludeOutput) Samls() ZeroTrustAccessGroupIncludeSamlArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []ZeroTrustAccessGroupIncludeSaml { return v.Samls }).(ZeroTrustAccessGroupIncludeSamlArrayOutput) } +// The ID of an Access service token. func (o ZeroTrustAccessGroupIncludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupInclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -45846,7 +47090,7 @@ type ZeroTrustAccessGroupIncludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -45866,7 +47110,7 @@ type ZeroTrustAccessGroupIncludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -45931,7 +47175,7 @@ func (o ZeroTrustAccessGroupIncludeAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessGroupIncludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -45957,7 +47201,7 @@ func (o ZeroTrustAccessGroupIncludeAuthContextArrayOutput) Index(i pulumi.IntInp } type ZeroTrustAccessGroupIncludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -45975,7 +47219,7 @@ type ZeroTrustAccessGroupIncludeAzureInput interface { } type ZeroTrustAccessGroupIncludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -46032,7 +47276,7 @@ func (o ZeroTrustAccessGroupIncludeAzureOutput) ToZeroTrustAccessGroupIncludeAzu return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessGroupIncludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -46063,8 +47307,10 @@ func (o ZeroTrustAccessGroupIncludeAzureArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessGroupIncludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // ZeroTrustAccessGroupIncludeExternalEvaluationInput is an input type that accepts ZeroTrustAccessGroupIncludeExternalEvaluationArgs and ZeroTrustAccessGroupIncludeExternalEvaluationOutput values. @@ -46079,8 +47325,10 @@ type ZeroTrustAccessGroupIncludeExternalEvaluationInput interface { } type ZeroTrustAccessGroupIncludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (ZeroTrustAccessGroupIncludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -46134,10 +47382,12 @@ func (o ZeroTrustAccessGroupIncludeExternalEvaluationOutput) ToZeroTrustAccessGr return o } +// The API endpoint containing your business logic. func (o ZeroTrustAccessGroupIncludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o ZeroTrustAccessGroupIncludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -46163,9 +47413,12 @@ func (o ZeroTrustAccessGroupIncludeExternalEvaluationArrayOutput) Index(i pulumi } type ZeroTrustAccessGroupIncludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // ZeroTrustAccessGroupIncludeGithubInput is an input type that accepts ZeroTrustAccessGroupIncludeGithubArgs and ZeroTrustAccessGroupIncludeGithubOutput values. @@ -46180,9 +47433,12 @@ type ZeroTrustAccessGroupIncludeGithubInput interface { } type ZeroTrustAccessGroupIncludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (ZeroTrustAccessGroupIncludeGithubArgs) ElementType() reflect.Type { @@ -46236,14 +47492,17 @@ func (o ZeroTrustAccessGroupIncludeGithubOutput) ToZeroTrustAccessGroupIncludeGi return o } +// The ID of your Github identity provider. func (o ZeroTrustAccessGroupIncludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o ZeroTrustAccessGroupIncludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o ZeroTrustAccessGroupIncludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -46269,8 +47528,10 @@ func (o ZeroTrustAccessGroupIncludeGithubArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessGroupIncludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // ZeroTrustAccessGroupIncludeGsuiteInput is an input type that accepts ZeroTrustAccessGroupIncludeGsuiteArgs and ZeroTrustAccessGroupIncludeGsuiteOutput values. @@ -46285,8 +47546,10 @@ type ZeroTrustAccessGroupIncludeGsuiteInput interface { } type ZeroTrustAccessGroupIncludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (ZeroTrustAccessGroupIncludeGsuiteArgs) ElementType() reflect.Type { @@ -46340,10 +47603,12 @@ func (o ZeroTrustAccessGroupIncludeGsuiteOutput) ToZeroTrustAccessGroupIncludeGs return o } +// The email of the Google Workspace group. func (o ZeroTrustAccessGroupIncludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o ZeroTrustAccessGroupIncludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -46369,8 +47634,10 @@ func (o ZeroTrustAccessGroupIncludeGsuiteArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessGroupIncludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // ZeroTrustAccessGroupIncludeOktaInput is an input type that accepts ZeroTrustAccessGroupIncludeOktaArgs and ZeroTrustAccessGroupIncludeOktaOutput values. @@ -46385,8 +47652,10 @@ type ZeroTrustAccessGroupIncludeOktaInput interface { } type ZeroTrustAccessGroupIncludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (ZeroTrustAccessGroupIncludeOktaArgs) ElementType() reflect.Type { @@ -46440,10 +47709,12 @@ func (o ZeroTrustAccessGroupIncludeOktaOutput) ToZeroTrustAccessGroupIncludeOkta return o } +// The ID of your Okta identity provider. func (o ZeroTrustAccessGroupIncludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o ZeroTrustAccessGroupIncludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -46469,8 +47740,11 @@ func (o ZeroTrustAccessGroupIncludeOktaArrayOutput) Index(i pulumi.IntInput) Zer } type ZeroTrustAccessGroupIncludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -46486,8 +47760,11 @@ type ZeroTrustAccessGroupIncludeSamlInput interface { } type ZeroTrustAccessGroupIncludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -46542,14 +47819,17 @@ func (o ZeroTrustAccessGroupIncludeSamlOutput) ToZeroTrustAccessGroupIncludeSaml return o } +// The name of the SAML attribute. func (o ZeroTrustAccessGroupIncludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o ZeroTrustAccessGroupIncludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o ZeroTrustAccessGroupIncludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupIncludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -46575,32 +47855,51 @@ func (o ZeroTrustAccessGroupIncludeSamlArrayOutput) Index(i pulumi.IntInput) Zer } type ZeroTrustAccessGroupRequire struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []ZeroTrustAccessGroupRequireAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []ZeroTrustAccessGroupRequireAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []ZeroTrustAccessGroupRequireAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations []ZeroTrustAccessGroupRequireExternalEvaluation `pulumi:"externalEvaluations"` - Geos []string `pulumi:"geos"` - Githubs []ZeroTrustAccessGroupRequireGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []ZeroTrustAccessGroupRequireGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []ZeroTrustAccessGroupRequireGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []ZeroTrustAccessGroupRequireGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []ZeroTrustAccessGroupRequireOkta `pulumi:"oktas"` - Samls []ZeroTrustAccessGroupRequireSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []ZeroTrustAccessGroupRequireOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []ZeroTrustAccessGroupRequireSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // ZeroTrustAccessGroupRequireInput is an input type that accepts ZeroTrustAccessGroupRequireArgs and ZeroTrustAccessGroupRequireOutput values. @@ -46615,32 +47914,51 @@ type ZeroTrustAccessGroupRequireInput interface { } type ZeroTrustAccessGroupRequireArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts ZeroTrustAccessGroupRequireAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures ZeroTrustAccessGroupRequireAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures ZeroTrustAccessGroupRequireAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations ZeroTrustAccessGroupRequireExternalEvaluationArrayInput `pulumi:"externalEvaluations"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs ZeroTrustAccessGroupRequireGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites ZeroTrustAccessGroupRequireGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs ZeroTrustAccessGroupRequireGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites ZeroTrustAccessGroupRequireGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas ZeroTrustAccessGroupRequireOktaArrayInput `pulumi:"oktas"` - Samls ZeroTrustAccessGroupRequireSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas ZeroTrustAccessGroupRequireOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls ZeroTrustAccessGroupRequireSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (ZeroTrustAccessGroupRequireArgs) ElementType() reflect.Type { @@ -46694,6 +48012,7 @@ func (o ZeroTrustAccessGroupRequireOutput) ToZeroTrustAccessGroupRequireOutputWi return o } +// Matches any valid Access service token. func (o ZeroTrustAccessGroupRequireOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -46702,18 +48021,22 @@ func (o ZeroTrustAccessGroupRequireOutput) AuthContexts() ZeroTrustAccessGroupRe return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireAuthContext { return v.AuthContexts }).(ZeroTrustAccessGroupRequireAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o ZeroTrustAccessGroupRequireOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o ZeroTrustAccessGroupRequireOutput) Azures() ZeroTrustAccessGroupRequireAzureArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireAzure { return v.Azures }).(ZeroTrustAccessGroupRequireAzureArrayOutput) } +// Matches any valid client certificate. func (o ZeroTrustAccessGroupRequireOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o ZeroTrustAccessGroupRequireOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -46723,49 +48046,59 @@ func (o ZeroTrustAccessGroupRequireOutput) CommonNames() pulumi.StringArrayOutpu return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o ZeroTrustAccessGroupRequireOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o ZeroTrustAccessGroupRequireOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o ZeroTrustAccessGroupRequireOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o ZeroTrustAccessGroupRequireOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o ZeroTrustAccessGroupRequireOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o ZeroTrustAccessGroupRequireOutput) ExternalEvaluations() ZeroTrustAccessGroupRequireExternalEvaluationArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireExternalEvaluation { return v.ExternalEvaluations }).(ZeroTrustAccessGroupRequireExternalEvaluationArrayOutput) } +// Matches a specific country. func (o ZeroTrustAccessGroupRequireOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o ZeroTrustAccessGroupRequireOutput) Githubs() ZeroTrustAccessGroupRequireGithubArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireGithub { return v.Githubs }).(ZeroTrustAccessGroupRequireGithubArrayOutput) } +// The ID of a previously created Access group. func (o ZeroTrustAccessGroupRequireOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o ZeroTrustAccessGroupRequireOutput) Gsuites() ZeroTrustAccessGroupRequireGsuiteArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireGsuite { return v.Gsuites }).(ZeroTrustAccessGroupRequireGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o ZeroTrustAccessGroupRequireOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -46775,18 +48108,22 @@ func (o ZeroTrustAccessGroupRequireOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o ZeroTrustAccessGroupRequireOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o ZeroTrustAccessGroupRequireOutput) Oktas() ZeroTrustAccessGroupRequireOktaArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireOkta { return v.Oktas }).(ZeroTrustAccessGroupRequireOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o ZeroTrustAccessGroupRequireOutput) Samls() ZeroTrustAccessGroupRequireSamlArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []ZeroTrustAccessGroupRequireSaml { return v.Samls }).(ZeroTrustAccessGroupRequireSamlArrayOutput) } +// The ID of an Access service token. func (o ZeroTrustAccessGroupRequireOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequire) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -46816,7 +48153,7 @@ type ZeroTrustAccessGroupRequireAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -46836,7 +48173,7 @@ type ZeroTrustAccessGroupRequireAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -46901,7 +48238,7 @@ func (o ZeroTrustAccessGroupRequireAuthContextOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessGroupRequireAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -46927,7 +48264,7 @@ func (o ZeroTrustAccessGroupRequireAuthContextArrayOutput) Index(i pulumi.IntInp } type ZeroTrustAccessGroupRequireAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -46945,7 +48282,7 @@ type ZeroTrustAccessGroupRequireAzureInput interface { } type ZeroTrustAccessGroupRequireAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -47002,7 +48339,7 @@ func (o ZeroTrustAccessGroupRequireAzureOutput) ToZeroTrustAccessGroupRequireAzu return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessGroupRequireAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -47033,8 +48370,10 @@ func (o ZeroTrustAccessGroupRequireAzureArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessGroupRequireExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // ZeroTrustAccessGroupRequireExternalEvaluationInput is an input type that accepts ZeroTrustAccessGroupRequireExternalEvaluationArgs and ZeroTrustAccessGroupRequireExternalEvaluationOutput values. @@ -47049,8 +48388,10 @@ type ZeroTrustAccessGroupRequireExternalEvaluationInput interface { } type ZeroTrustAccessGroupRequireExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (ZeroTrustAccessGroupRequireExternalEvaluationArgs) ElementType() reflect.Type { @@ -47104,10 +48445,12 @@ func (o ZeroTrustAccessGroupRequireExternalEvaluationOutput) ToZeroTrustAccessGr return o } +// The API endpoint containing your business logic. func (o ZeroTrustAccessGroupRequireExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o ZeroTrustAccessGroupRequireExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -47133,9 +48476,12 @@ func (o ZeroTrustAccessGroupRequireExternalEvaluationArrayOutput) Index(i pulumi } type ZeroTrustAccessGroupRequireGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // ZeroTrustAccessGroupRequireGithubInput is an input type that accepts ZeroTrustAccessGroupRequireGithubArgs and ZeroTrustAccessGroupRequireGithubOutput values. @@ -47150,9 +48496,12 @@ type ZeroTrustAccessGroupRequireGithubInput interface { } type ZeroTrustAccessGroupRequireGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (ZeroTrustAccessGroupRequireGithubArgs) ElementType() reflect.Type { @@ -47206,14 +48555,17 @@ func (o ZeroTrustAccessGroupRequireGithubOutput) ToZeroTrustAccessGroupRequireGi return o } +// The ID of your Github identity provider. func (o ZeroTrustAccessGroupRequireGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o ZeroTrustAccessGroupRequireGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o ZeroTrustAccessGroupRequireGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -47239,8 +48591,10 @@ func (o ZeroTrustAccessGroupRequireGithubArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessGroupRequireGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // ZeroTrustAccessGroupRequireGsuiteInput is an input type that accepts ZeroTrustAccessGroupRequireGsuiteArgs and ZeroTrustAccessGroupRequireGsuiteOutput values. @@ -47255,8 +48609,10 @@ type ZeroTrustAccessGroupRequireGsuiteInput interface { } type ZeroTrustAccessGroupRequireGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (ZeroTrustAccessGroupRequireGsuiteArgs) ElementType() reflect.Type { @@ -47310,10 +48666,12 @@ func (o ZeroTrustAccessGroupRequireGsuiteOutput) ToZeroTrustAccessGroupRequireGs return o } +// The email of the Google Workspace group. func (o ZeroTrustAccessGroupRequireGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o ZeroTrustAccessGroupRequireGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -47339,8 +48697,10 @@ func (o ZeroTrustAccessGroupRequireGsuiteArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessGroupRequireOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // ZeroTrustAccessGroupRequireOktaInput is an input type that accepts ZeroTrustAccessGroupRequireOktaArgs and ZeroTrustAccessGroupRequireOktaOutput values. @@ -47355,8 +48715,10 @@ type ZeroTrustAccessGroupRequireOktaInput interface { } type ZeroTrustAccessGroupRequireOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (ZeroTrustAccessGroupRequireOktaArgs) ElementType() reflect.Type { @@ -47410,10 +48772,12 @@ func (o ZeroTrustAccessGroupRequireOktaOutput) ToZeroTrustAccessGroupRequireOkta return o } +// The ID of your Okta identity provider. func (o ZeroTrustAccessGroupRequireOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o ZeroTrustAccessGroupRequireOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -47439,8 +48803,11 @@ func (o ZeroTrustAccessGroupRequireOktaArrayOutput) Index(i pulumi.IntInput) Zer } type ZeroTrustAccessGroupRequireSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -47456,8 +48823,11 @@ type ZeroTrustAccessGroupRequireSamlInput interface { } type ZeroTrustAccessGroupRequireSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -47512,14 +48882,17 @@ func (o ZeroTrustAccessGroupRequireSamlOutput) ToZeroTrustAccessGroupRequireSaml return o } +// The name of the SAML attribute. func (o ZeroTrustAccessGroupRequireSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o ZeroTrustAccessGroupRequireSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o ZeroTrustAccessGroupRequireSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessGroupRequireSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -48379,32 +49752,51 @@ func (o ZeroTrustAccessPolicyApprovalGroupArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyExclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []ZeroTrustAccessPolicyExcludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []ZeroTrustAccessPolicyExcludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []ZeroTrustAccessPolicyExcludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations []ZeroTrustAccessPolicyExcludeExternalEvaluation `pulumi:"externalEvaluations"` - Geos []string `pulumi:"geos"` - Githubs []ZeroTrustAccessPolicyExcludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []ZeroTrustAccessPolicyExcludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []ZeroTrustAccessPolicyExcludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []ZeroTrustAccessPolicyExcludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []ZeroTrustAccessPolicyExcludeOkta `pulumi:"oktas"` - Samls []ZeroTrustAccessPolicyExcludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []ZeroTrustAccessPolicyExcludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []ZeroTrustAccessPolicyExcludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // ZeroTrustAccessPolicyExcludeInput is an input type that accepts ZeroTrustAccessPolicyExcludeArgs and ZeroTrustAccessPolicyExcludeOutput values. @@ -48419,32 +49811,51 @@ type ZeroTrustAccessPolicyExcludeInput interface { } type ZeroTrustAccessPolicyExcludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts ZeroTrustAccessPolicyExcludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures ZeroTrustAccessPolicyExcludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures ZeroTrustAccessPolicyExcludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations ZeroTrustAccessPolicyExcludeExternalEvaluationArrayInput `pulumi:"externalEvaluations"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs ZeroTrustAccessPolicyExcludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites ZeroTrustAccessPolicyExcludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs ZeroTrustAccessPolicyExcludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites ZeroTrustAccessPolicyExcludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas ZeroTrustAccessPolicyExcludeOktaArrayInput `pulumi:"oktas"` - Samls ZeroTrustAccessPolicyExcludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas ZeroTrustAccessPolicyExcludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls ZeroTrustAccessPolicyExcludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (ZeroTrustAccessPolicyExcludeArgs) ElementType() reflect.Type { @@ -48498,6 +49909,7 @@ func (o ZeroTrustAccessPolicyExcludeOutput) ToZeroTrustAccessPolicyExcludeOutput return o } +// Matches any valid Access service token. func (o ZeroTrustAccessPolicyExcludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -48506,18 +49918,22 @@ func (o ZeroTrustAccessPolicyExcludeOutput) AuthContexts() ZeroTrustAccessPolicy return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeAuthContext { return v.AuthContexts }).(ZeroTrustAccessPolicyExcludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o ZeroTrustAccessPolicyExcludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o ZeroTrustAccessPolicyExcludeOutput) Azures() ZeroTrustAccessPolicyExcludeAzureArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeAzure { return v.Azures }).(ZeroTrustAccessPolicyExcludeAzureArrayOutput) } +// Matches any valid client certificate. func (o ZeroTrustAccessPolicyExcludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o ZeroTrustAccessPolicyExcludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -48527,49 +49943,59 @@ func (o ZeroTrustAccessPolicyExcludeOutput) CommonNames() pulumi.StringArrayOutp return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o ZeroTrustAccessPolicyExcludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o ZeroTrustAccessPolicyExcludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o ZeroTrustAccessPolicyExcludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o ZeroTrustAccessPolicyExcludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o ZeroTrustAccessPolicyExcludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o ZeroTrustAccessPolicyExcludeOutput) ExternalEvaluations() ZeroTrustAccessPolicyExcludeExternalEvaluationArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeExternalEvaluation { return v.ExternalEvaluations }).(ZeroTrustAccessPolicyExcludeExternalEvaluationArrayOutput) } +// Matches a specific country. func (o ZeroTrustAccessPolicyExcludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o ZeroTrustAccessPolicyExcludeOutput) Githubs() ZeroTrustAccessPolicyExcludeGithubArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeGithub { return v.Githubs }).(ZeroTrustAccessPolicyExcludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o ZeroTrustAccessPolicyExcludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o ZeroTrustAccessPolicyExcludeOutput) Gsuites() ZeroTrustAccessPolicyExcludeGsuiteArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeGsuite { return v.Gsuites }).(ZeroTrustAccessPolicyExcludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o ZeroTrustAccessPolicyExcludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -48579,18 +50005,22 @@ func (o ZeroTrustAccessPolicyExcludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o ZeroTrustAccessPolicyExcludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o ZeroTrustAccessPolicyExcludeOutput) Oktas() ZeroTrustAccessPolicyExcludeOktaArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeOkta { return v.Oktas }).(ZeroTrustAccessPolicyExcludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o ZeroTrustAccessPolicyExcludeOutput) Samls() ZeroTrustAccessPolicyExcludeSamlArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []ZeroTrustAccessPolicyExcludeSaml { return v.Samls }).(ZeroTrustAccessPolicyExcludeSamlArrayOutput) } +// The ID of an Access service token. func (o ZeroTrustAccessPolicyExcludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -48620,7 +50050,7 @@ type ZeroTrustAccessPolicyExcludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -48640,7 +50070,7 @@ type ZeroTrustAccessPolicyExcludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -48705,7 +50135,7 @@ func (o ZeroTrustAccessPolicyExcludeAuthContextOutput) Id() pulumi.StringOutput return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessPolicyExcludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -48731,7 +50161,7 @@ func (o ZeroTrustAccessPolicyExcludeAuthContextArrayOutput) Index(i pulumi.IntIn } type ZeroTrustAccessPolicyExcludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -48749,7 +50179,7 @@ type ZeroTrustAccessPolicyExcludeAzureInput interface { } type ZeroTrustAccessPolicyExcludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -48806,7 +50236,7 @@ func (o ZeroTrustAccessPolicyExcludeAzureOutput) ToZeroTrustAccessPolicyExcludeA return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessPolicyExcludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -48837,8 +50267,10 @@ func (o ZeroTrustAccessPolicyExcludeAzureArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessPolicyExcludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // ZeroTrustAccessPolicyExcludeExternalEvaluationInput is an input type that accepts ZeroTrustAccessPolicyExcludeExternalEvaluationArgs and ZeroTrustAccessPolicyExcludeExternalEvaluationOutput values. @@ -48853,8 +50285,10 @@ type ZeroTrustAccessPolicyExcludeExternalEvaluationInput interface { } type ZeroTrustAccessPolicyExcludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (ZeroTrustAccessPolicyExcludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -48908,10 +50342,12 @@ func (o ZeroTrustAccessPolicyExcludeExternalEvaluationOutput) ToZeroTrustAccessP return o } +// The API endpoint containing your business logic. func (o ZeroTrustAccessPolicyExcludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o ZeroTrustAccessPolicyExcludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -48937,9 +50373,12 @@ func (o ZeroTrustAccessPolicyExcludeExternalEvaluationArrayOutput) Index(i pulum } type ZeroTrustAccessPolicyExcludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // ZeroTrustAccessPolicyExcludeGithubInput is an input type that accepts ZeroTrustAccessPolicyExcludeGithubArgs and ZeroTrustAccessPolicyExcludeGithubOutput values. @@ -48954,9 +50393,12 @@ type ZeroTrustAccessPolicyExcludeGithubInput interface { } type ZeroTrustAccessPolicyExcludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (ZeroTrustAccessPolicyExcludeGithubArgs) ElementType() reflect.Type { @@ -49010,14 +50452,17 @@ func (o ZeroTrustAccessPolicyExcludeGithubOutput) ToZeroTrustAccessPolicyExclude return o } +// The ID of your Github identity provider. func (o ZeroTrustAccessPolicyExcludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o ZeroTrustAccessPolicyExcludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o ZeroTrustAccessPolicyExcludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -49043,8 +50488,10 @@ func (o ZeroTrustAccessPolicyExcludeGithubArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyExcludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // ZeroTrustAccessPolicyExcludeGsuiteInput is an input type that accepts ZeroTrustAccessPolicyExcludeGsuiteArgs and ZeroTrustAccessPolicyExcludeGsuiteOutput values. @@ -49059,8 +50506,10 @@ type ZeroTrustAccessPolicyExcludeGsuiteInput interface { } type ZeroTrustAccessPolicyExcludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (ZeroTrustAccessPolicyExcludeGsuiteArgs) ElementType() reflect.Type { @@ -49114,10 +50563,12 @@ func (o ZeroTrustAccessPolicyExcludeGsuiteOutput) ToZeroTrustAccessPolicyExclude return o } +// The email of the Google Workspace group. func (o ZeroTrustAccessPolicyExcludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o ZeroTrustAccessPolicyExcludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -49143,8 +50594,10 @@ func (o ZeroTrustAccessPolicyExcludeGsuiteArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyExcludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // ZeroTrustAccessPolicyExcludeOktaInput is an input type that accepts ZeroTrustAccessPolicyExcludeOktaArgs and ZeroTrustAccessPolicyExcludeOktaOutput values. @@ -49159,8 +50612,10 @@ type ZeroTrustAccessPolicyExcludeOktaInput interface { } type ZeroTrustAccessPolicyExcludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (ZeroTrustAccessPolicyExcludeOktaArgs) ElementType() reflect.Type { @@ -49214,10 +50669,12 @@ func (o ZeroTrustAccessPolicyExcludeOktaOutput) ToZeroTrustAccessPolicyExcludeOk return o } +// The ID of your Okta identity provider. func (o ZeroTrustAccessPolicyExcludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o ZeroTrustAccessPolicyExcludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -49243,8 +50700,11 @@ func (o ZeroTrustAccessPolicyExcludeOktaArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessPolicyExcludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -49260,8 +50720,11 @@ type ZeroTrustAccessPolicyExcludeSamlInput interface { } type ZeroTrustAccessPolicyExcludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -49316,14 +50779,17 @@ func (o ZeroTrustAccessPolicyExcludeSamlOutput) ToZeroTrustAccessPolicyExcludeSa return o } +// The name of the SAML attribute. func (o ZeroTrustAccessPolicyExcludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o ZeroTrustAccessPolicyExcludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o ZeroTrustAccessPolicyExcludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyExcludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -49349,32 +50815,51 @@ func (o ZeroTrustAccessPolicyExcludeSamlArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessPolicyInclude struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []ZeroTrustAccessPolicyIncludeAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []ZeroTrustAccessPolicyIncludeAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []ZeroTrustAccessPolicyIncludeAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations []ZeroTrustAccessPolicyIncludeExternalEvaluation `pulumi:"externalEvaluations"` - Geos []string `pulumi:"geos"` - Githubs []ZeroTrustAccessPolicyIncludeGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []ZeroTrustAccessPolicyIncludeGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []ZeroTrustAccessPolicyIncludeGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []ZeroTrustAccessPolicyIncludeGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []ZeroTrustAccessPolicyIncludeOkta `pulumi:"oktas"` - Samls []ZeroTrustAccessPolicyIncludeSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []ZeroTrustAccessPolicyIncludeOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []ZeroTrustAccessPolicyIncludeSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // ZeroTrustAccessPolicyIncludeInput is an input type that accepts ZeroTrustAccessPolicyIncludeArgs and ZeroTrustAccessPolicyIncludeOutput values. @@ -49389,32 +50874,51 @@ type ZeroTrustAccessPolicyIncludeInput interface { } type ZeroTrustAccessPolicyIncludeArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts ZeroTrustAccessPolicyIncludeAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures ZeroTrustAccessPolicyIncludeAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures ZeroTrustAccessPolicyIncludeAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations ZeroTrustAccessPolicyIncludeExternalEvaluationArrayInput `pulumi:"externalEvaluations"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs ZeroTrustAccessPolicyIncludeGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites ZeroTrustAccessPolicyIncludeGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs ZeroTrustAccessPolicyIncludeGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites ZeroTrustAccessPolicyIncludeGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas ZeroTrustAccessPolicyIncludeOktaArrayInput `pulumi:"oktas"` - Samls ZeroTrustAccessPolicyIncludeSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas ZeroTrustAccessPolicyIncludeOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls ZeroTrustAccessPolicyIncludeSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (ZeroTrustAccessPolicyIncludeArgs) ElementType() reflect.Type { @@ -49468,6 +50972,7 @@ func (o ZeroTrustAccessPolicyIncludeOutput) ToZeroTrustAccessPolicyIncludeOutput return o } +// Matches any valid Access service token. func (o ZeroTrustAccessPolicyIncludeOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -49476,18 +50981,22 @@ func (o ZeroTrustAccessPolicyIncludeOutput) AuthContexts() ZeroTrustAccessPolicy return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeAuthContext { return v.AuthContexts }).(ZeroTrustAccessPolicyIncludeAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o ZeroTrustAccessPolicyIncludeOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o ZeroTrustAccessPolicyIncludeOutput) Azures() ZeroTrustAccessPolicyIncludeAzureArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeAzure { return v.Azures }).(ZeroTrustAccessPolicyIncludeAzureArrayOutput) } +// Matches any valid client certificate. func (o ZeroTrustAccessPolicyIncludeOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o ZeroTrustAccessPolicyIncludeOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -49497,49 +51006,59 @@ func (o ZeroTrustAccessPolicyIncludeOutput) CommonNames() pulumi.StringArrayOutp return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o ZeroTrustAccessPolicyIncludeOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o ZeroTrustAccessPolicyIncludeOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o ZeroTrustAccessPolicyIncludeOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o ZeroTrustAccessPolicyIncludeOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o ZeroTrustAccessPolicyIncludeOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o ZeroTrustAccessPolicyIncludeOutput) ExternalEvaluations() ZeroTrustAccessPolicyIncludeExternalEvaluationArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeExternalEvaluation { return v.ExternalEvaluations }).(ZeroTrustAccessPolicyIncludeExternalEvaluationArrayOutput) } +// Matches a specific country. func (o ZeroTrustAccessPolicyIncludeOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o ZeroTrustAccessPolicyIncludeOutput) Githubs() ZeroTrustAccessPolicyIncludeGithubArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeGithub { return v.Githubs }).(ZeroTrustAccessPolicyIncludeGithubArrayOutput) } +// The ID of a previously created Access group. func (o ZeroTrustAccessPolicyIncludeOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o ZeroTrustAccessPolicyIncludeOutput) Gsuites() ZeroTrustAccessPolicyIncludeGsuiteArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeGsuite { return v.Gsuites }).(ZeroTrustAccessPolicyIncludeGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o ZeroTrustAccessPolicyIncludeOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -49549,18 +51068,22 @@ func (o ZeroTrustAccessPolicyIncludeOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o ZeroTrustAccessPolicyIncludeOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o ZeroTrustAccessPolicyIncludeOutput) Oktas() ZeroTrustAccessPolicyIncludeOktaArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeOkta { return v.Oktas }).(ZeroTrustAccessPolicyIncludeOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o ZeroTrustAccessPolicyIncludeOutput) Samls() ZeroTrustAccessPolicyIncludeSamlArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []ZeroTrustAccessPolicyIncludeSaml { return v.Samls }).(ZeroTrustAccessPolicyIncludeSamlArrayOutput) } +// The ID of an Access service token. func (o ZeroTrustAccessPolicyIncludeOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyInclude) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -49590,7 +51113,7 @@ type ZeroTrustAccessPolicyIncludeAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -49610,7 +51133,7 @@ type ZeroTrustAccessPolicyIncludeAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -49675,7 +51198,7 @@ func (o ZeroTrustAccessPolicyIncludeAuthContextOutput) Id() pulumi.StringOutput return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessPolicyIncludeAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -49701,7 +51224,7 @@ func (o ZeroTrustAccessPolicyIncludeAuthContextArrayOutput) Index(i pulumi.IntIn } type ZeroTrustAccessPolicyIncludeAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -49719,7 +51242,7 @@ type ZeroTrustAccessPolicyIncludeAzureInput interface { } type ZeroTrustAccessPolicyIncludeAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -49776,7 +51299,7 @@ func (o ZeroTrustAccessPolicyIncludeAzureOutput) ToZeroTrustAccessPolicyIncludeA return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessPolicyIncludeAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -49807,8 +51330,10 @@ func (o ZeroTrustAccessPolicyIncludeAzureArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessPolicyIncludeExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // ZeroTrustAccessPolicyIncludeExternalEvaluationInput is an input type that accepts ZeroTrustAccessPolicyIncludeExternalEvaluationArgs and ZeroTrustAccessPolicyIncludeExternalEvaluationOutput values. @@ -49823,8 +51348,10 @@ type ZeroTrustAccessPolicyIncludeExternalEvaluationInput interface { } type ZeroTrustAccessPolicyIncludeExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (ZeroTrustAccessPolicyIncludeExternalEvaluationArgs) ElementType() reflect.Type { @@ -49878,10 +51405,12 @@ func (o ZeroTrustAccessPolicyIncludeExternalEvaluationOutput) ToZeroTrustAccessP return o } +// The API endpoint containing your business logic. func (o ZeroTrustAccessPolicyIncludeExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o ZeroTrustAccessPolicyIncludeExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -49907,9 +51436,12 @@ func (o ZeroTrustAccessPolicyIncludeExternalEvaluationArrayOutput) Index(i pulum } type ZeroTrustAccessPolicyIncludeGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // ZeroTrustAccessPolicyIncludeGithubInput is an input type that accepts ZeroTrustAccessPolicyIncludeGithubArgs and ZeroTrustAccessPolicyIncludeGithubOutput values. @@ -49924,9 +51456,12 @@ type ZeroTrustAccessPolicyIncludeGithubInput interface { } type ZeroTrustAccessPolicyIncludeGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (ZeroTrustAccessPolicyIncludeGithubArgs) ElementType() reflect.Type { @@ -49980,14 +51515,17 @@ func (o ZeroTrustAccessPolicyIncludeGithubOutput) ToZeroTrustAccessPolicyInclude return o } +// The ID of your Github identity provider. func (o ZeroTrustAccessPolicyIncludeGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o ZeroTrustAccessPolicyIncludeGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o ZeroTrustAccessPolicyIncludeGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -50013,8 +51551,10 @@ func (o ZeroTrustAccessPolicyIncludeGithubArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyIncludeGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // ZeroTrustAccessPolicyIncludeGsuiteInput is an input type that accepts ZeroTrustAccessPolicyIncludeGsuiteArgs and ZeroTrustAccessPolicyIncludeGsuiteOutput values. @@ -50029,8 +51569,10 @@ type ZeroTrustAccessPolicyIncludeGsuiteInput interface { } type ZeroTrustAccessPolicyIncludeGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (ZeroTrustAccessPolicyIncludeGsuiteArgs) ElementType() reflect.Type { @@ -50084,10 +51626,12 @@ func (o ZeroTrustAccessPolicyIncludeGsuiteOutput) ToZeroTrustAccessPolicyInclude return o } +// The email of the Google Workspace group. func (o ZeroTrustAccessPolicyIncludeGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o ZeroTrustAccessPolicyIncludeGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -50113,8 +51657,10 @@ func (o ZeroTrustAccessPolicyIncludeGsuiteArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyIncludeOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // ZeroTrustAccessPolicyIncludeOktaInput is an input type that accepts ZeroTrustAccessPolicyIncludeOktaArgs and ZeroTrustAccessPolicyIncludeOktaOutput values. @@ -50129,8 +51675,10 @@ type ZeroTrustAccessPolicyIncludeOktaInput interface { } type ZeroTrustAccessPolicyIncludeOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (ZeroTrustAccessPolicyIncludeOktaArgs) ElementType() reflect.Type { @@ -50184,10 +51732,12 @@ func (o ZeroTrustAccessPolicyIncludeOktaOutput) ToZeroTrustAccessPolicyIncludeOk return o } +// The ID of your Okta identity provider. func (o ZeroTrustAccessPolicyIncludeOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o ZeroTrustAccessPolicyIncludeOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -50213,8 +51763,11 @@ func (o ZeroTrustAccessPolicyIncludeOktaArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessPolicyIncludeSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -50230,8 +51783,11 @@ type ZeroTrustAccessPolicyIncludeSamlInput interface { } type ZeroTrustAccessPolicyIncludeSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -50286,14 +51842,17 @@ func (o ZeroTrustAccessPolicyIncludeSamlOutput) ToZeroTrustAccessPolicyIncludeSa return o } +// The name of the SAML attribute. func (o ZeroTrustAccessPolicyIncludeSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o ZeroTrustAccessPolicyIncludeSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o ZeroTrustAccessPolicyIncludeSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyIncludeSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -50319,32 +51878,51 @@ func (o ZeroTrustAccessPolicyIncludeSamlArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessPolicyRequire struct { + // Matches any valid Access service token. AnyValidServiceToken *bool `pulumi:"anyValidServiceToken"` AuthContexts []ZeroTrustAccessPolicyRequireAuthContext `pulumi:"authContexts"` - AuthMethod *string `pulumi:"authMethod"` - Azures []ZeroTrustAccessPolicyRequireAzure `pulumi:"azures"` - Certificate *bool `pulumi:"certificate"` - CommonName *string `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod *string `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures []ZeroTrustAccessPolicyRequireAzure `pulumi:"azures"` + // Matches any valid client certificate. + Certificate *bool `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName *string `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames []string `pulumi:"commonNames"` - DevicePostures []string `pulumi:"devicePostures"` - EmailDomains []string `pulumi:"emailDomains"` - EmailLists []string `pulumi:"emailLists"` - Emails []string `pulumi:"emails"` - Everyone *bool `pulumi:"everyone"` + CommonNames []string `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures []string `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains []string `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists []string `pulumi:"emailLists"` + // The email of the user. + Emails []string `pulumi:"emails"` + // Matches everyone. + Everyone *bool `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations []ZeroTrustAccessPolicyRequireExternalEvaluation `pulumi:"externalEvaluations"` - Geos []string `pulumi:"geos"` - Githubs []ZeroTrustAccessPolicyRequireGithub `pulumi:"githubs"` - Groups []string `pulumi:"groups"` - Gsuites []ZeroTrustAccessPolicyRequireGsuite `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos []string `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs []ZeroTrustAccessPolicyRequireGithub `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups []string `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites []ZeroTrustAccessPolicyRequireGsuite `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists []string `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips []string `pulumi:"ips"` - LoginMethods []string `pulumi:"loginMethods"` - Oktas []ZeroTrustAccessPolicyRequireOkta `pulumi:"oktas"` - Samls []ZeroTrustAccessPolicyRequireSaml `pulumi:"samls"` - ServiceTokens []string `pulumi:"serviceTokens"` + Ips []string `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods []string `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas []ZeroTrustAccessPolicyRequireOkta `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls []ZeroTrustAccessPolicyRequireSaml `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens []string `pulumi:"serviceTokens"` } // ZeroTrustAccessPolicyRequireInput is an input type that accepts ZeroTrustAccessPolicyRequireArgs and ZeroTrustAccessPolicyRequireOutput values. @@ -50359,32 +51937,51 @@ type ZeroTrustAccessPolicyRequireInput interface { } type ZeroTrustAccessPolicyRequireArgs struct { + // Matches any valid Access service token. AnyValidServiceToken pulumi.BoolPtrInput `pulumi:"anyValidServiceToken"` AuthContexts ZeroTrustAccessPolicyRequireAuthContextArrayInput `pulumi:"authContexts"` - AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` - Azures ZeroTrustAccessPolicyRequireAzureArrayInput `pulumi:"azures"` - Certificate pulumi.BoolPtrInput `pulumi:"certificate"` - CommonName pulumi.StringPtrInput `pulumi:"commonName"` + // The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + AuthMethod pulumi.StringPtrInput `pulumi:"authMethod"` + // Matches an Azure group. Requires an Azure identity provider. + Azures ZeroTrustAccessPolicyRequireAzureArrayInput `pulumi:"azures"` + // Matches any valid client certificate. + Certificate pulumi.BoolPtrInput `pulumi:"certificate"` + // Matches a valid client certificate common name. + CommonName pulumi.StringPtrInput `pulumi:"commonName"` // Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` - DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` - EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` - EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` - Emails pulumi.StringArrayInput `pulumi:"emails"` - Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + CommonNames pulumi.StringArrayInput `pulumi:"commonNames"` + // The ID of a device posture integration. + DevicePostures pulumi.StringArrayInput `pulumi:"devicePostures"` + // The email domain to match. + EmailDomains pulumi.StringArrayInput `pulumi:"emailDomains"` + // The ID of a previously created email list. + EmailLists pulumi.StringArrayInput `pulumi:"emailLists"` + // The email of the user. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // Matches everyone. + Everyone pulumi.BoolPtrInput `pulumi:"everyone"` + // Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. ExternalEvaluations ZeroTrustAccessPolicyRequireExternalEvaluationArrayInput `pulumi:"externalEvaluations"` - Geos pulumi.StringArrayInput `pulumi:"geos"` - Githubs ZeroTrustAccessPolicyRequireGithubArrayInput `pulumi:"githubs"` - Groups pulumi.StringArrayInput `pulumi:"groups"` - Gsuites ZeroTrustAccessPolicyRequireGsuiteArrayInput `pulumi:"gsuites"` - // The ID of an existing IP list to reference. + // Matches a specific country. + Geos pulumi.StringArrayInput `pulumi:"geos"` + // Matches a Github organization. Requires a Github identity provider. + Githubs ZeroTrustAccessPolicyRequireGithubArrayInput `pulumi:"githubs"` + // The ID of a previously created Access group. + Groups pulumi.StringArrayInput `pulumi:"groups"` + // Matches a group in Google Workspace. Requires a Google Workspace identity provider. + Gsuites ZeroTrustAccessPolicyRequireGsuiteArrayInput `pulumi:"gsuites"` + // The ID of a previously created IP list. IpLists pulumi.StringArrayInput `pulumi:"ipLists"` // An IPv4 or IPv6 CIDR block. - Ips pulumi.StringArrayInput `pulumi:"ips"` - LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` - Oktas ZeroTrustAccessPolicyRequireOktaArrayInput `pulumi:"oktas"` - Samls ZeroTrustAccessPolicyRequireSamlArrayInput `pulumi:"samls"` - ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` + Ips pulumi.StringArrayInput `pulumi:"ips"` + // The ID of a configured identity provider. + LoginMethods pulumi.StringArrayInput `pulumi:"loginMethods"` + // Matches an Okta group. Requires an Okta identity provider. + Oktas ZeroTrustAccessPolicyRequireOktaArrayInput `pulumi:"oktas"` + // Matches a SAML group. Requires a SAML identity provider. + Samls ZeroTrustAccessPolicyRequireSamlArrayInput `pulumi:"samls"` + // The ID of an Access service token. + ServiceTokens pulumi.StringArrayInput `pulumi:"serviceTokens"` } func (ZeroTrustAccessPolicyRequireArgs) ElementType() reflect.Type { @@ -50438,6 +52035,7 @@ func (o ZeroTrustAccessPolicyRequireOutput) ToZeroTrustAccessPolicyRequireOutput return o } +// Matches any valid Access service token. func (o ZeroTrustAccessPolicyRequireOutput) AnyValidServiceToken() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) *bool { return v.AnyValidServiceToken }).(pulumi.BoolPtrOutput) } @@ -50446,18 +52044,22 @@ func (o ZeroTrustAccessPolicyRequireOutput) AuthContexts() ZeroTrustAccessPolicy return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireAuthContext { return v.AuthContexts }).(ZeroTrustAccessPolicyRequireAuthContextArrayOutput) } +// The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. func (o ZeroTrustAccessPolicyRequireOutput) AuthMethod() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) *string { return v.AuthMethod }).(pulumi.StringPtrOutput) } +// Matches an Azure group. Requires an Azure identity provider. func (o ZeroTrustAccessPolicyRequireOutput) Azures() ZeroTrustAccessPolicyRequireAzureArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireAzure { return v.Azures }).(ZeroTrustAccessPolicyRequireAzureArrayOutput) } +// Matches any valid client certificate. func (o ZeroTrustAccessPolicyRequireOutput) Certificate() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) *bool { return v.Certificate }).(pulumi.BoolPtrOutput) } +// Matches a valid client certificate common name. func (o ZeroTrustAccessPolicyRequireOutput) CommonName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) *string { return v.CommonName }).(pulumi.StringPtrOutput) } @@ -50467,49 +52069,59 @@ func (o ZeroTrustAccessPolicyRequireOutput) CommonNames() pulumi.StringArrayOutp return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.CommonNames }).(pulumi.StringArrayOutput) } +// The ID of a device posture integration. func (o ZeroTrustAccessPolicyRequireOutput) DevicePostures() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.DevicePostures }).(pulumi.StringArrayOutput) } +// The email domain to match. func (o ZeroTrustAccessPolicyRequireOutput) EmailDomains() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.EmailDomains }).(pulumi.StringArrayOutput) } +// The ID of a previously created email list. func (o ZeroTrustAccessPolicyRequireOutput) EmailLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.EmailLists }).(pulumi.StringArrayOutput) } +// The email of the user. func (o ZeroTrustAccessPolicyRequireOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// Matches everyone. func (o ZeroTrustAccessPolicyRequireOutput) Everyone() pulumi.BoolPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) *bool { return v.Everyone }).(pulumi.BoolPtrOutput) } +// Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. func (o ZeroTrustAccessPolicyRequireOutput) ExternalEvaluations() ZeroTrustAccessPolicyRequireExternalEvaluationArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireExternalEvaluation { return v.ExternalEvaluations }).(ZeroTrustAccessPolicyRequireExternalEvaluationArrayOutput) } +// Matches a specific country. func (o ZeroTrustAccessPolicyRequireOutput) Geos() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.Geos }).(pulumi.StringArrayOutput) } +// Matches a Github organization. Requires a Github identity provider. func (o ZeroTrustAccessPolicyRequireOutput) Githubs() ZeroTrustAccessPolicyRequireGithubArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireGithub { return v.Githubs }).(ZeroTrustAccessPolicyRequireGithubArrayOutput) } +// The ID of a previously created Access group. func (o ZeroTrustAccessPolicyRequireOutput) Groups() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.Groups }).(pulumi.StringArrayOutput) } +// Matches a group in Google Workspace. Requires a Google Workspace identity provider. func (o ZeroTrustAccessPolicyRequireOutput) Gsuites() ZeroTrustAccessPolicyRequireGsuiteArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireGsuite { return v.Gsuites }).(ZeroTrustAccessPolicyRequireGsuiteArrayOutput) } -// The ID of an existing IP list to reference. +// The ID of a previously created IP list. func (o ZeroTrustAccessPolicyRequireOutput) IpLists() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.IpLists }).(pulumi.StringArrayOutput) } @@ -50519,18 +52131,22 @@ func (o ZeroTrustAccessPolicyRequireOutput) Ips() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.Ips }).(pulumi.StringArrayOutput) } +// The ID of a configured identity provider. func (o ZeroTrustAccessPolicyRequireOutput) LoginMethods() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.LoginMethods }).(pulumi.StringArrayOutput) } +// Matches an Okta group. Requires an Okta identity provider. func (o ZeroTrustAccessPolicyRequireOutput) Oktas() ZeroTrustAccessPolicyRequireOktaArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireOkta { return v.Oktas }).(ZeroTrustAccessPolicyRequireOktaArrayOutput) } +// Matches a SAML group. Requires a SAML identity provider. func (o ZeroTrustAccessPolicyRequireOutput) Samls() ZeroTrustAccessPolicyRequireSamlArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []ZeroTrustAccessPolicyRequireSaml { return v.Samls }).(ZeroTrustAccessPolicyRequireSamlArrayOutput) } +// The ID of an Access service token. func (o ZeroTrustAccessPolicyRequireOutput) ServiceTokens() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequire) []string { return v.ServiceTokens }).(pulumi.StringArrayOutput) } @@ -50560,7 +52176,7 @@ type ZeroTrustAccessPolicyRequireAuthContext struct { AcId string `pulumi:"acId"` // The ID of the Authentication Context. Id string `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId string `pulumi:"identityProviderId"` } @@ -50580,7 +52196,7 @@ type ZeroTrustAccessPolicyRequireAuthContextArgs struct { AcId pulumi.StringInput `pulumi:"acId"` // The ID of the Authentication Context. Id pulumi.StringInput `pulumi:"id"` - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringInput `pulumi:"identityProviderId"` } @@ -50645,7 +52261,7 @@ func (o ZeroTrustAccessPolicyRequireAuthContextOutput) Id() pulumi.StringOutput return o.ApplyT(func(v ZeroTrustAccessPolicyRequireAuthContext) string { return v.Id }).(pulumi.StringOutput) } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessPolicyRequireAuthContextOutput) IdentityProviderId() pulumi.StringOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireAuthContext) string { return v.IdentityProviderId }).(pulumi.StringOutput) } @@ -50671,7 +52287,7 @@ func (o ZeroTrustAccessPolicyRequireAuthContextArrayOutput) Index(i pulumi.IntIn } type ZeroTrustAccessPolicyRequireAzure struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids []string `pulumi:"ids"` @@ -50689,7 +52305,7 @@ type ZeroTrustAccessPolicyRequireAzureInput interface { } type ZeroTrustAccessPolicyRequireAzureArgs struct { - // The ID of the Azure Identity provider. + // The ID of the Azure identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` // The ID of the Azure group or user. Ids pulumi.StringArrayInput `pulumi:"ids"` @@ -50746,7 +52362,7 @@ func (o ZeroTrustAccessPolicyRequireAzureOutput) ToZeroTrustAccessPolicyRequireA return o } -// The ID of the Azure Identity provider. +// The ID of the Azure identity provider. func (o ZeroTrustAccessPolicyRequireAzureOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireAzure) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -50777,8 +52393,10 @@ func (o ZeroTrustAccessPolicyRequireAzureArrayOutput) Index(i pulumi.IntInput) Z } type ZeroTrustAccessPolicyRequireExternalEvaluation struct { + // The API endpoint containing your business logic. EvaluateUrl *string `pulumi:"evaluateUrl"` - KeysUrl *string `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl *string `pulumi:"keysUrl"` } // ZeroTrustAccessPolicyRequireExternalEvaluationInput is an input type that accepts ZeroTrustAccessPolicyRequireExternalEvaluationArgs and ZeroTrustAccessPolicyRequireExternalEvaluationOutput values. @@ -50793,8 +52411,10 @@ type ZeroTrustAccessPolicyRequireExternalEvaluationInput interface { } type ZeroTrustAccessPolicyRequireExternalEvaluationArgs struct { + // The API endpoint containing your business logic. EvaluateUrl pulumi.StringPtrInput `pulumi:"evaluateUrl"` - KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` + // The API endpoint containing the key that Access uses to verify that the response came from your API. + KeysUrl pulumi.StringPtrInput `pulumi:"keysUrl"` } func (ZeroTrustAccessPolicyRequireExternalEvaluationArgs) ElementType() reflect.Type { @@ -50848,10 +52468,12 @@ func (o ZeroTrustAccessPolicyRequireExternalEvaluationOutput) ToZeroTrustAccessP return o } +// The API endpoint containing your business logic. func (o ZeroTrustAccessPolicyRequireExternalEvaluationOutput) EvaluateUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireExternalEvaluation) *string { return v.EvaluateUrl }).(pulumi.StringPtrOutput) } +// The API endpoint containing the key that Access uses to verify that the response came from your API. func (o ZeroTrustAccessPolicyRequireExternalEvaluationOutput) KeysUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireExternalEvaluation) *string { return v.KeysUrl }).(pulumi.StringPtrOutput) } @@ -50877,9 +52499,12 @@ func (o ZeroTrustAccessPolicyRequireExternalEvaluationArrayOutput) Index(i pulum } type ZeroTrustAccessPolicyRequireGithub struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Name *string `pulumi:"name"` - Teams []string `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the organization. + Name *string `pulumi:"name"` + // The teams that should be matched. + Teams []string `pulumi:"teams"` } // ZeroTrustAccessPolicyRequireGithubInput is an input type that accepts ZeroTrustAccessPolicyRequireGithubArgs and ZeroTrustAccessPolicyRequireGithubOutput values. @@ -50894,9 +52519,12 @@ type ZeroTrustAccessPolicyRequireGithubInput interface { } type ZeroTrustAccessPolicyRequireGithubArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Name pulumi.StringPtrInput `pulumi:"name"` - Teams pulumi.StringArrayInput `pulumi:"teams"` + // The ID of your Github identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the organization. + Name pulumi.StringPtrInput `pulumi:"name"` + // The teams that should be matched. + Teams pulumi.StringArrayInput `pulumi:"teams"` } func (ZeroTrustAccessPolicyRequireGithubArgs) ElementType() reflect.Type { @@ -50950,14 +52578,17 @@ func (o ZeroTrustAccessPolicyRequireGithubOutput) ToZeroTrustAccessPolicyRequire return o } +// The ID of your Github identity provider. func (o ZeroTrustAccessPolicyRequireGithubOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireGithub) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the organization. func (o ZeroTrustAccessPolicyRequireGithubOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireGithub) *string { return v.Name }).(pulumi.StringPtrOutput) } +// The teams that should be matched. func (o ZeroTrustAccessPolicyRequireGithubOutput) Teams() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireGithub) []string { return v.Teams }).(pulumi.StringArrayOutput) } @@ -50983,8 +52614,10 @@ func (o ZeroTrustAccessPolicyRequireGithubArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyRequireGsuite struct { - Emails []string `pulumi:"emails"` - IdentityProviderId *string `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails []string `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` } // ZeroTrustAccessPolicyRequireGsuiteInput is an input type that accepts ZeroTrustAccessPolicyRequireGsuiteArgs and ZeroTrustAccessPolicyRequireGsuiteOutput values. @@ -50999,8 +52632,10 @@ type ZeroTrustAccessPolicyRequireGsuiteInput interface { } type ZeroTrustAccessPolicyRequireGsuiteArgs struct { - Emails pulumi.StringArrayInput `pulumi:"emails"` - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The email of the Google Workspace group. + Emails pulumi.StringArrayInput `pulumi:"emails"` + // The ID of your Google Workspace identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } func (ZeroTrustAccessPolicyRequireGsuiteArgs) ElementType() reflect.Type { @@ -51054,10 +52689,12 @@ func (o ZeroTrustAccessPolicyRequireGsuiteOutput) ToZeroTrustAccessPolicyRequire return o } +// The email of the Google Workspace group. func (o ZeroTrustAccessPolicyRequireGsuiteOutput) Emails() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireGsuite) []string { return v.Emails }).(pulumi.StringArrayOutput) } +// The ID of your Google Workspace identity provider. func (o ZeroTrustAccessPolicyRequireGsuiteOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireGsuite) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -51083,8 +52720,10 @@ func (o ZeroTrustAccessPolicyRequireGsuiteArrayOutput) Index(i pulumi.IntInput) } type ZeroTrustAccessPolicyRequireOkta struct { - IdentityProviderId *string `pulumi:"identityProviderId"` - Names []string `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId *string `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names []string `pulumi:"names"` } // ZeroTrustAccessPolicyRequireOktaInput is an input type that accepts ZeroTrustAccessPolicyRequireOktaArgs and ZeroTrustAccessPolicyRequireOktaOutput values. @@ -51099,8 +52738,10 @@ type ZeroTrustAccessPolicyRequireOktaInput interface { } type ZeroTrustAccessPolicyRequireOktaArgs struct { - IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` - Names pulumi.StringArrayInput `pulumi:"names"` + // The ID of your Okta identity provider. + IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` + // The name of the Okta Group. + Names pulumi.StringArrayInput `pulumi:"names"` } func (ZeroTrustAccessPolicyRequireOktaArgs) ElementType() reflect.Type { @@ -51154,10 +52795,12 @@ func (o ZeroTrustAccessPolicyRequireOktaOutput) ToZeroTrustAccessPolicyRequireOk return o } +// The ID of your Okta identity provider. func (o ZeroTrustAccessPolicyRequireOktaOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireOkta) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } +// The name of the Okta Group. func (o ZeroTrustAccessPolicyRequireOktaOutput) Names() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireOkta) []string { return v.Names }).(pulumi.StringArrayOutput) } @@ -51183,8 +52826,11 @@ func (o ZeroTrustAccessPolicyRequireOktaArrayOutput) Index(i pulumi.IntInput) Ze } type ZeroTrustAccessPolicyRequireSaml struct { - AttributeName *string `pulumi:"attributeName"` - AttributeValue *string `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName *string `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue *string `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId *string `pulumi:"identityProviderId"` } @@ -51200,8 +52846,11 @@ type ZeroTrustAccessPolicyRequireSamlInput interface { } type ZeroTrustAccessPolicyRequireSamlArgs struct { - AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` - AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The name of the SAML attribute. + AttributeName pulumi.StringPtrInput `pulumi:"attributeName"` + // The SAML attribute value to look for. + AttributeValue pulumi.StringPtrInput `pulumi:"attributeValue"` + // The ID of your SAML identity provider. IdentityProviderId pulumi.StringPtrInput `pulumi:"identityProviderId"` } @@ -51256,14 +52905,17 @@ func (o ZeroTrustAccessPolicyRequireSamlOutput) ToZeroTrustAccessPolicyRequireSa return o } +// The name of the SAML attribute. func (o ZeroTrustAccessPolicyRequireSamlOutput) AttributeName() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireSaml) *string { return v.AttributeName }).(pulumi.StringPtrOutput) } +// The SAML attribute value to look for. func (o ZeroTrustAccessPolicyRequireSamlOutput) AttributeValue() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireSaml) *string { return v.AttributeValue }).(pulumi.StringPtrOutput) } +// The ID of your SAML identity provider. func (o ZeroTrustAccessPolicyRequireSamlOutput) IdentityProviderId() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustAccessPolicyRequireSaml) *string { return v.IdentityProviderId }).(pulumi.StringPtrOutput) } @@ -51623,13 +53275,13 @@ type ZeroTrustDevicePostureRuleInputType struct { CountOperator *string `pulumi:"countOperator"` // The domain that the client must join. Domain *string `pulumi:"domain"` - // The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + // The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. EidLastSeen *string `pulumi:"eidLastSeen"` // True if the firewall must be enabled. Enabled *bool `pulumi:"enabled"` // Checks if the file should exist. Exists *bool `pulumi:"exists"` - // List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + // List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. ExtendedKeyUsages []string `pulumi:"extendedKeyUsages"` // The Teams List id. Required for `serialNumber` and `uniqueClientId` rule types. Id *string `pulumi:"id"` @@ -51641,7 +53293,7 @@ type ZeroTrustDevicePostureRuleInputType struct { IssueCount *string `pulumi:"issueCount"` // The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. LastSeen *string `pulumi:"lastSeen"` - // List of locations to check for client certificate. + // List of operating system locations to check for a client certificate.. Locations []ZeroTrustDevicePostureRuleInputLocation `pulumi:"locations"` // The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. NetworkStatus *string `pulumi:"networkStatus"` @@ -51677,7 +53329,7 @@ type ZeroTrustDevicePostureRuleInputType struct { TotalScore *int `pulumi:"totalScore"` // The operating system semantic version. Version *string `pulumi:"version"` - // The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + // The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. VersionOperator *string `pulumi:"versionOperator"` } @@ -51711,13 +53363,13 @@ type ZeroTrustDevicePostureRuleInputTypeArgs struct { CountOperator pulumi.StringPtrInput `pulumi:"countOperator"` // The domain that the client must join. Domain pulumi.StringPtrInput `pulumi:"domain"` - // The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + // The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. EidLastSeen pulumi.StringPtrInput `pulumi:"eidLastSeen"` // True if the firewall must be enabled. Enabled pulumi.BoolPtrInput `pulumi:"enabled"` // Checks if the file should exist. Exists pulumi.BoolPtrInput `pulumi:"exists"` - // List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + // List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. ExtendedKeyUsages pulumi.StringArrayInput `pulumi:"extendedKeyUsages"` // The Teams List id. Required for `serialNumber` and `uniqueClientId` rule types. Id pulumi.StringPtrInput `pulumi:"id"` @@ -51729,7 +53381,7 @@ type ZeroTrustDevicePostureRuleInputTypeArgs struct { IssueCount pulumi.StringPtrInput `pulumi:"issueCount"` // The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. LastSeen pulumi.StringPtrInput `pulumi:"lastSeen"` - // List of locations to check for client certificate. + // List of operating system locations to check for a client certificate.. Locations ZeroTrustDevicePostureRuleInputLocationArrayInput `pulumi:"locations"` // The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. NetworkStatus pulumi.StringPtrInput `pulumi:"networkStatus"` @@ -51765,7 +53417,7 @@ type ZeroTrustDevicePostureRuleInputTypeArgs struct { TotalScore pulumi.IntPtrInput `pulumi:"totalScore"` // The operating system semantic version. Version pulumi.StringPtrInput `pulumi:"version"` - // The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + // The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. VersionOperator pulumi.StringPtrInput `pulumi:"versionOperator"` } @@ -51865,7 +53517,7 @@ func (o ZeroTrustDevicePostureRuleInputTypeOutput) Domain() pulumi.StringPtrOutp return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) *string { return v.Domain }).(pulumi.StringPtrOutput) } -// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` +// The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. func (o ZeroTrustDevicePostureRuleInputTypeOutput) EidLastSeen() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) *string { return v.EidLastSeen }).(pulumi.StringPtrOutput) } @@ -51880,7 +53532,7 @@ func (o ZeroTrustDevicePostureRuleInputTypeOutput) Exists() pulumi.BoolPtrOutput return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) *bool { return v.Exists }).(pulumi.BoolPtrOutput) } -// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` +// List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. func (o ZeroTrustDevicePostureRuleInputTypeOutput) ExtendedKeyUsages() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) []string { return v.ExtendedKeyUsages }).(pulumi.StringArrayOutput) } @@ -51910,7 +53562,7 @@ func (o ZeroTrustDevicePostureRuleInputTypeOutput) LastSeen() pulumi.StringPtrOu return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) *string { return v.LastSeen }).(pulumi.StringPtrOutput) } -// List of locations to check for client certificate. +// List of operating system locations to check for a client certificate.. func (o ZeroTrustDevicePostureRuleInputTypeOutput) Locations() ZeroTrustDevicePostureRuleInputLocationArrayOutput { return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) []ZeroTrustDevicePostureRuleInputLocation { return v.Locations @@ -52002,7 +53654,7 @@ func (o ZeroTrustDevicePostureRuleInputTypeOutput) Version() pulumi.StringPtrOut return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) *string { return v.Version }).(pulumi.StringPtrOutput) } -// The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. +// The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. func (o ZeroTrustDevicePostureRuleInputTypeOutput) VersionOperator() pulumi.StringPtrOutput { return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputType) *string { return v.VersionOperator }).(pulumi.StringPtrOutput) } @@ -52030,7 +53682,7 @@ func (o ZeroTrustDevicePostureRuleInputTypeArrayOutput) Index(i pulumi.IntInput) type ZeroTrustDevicePostureRuleInputLocation struct { // List of paths to check for client certificate rule. Paths []string `pulumi:"paths"` - // List of trust stores to check for client certificate rule. Available values: `system`, `user` + // List of trust stores to check for client certificate rule. Available values: `system`, `user`. TrustStores []string `pulumi:"trustStores"` } @@ -52048,7 +53700,7 @@ type ZeroTrustDevicePostureRuleInputLocationInput interface { type ZeroTrustDevicePostureRuleInputLocationArgs struct { // List of paths to check for client certificate rule. Paths pulumi.StringArrayInput `pulumi:"paths"` - // List of trust stores to check for client certificate rule. Available values: `system`, `user` + // List of trust stores to check for client certificate rule. Available values: `system`, `user`. TrustStores pulumi.StringArrayInput `pulumi:"trustStores"` } @@ -52108,7 +53760,7 @@ func (o ZeroTrustDevicePostureRuleInputLocationOutput) Paths() pulumi.StringArra return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputLocation) []string { return v.Paths }).(pulumi.StringArrayOutput) } -// List of trust stores to check for client certificate rule. Available values: `system`, `user` +// List of trust stores to check for client certificate rule. Available values: `system`, `user`. func (o ZeroTrustDevicePostureRuleInputLocationOutput) TrustStores() pulumi.StringArrayOutput { return o.ApplyT(func(v ZeroTrustDevicePostureRuleInputLocation) []string { return v.TrustStores }).(pulumi.StringArrayOutput) } @@ -56088,6 +57740,143 @@ func (o ZeroTrustGatewaySettingsBodyScanningPtrOutput) InspectionMode() pulumi.S }).(pulumi.StringPtrOutput) } +type ZeroTrustGatewaySettingsCertificate struct { + // ID of certificate for TLS interception. + Id string `pulumi:"id"` +} + +// ZeroTrustGatewaySettingsCertificateInput is an input type that accepts ZeroTrustGatewaySettingsCertificateArgs and ZeroTrustGatewaySettingsCertificateOutput values. +// You can construct a concrete instance of `ZeroTrustGatewaySettingsCertificateInput` via: +// +// ZeroTrustGatewaySettingsCertificateArgs{...} +type ZeroTrustGatewaySettingsCertificateInput interface { + pulumi.Input + + ToZeroTrustGatewaySettingsCertificateOutput() ZeroTrustGatewaySettingsCertificateOutput + ToZeroTrustGatewaySettingsCertificateOutputWithContext(context.Context) ZeroTrustGatewaySettingsCertificateOutput +} + +type ZeroTrustGatewaySettingsCertificateArgs struct { + // ID of certificate for TLS interception. + Id pulumi.StringInput `pulumi:"id"` +} + +func (ZeroTrustGatewaySettingsCertificateArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ZeroTrustGatewaySettingsCertificate)(nil)).Elem() +} + +func (i ZeroTrustGatewaySettingsCertificateArgs) ToZeroTrustGatewaySettingsCertificateOutput() ZeroTrustGatewaySettingsCertificateOutput { + return i.ToZeroTrustGatewaySettingsCertificateOutputWithContext(context.Background()) +} + +func (i ZeroTrustGatewaySettingsCertificateArgs) ToZeroTrustGatewaySettingsCertificateOutputWithContext(ctx context.Context) ZeroTrustGatewaySettingsCertificateOutput { + return pulumi.ToOutputWithContext(ctx, i).(ZeroTrustGatewaySettingsCertificateOutput) +} + +func (i ZeroTrustGatewaySettingsCertificateArgs) ToZeroTrustGatewaySettingsCertificatePtrOutput() ZeroTrustGatewaySettingsCertificatePtrOutput { + return i.ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(context.Background()) +} + +func (i ZeroTrustGatewaySettingsCertificateArgs) ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(ctx context.Context) ZeroTrustGatewaySettingsCertificatePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ZeroTrustGatewaySettingsCertificateOutput).ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(ctx) +} + +// ZeroTrustGatewaySettingsCertificatePtrInput is an input type that accepts ZeroTrustGatewaySettingsCertificateArgs, ZeroTrustGatewaySettingsCertificatePtr and ZeroTrustGatewaySettingsCertificatePtrOutput values. +// You can construct a concrete instance of `ZeroTrustGatewaySettingsCertificatePtrInput` via: +// +// ZeroTrustGatewaySettingsCertificateArgs{...} +// +// or: +// +// nil +type ZeroTrustGatewaySettingsCertificatePtrInput interface { + pulumi.Input + + ToZeroTrustGatewaySettingsCertificatePtrOutput() ZeroTrustGatewaySettingsCertificatePtrOutput + ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(context.Context) ZeroTrustGatewaySettingsCertificatePtrOutput +} + +type zeroTrustGatewaySettingsCertificatePtrType ZeroTrustGatewaySettingsCertificateArgs + +func ZeroTrustGatewaySettingsCertificatePtr(v *ZeroTrustGatewaySettingsCertificateArgs) ZeroTrustGatewaySettingsCertificatePtrInput { + return (*zeroTrustGatewaySettingsCertificatePtrType)(v) +} + +func (*zeroTrustGatewaySettingsCertificatePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ZeroTrustGatewaySettingsCertificate)(nil)).Elem() +} + +func (i *zeroTrustGatewaySettingsCertificatePtrType) ToZeroTrustGatewaySettingsCertificatePtrOutput() ZeroTrustGatewaySettingsCertificatePtrOutput { + return i.ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(context.Background()) +} + +func (i *zeroTrustGatewaySettingsCertificatePtrType) ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(ctx context.Context) ZeroTrustGatewaySettingsCertificatePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ZeroTrustGatewaySettingsCertificatePtrOutput) +} + +type ZeroTrustGatewaySettingsCertificateOutput struct{ *pulumi.OutputState } + +func (ZeroTrustGatewaySettingsCertificateOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ZeroTrustGatewaySettingsCertificate)(nil)).Elem() +} + +func (o ZeroTrustGatewaySettingsCertificateOutput) ToZeroTrustGatewaySettingsCertificateOutput() ZeroTrustGatewaySettingsCertificateOutput { + return o +} + +func (o ZeroTrustGatewaySettingsCertificateOutput) ToZeroTrustGatewaySettingsCertificateOutputWithContext(ctx context.Context) ZeroTrustGatewaySettingsCertificateOutput { + return o +} + +func (o ZeroTrustGatewaySettingsCertificateOutput) ToZeroTrustGatewaySettingsCertificatePtrOutput() ZeroTrustGatewaySettingsCertificatePtrOutput { + return o.ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(context.Background()) +} + +func (o ZeroTrustGatewaySettingsCertificateOutput) ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(ctx context.Context) ZeroTrustGatewaySettingsCertificatePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ZeroTrustGatewaySettingsCertificate) *ZeroTrustGatewaySettingsCertificate { + return &v + }).(ZeroTrustGatewaySettingsCertificatePtrOutput) +} + +// ID of certificate for TLS interception. +func (o ZeroTrustGatewaySettingsCertificateOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v ZeroTrustGatewaySettingsCertificate) string { return v.Id }).(pulumi.StringOutput) +} + +type ZeroTrustGatewaySettingsCertificatePtrOutput struct{ *pulumi.OutputState } + +func (ZeroTrustGatewaySettingsCertificatePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ZeroTrustGatewaySettingsCertificate)(nil)).Elem() +} + +func (o ZeroTrustGatewaySettingsCertificatePtrOutput) ToZeroTrustGatewaySettingsCertificatePtrOutput() ZeroTrustGatewaySettingsCertificatePtrOutput { + return o +} + +func (o ZeroTrustGatewaySettingsCertificatePtrOutput) ToZeroTrustGatewaySettingsCertificatePtrOutputWithContext(ctx context.Context) ZeroTrustGatewaySettingsCertificatePtrOutput { + return o +} + +func (o ZeroTrustGatewaySettingsCertificatePtrOutput) Elem() ZeroTrustGatewaySettingsCertificateOutput { + return o.ApplyT(func(v *ZeroTrustGatewaySettingsCertificate) ZeroTrustGatewaySettingsCertificate { + if v != nil { + return *v + } + var ret ZeroTrustGatewaySettingsCertificate + return ret + }).(ZeroTrustGatewaySettingsCertificateOutput) +} + +// ID of certificate for TLS interception. +func (o ZeroTrustGatewaySettingsCertificatePtrOutput) Id() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ZeroTrustGatewaySettingsCertificate) *string { + if v == nil { + return nil + } + return &v.Id + }).(pulumi.StringPtrOutput) +} + type ZeroTrustGatewaySettingsCustomCertificate struct { // Whether TLS encryption should use a custom certificate. Enabled bool `pulumi:"enabled"` @@ -57466,7 +59255,7 @@ func (o ZeroTrustGatewaySettingsPayloadLogPtrOutput) PublicKey() pulumi.StringPt } type ZeroTrustGatewaySettingsProxy struct { - // Sets the time limit in seconds that a user can use an override code to bypass WARP + // Sets the time limit in seconds that a user can use an override code to bypass WARP. DisableForTime int `pulumi:"disableForTime"` // Whether root ca is enabled account wide for ZT clients. RootCa bool `pulumi:"rootCa"` @@ -57490,7 +59279,7 @@ type ZeroTrustGatewaySettingsProxyInput interface { } type ZeroTrustGatewaySettingsProxyArgs struct { - // Sets the time limit in seconds that a user can use an override code to bypass WARP + // Sets the time limit in seconds that a user can use an override code to bypass WARP. DisableForTime pulumi.IntInput `pulumi:"disableForTime"` // Whether root ca is enabled account wide for ZT clients. RootCa pulumi.BoolInput `pulumi:"rootCa"` @@ -57579,7 +59368,7 @@ func (o ZeroTrustGatewaySettingsProxyOutput) ToZeroTrustGatewaySettingsProxyPtrO }).(ZeroTrustGatewaySettingsProxyPtrOutput) } -// Sets the time limit in seconds that a user can use an override code to bypass WARP +// Sets the time limit in seconds that a user can use an override code to bypass WARP. func (o ZeroTrustGatewaySettingsProxyOutput) DisableForTime() pulumi.IntOutput { return o.ApplyT(func(v ZeroTrustGatewaySettingsProxy) int { return v.DisableForTime }).(pulumi.IntOutput) } @@ -57628,7 +59417,7 @@ func (o ZeroTrustGatewaySettingsProxyPtrOutput) Elem() ZeroTrustGatewaySettingsP }).(ZeroTrustGatewaySettingsProxyOutput) } -// Sets the time limit in seconds that a user can use an override code to bypass WARP +// Sets the time limit in seconds that a user can use an override code to bypass WARP. func (o ZeroTrustGatewaySettingsProxyPtrOutput) DisableForTime() pulumi.IntPtrOutput { return o.ApplyT(func(v *ZeroTrustGatewaySettingsProxy) *int { if v == nil { @@ -60369,6 +62158,7 @@ type ZoneSettingsOverrideInitialSetting struct { PrivacyPass *string `pulumi:"privacyPass"` ProxyReadTimeout *string `pulumi:"proxyReadTimeout"` PseudoIpv4 *string `pulumi:"pseudoIpv4"` + ReplaceInsecureJs *string `pulumi:"replaceInsecureJs"` ResponseBuffering *string `pulumi:"responseBuffering"` RocketLoader *string `pulumi:"rocketLoader"` SecurityHeader *ZoneSettingsOverrideInitialSettingSecurityHeader `pulumi:"securityHeader"` @@ -60442,6 +62232,7 @@ type ZoneSettingsOverrideInitialSettingArgs struct { PrivacyPass pulumi.StringPtrInput `pulumi:"privacyPass"` ProxyReadTimeout pulumi.StringPtrInput `pulumi:"proxyReadTimeout"` PseudoIpv4 pulumi.StringPtrInput `pulumi:"pseudoIpv4"` + ReplaceInsecureJs pulumi.StringPtrInput `pulumi:"replaceInsecureJs"` ResponseBuffering pulumi.StringPtrInput `pulumi:"responseBuffering"` RocketLoader pulumi.StringPtrInput `pulumi:"rocketLoader"` SecurityHeader ZoneSettingsOverrideInitialSettingSecurityHeaderPtrInput `pulumi:"securityHeader"` @@ -60676,6 +62467,10 @@ func (o ZoneSettingsOverrideInitialSettingOutput) PseudoIpv4() pulumi.StringPtrO return o.ApplyT(func(v ZoneSettingsOverrideInitialSetting) *string { return v.PseudoIpv4 }).(pulumi.StringPtrOutput) } +func (o ZoneSettingsOverrideInitialSettingOutput) ReplaceInsecureJs() pulumi.StringPtrOutput { + return o.ApplyT(func(v ZoneSettingsOverrideInitialSetting) *string { return v.ReplaceInsecureJs }).(pulumi.StringPtrOutput) +} + func (o ZoneSettingsOverrideInitialSettingOutput) ResponseBuffering() pulumi.StringPtrOutput { return o.ApplyT(func(v ZoneSettingsOverrideInitialSetting) *string { return v.ResponseBuffering }).(pulumi.StringPtrOutput) } @@ -61461,6 +63256,7 @@ type ZoneSettingsOverrideSettings struct { PrivacyPass *string `pulumi:"privacyPass"` ProxyReadTimeout *string `pulumi:"proxyReadTimeout"` PseudoIpv4 *string `pulumi:"pseudoIpv4"` + ReplaceInsecureJs *string `pulumi:"replaceInsecureJs"` ResponseBuffering *string `pulumi:"responseBuffering"` RocketLoader *string `pulumi:"rocketLoader"` SecurityHeader *ZoneSettingsOverrideSettingsSecurityHeader `pulumi:"securityHeader"` @@ -61534,6 +63330,7 @@ type ZoneSettingsOverrideSettingsArgs struct { PrivacyPass pulumi.StringPtrInput `pulumi:"privacyPass"` ProxyReadTimeout pulumi.StringPtrInput `pulumi:"proxyReadTimeout"` PseudoIpv4 pulumi.StringPtrInput `pulumi:"pseudoIpv4"` + ReplaceInsecureJs pulumi.StringPtrInput `pulumi:"replaceInsecureJs"` ResponseBuffering pulumi.StringPtrInput `pulumi:"responseBuffering"` RocketLoader pulumi.StringPtrInput `pulumi:"rocketLoader"` SecurityHeader ZoneSettingsOverrideSettingsSecurityHeaderPtrInput `pulumi:"securityHeader"` @@ -61794,6 +63591,10 @@ func (o ZoneSettingsOverrideSettingsOutput) PseudoIpv4() pulumi.StringPtrOutput return o.ApplyT(func(v ZoneSettingsOverrideSettings) *string { return v.PseudoIpv4 }).(pulumi.StringPtrOutput) } +func (o ZoneSettingsOverrideSettingsOutput) ReplaceInsecureJs() pulumi.StringPtrOutput { + return o.ApplyT(func(v ZoneSettingsOverrideSettings) *string { return v.ReplaceInsecureJs }).(pulumi.StringPtrOutput) +} + func (o ZoneSettingsOverrideSettingsOutput) ResponseBuffering() pulumi.StringPtrOutput { return o.ApplyT(func(v ZoneSettingsOverrideSettings) *string { return v.ResponseBuffering }).(pulumi.StringPtrOutput) } @@ -62250,6 +64051,15 @@ func (o ZoneSettingsOverrideSettingsPtrOutput) PseudoIpv4() pulumi.StringPtrOutp }).(pulumi.StringPtrOutput) } +func (o ZoneSettingsOverrideSettingsPtrOutput) ReplaceInsecureJs() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ZoneSettingsOverrideSettings) *string { + if v == nil { + return nil + } + return v.ReplaceInsecureJs + }).(pulumi.StringPtrOutput) +} + func (o ZoneSettingsOverrideSettingsPtrOutput) ResponseBuffering() pulumi.StringPtrOutput { return o.ApplyT(func(v *ZoneSettingsOverrideSettings) *string { if v == nil { @@ -65670,6 +67480,8 @@ type GetRulesetsRulesetRuleActionParameters struct { Cache *bool `pulumi:"cache"` // List of cache key parameters to apply to the request. CacheKey *GetRulesetsRulesetRuleActionParametersCacheKey `pulumi:"cacheKey"` + // List of cache reserve parameters to apply to the request. + CacheReserve *GetRulesetsRulesetRuleActionParametersCacheReserve `pulumi:"cacheReserve"` // Content of the custom error response Content *string `pulumi:"content"` // Content-Type of the custom error response @@ -65783,6 +67595,8 @@ type GetRulesetsRulesetRuleActionParametersArgs struct { Cache pulumi.BoolPtrInput `pulumi:"cache"` // List of cache key parameters to apply to the request. CacheKey GetRulesetsRulesetRuleActionParametersCacheKeyPtrInput `pulumi:"cacheKey"` + // List of cache reserve parameters to apply to the request. + CacheReserve GetRulesetsRulesetRuleActionParametersCacheReservePtrInput `pulumi:"cacheReserve"` // Content of the custom error response Content pulumi.StringPtrInput `pulumi:"content"` // Content-Type of the custom error response @@ -65988,6 +67802,13 @@ func (o GetRulesetsRulesetRuleActionParametersOutput) CacheKey() GetRulesetsRule }).(GetRulesetsRulesetRuleActionParametersCacheKeyPtrOutput) } +// List of cache reserve parameters to apply to the request. +func (o GetRulesetsRulesetRuleActionParametersOutput) CacheReserve() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return o.ApplyT(func(v GetRulesetsRulesetRuleActionParameters) *GetRulesetsRulesetRuleActionParametersCacheReserve { + return v.CacheReserve + }).(GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) +} + // Content of the custom error response func (o GetRulesetsRulesetRuleActionParametersOutput) Content() pulumi.StringPtrOutput { return o.ApplyT(func(v GetRulesetsRulesetRuleActionParameters) *string { return v.Content }).(pulumi.StringPtrOutput) @@ -66318,6 +68139,16 @@ func (o GetRulesetsRulesetRuleActionParametersPtrOutput) CacheKey() GetRulesetsR }).(GetRulesetsRulesetRuleActionParametersCacheKeyPtrOutput) } +// List of cache reserve parameters to apply to the request. +func (o GetRulesetsRulesetRuleActionParametersPtrOutput) CacheReserve() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return o.ApplyT(func(v *GetRulesetsRulesetRuleActionParameters) *GetRulesetsRulesetRuleActionParametersCacheReserve { + if v == nil { + return nil + } + return v.CacheReserve + }).(GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) +} + // Content of the custom error response func (o GetRulesetsRulesetRuleActionParametersPtrOutput) Content() pulumi.StringPtrOutput { return o.ApplyT(func(v *GetRulesetsRulesetRuleActionParameters) *string { @@ -68261,6 +70092,162 @@ func (o GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserPtrOutput) La }).(pulumi.BoolPtrOutput) } +type GetRulesetsRulesetRuleActionParametersCacheReserve struct { + // Determines whether Cloudflare will write the eligible resource to cache reserve. + Eligible bool `pulumi:"eligible"` + // The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + MinimumFileSize *int `pulumi:"minimumFileSize"` +} + +// GetRulesetsRulesetRuleActionParametersCacheReserveInput is an input type that accepts GetRulesetsRulesetRuleActionParametersCacheReserveArgs and GetRulesetsRulesetRuleActionParametersCacheReserveOutput values. +// You can construct a concrete instance of `GetRulesetsRulesetRuleActionParametersCacheReserveInput` via: +// +// GetRulesetsRulesetRuleActionParametersCacheReserveArgs{...} +type GetRulesetsRulesetRuleActionParametersCacheReserveInput interface { + pulumi.Input + + ToGetRulesetsRulesetRuleActionParametersCacheReserveOutput() GetRulesetsRulesetRuleActionParametersCacheReserveOutput + ToGetRulesetsRulesetRuleActionParametersCacheReserveOutputWithContext(context.Context) GetRulesetsRulesetRuleActionParametersCacheReserveOutput +} + +type GetRulesetsRulesetRuleActionParametersCacheReserveArgs struct { + // Determines whether Cloudflare will write the eligible resource to cache reserve. + Eligible pulumi.BoolInput `pulumi:"eligible"` + // The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + MinimumFileSize pulumi.IntPtrInput `pulumi:"minimumFileSize"` +} + +func (GetRulesetsRulesetRuleActionParametersCacheReserveArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (i GetRulesetsRulesetRuleActionParametersCacheReserveArgs) ToGetRulesetsRulesetRuleActionParametersCacheReserveOutput() GetRulesetsRulesetRuleActionParametersCacheReserveOutput { + return i.ToGetRulesetsRulesetRuleActionParametersCacheReserveOutputWithContext(context.Background()) +} + +func (i GetRulesetsRulesetRuleActionParametersCacheReserveArgs) ToGetRulesetsRulesetRuleActionParametersCacheReserveOutputWithContext(ctx context.Context) GetRulesetsRulesetRuleActionParametersCacheReserveOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRulesetsRulesetRuleActionParametersCacheReserveOutput) +} + +func (i GetRulesetsRulesetRuleActionParametersCacheReserveArgs) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutput() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return i.ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Background()) +} + +func (i GetRulesetsRulesetRuleActionParametersCacheReserveArgs) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRulesetsRulesetRuleActionParametersCacheReserveOutput).ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx) +} + +// GetRulesetsRulesetRuleActionParametersCacheReservePtrInput is an input type that accepts GetRulesetsRulesetRuleActionParametersCacheReserveArgs, GetRulesetsRulesetRuleActionParametersCacheReservePtr and GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput values. +// You can construct a concrete instance of `GetRulesetsRulesetRuleActionParametersCacheReservePtrInput` via: +// +// GetRulesetsRulesetRuleActionParametersCacheReserveArgs{...} +// +// or: +// +// nil +type GetRulesetsRulesetRuleActionParametersCacheReservePtrInput interface { + pulumi.Input + + ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutput() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput + ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Context) GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput +} + +type getRulesetsRulesetRuleActionParametersCacheReservePtrType GetRulesetsRulesetRuleActionParametersCacheReserveArgs + +func GetRulesetsRulesetRuleActionParametersCacheReservePtr(v *GetRulesetsRulesetRuleActionParametersCacheReserveArgs) GetRulesetsRulesetRuleActionParametersCacheReservePtrInput { + return (*getRulesetsRulesetRuleActionParametersCacheReservePtrType)(v) +} + +func (*getRulesetsRulesetRuleActionParametersCacheReservePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**GetRulesetsRulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (i *getRulesetsRulesetRuleActionParametersCacheReservePtrType) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutput() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return i.ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Background()) +} + +func (i *getRulesetsRulesetRuleActionParametersCacheReservePtrType) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) +} + +type GetRulesetsRulesetRuleActionParametersCacheReserveOutput struct{ *pulumi.OutputState } + +func (GetRulesetsRulesetRuleActionParametersCacheReserveOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReserveOutput) ToGetRulesetsRulesetRuleActionParametersCacheReserveOutput() GetRulesetsRulesetRuleActionParametersCacheReserveOutput { + return o +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReserveOutput) ToGetRulesetsRulesetRuleActionParametersCacheReserveOutputWithContext(ctx context.Context) GetRulesetsRulesetRuleActionParametersCacheReserveOutput { + return o +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReserveOutput) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutput() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return o.ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(context.Background()) +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReserveOutput) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v GetRulesetsRulesetRuleActionParametersCacheReserve) *GetRulesetsRulesetRuleActionParametersCacheReserve { + return &v + }).(GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) +} + +// Determines whether Cloudflare will write the eligible resource to cache reserve. +func (o GetRulesetsRulesetRuleActionParametersCacheReserveOutput) Eligible() pulumi.BoolOutput { + return o.ApplyT(func(v GetRulesetsRulesetRuleActionParametersCacheReserve) bool { return v.Eligible }).(pulumi.BoolOutput) +} + +// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. +func (o GetRulesetsRulesetRuleActionParametersCacheReserveOutput) MinimumFileSize() pulumi.IntPtrOutput { + return o.ApplyT(func(v GetRulesetsRulesetRuleActionParametersCacheReserve) *int { return v.MinimumFileSize }).(pulumi.IntPtrOutput) +} + +type GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput struct{ *pulumi.OutputState } + +func (GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**GetRulesetsRulesetRuleActionParametersCacheReserve)(nil)).Elem() +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutput() GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return o +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) ToGetRulesetsRulesetRuleActionParametersCacheReservePtrOutputWithContext(ctx context.Context) GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput { + return o +} + +func (o GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) Elem() GetRulesetsRulesetRuleActionParametersCacheReserveOutput { + return o.ApplyT(func(v *GetRulesetsRulesetRuleActionParametersCacheReserve) GetRulesetsRulesetRuleActionParametersCacheReserve { + if v != nil { + return *v + } + var ret GetRulesetsRulesetRuleActionParametersCacheReserve + return ret + }).(GetRulesetsRulesetRuleActionParametersCacheReserveOutput) +} + +// Determines whether Cloudflare will write the eligible resource to cache reserve. +func (o GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) Eligible() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *GetRulesetsRulesetRuleActionParametersCacheReserve) *bool { + if v == nil { + return nil + } + return &v.Eligible + }).(pulumi.BoolPtrOutput) +} + +// The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. +func (o GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput) MinimumFileSize() pulumi.IntPtrOutput { + return o.ApplyT(func(v *GetRulesetsRulesetRuleActionParametersCacheReserve) *int { + if v == nil { + return nil + } + return v.MinimumFileSize + }).(pulumi.IntPtrOutput) +} + type GetRulesetsRulesetRuleActionParametersEdgeTtl struct { // Default edge TTL Default *int `pulumi:"default"` @@ -72112,6 +74099,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersCacheKeyCustomKeyQueryStringPtrInput)(nil)).Elem(), RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersCacheKeyCustomKeyUserInput)(nil)).Elem(), RulesetRuleActionParametersCacheKeyCustomKeyUserArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersCacheKeyCustomKeyUserPtrInput)(nil)).Elem(), RulesetRuleActionParametersCacheKeyCustomKeyUserArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersCacheReserveInput)(nil)).Elem(), RulesetRuleActionParametersCacheReserveArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersCacheReservePtrInput)(nil)).Elem(), RulesetRuleActionParametersCacheReserveArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersEdgeTtlInput)(nil)).Elem(), RulesetRuleActionParametersEdgeTtlArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersEdgeTtlPtrInput)(nil)).Elem(), RulesetRuleActionParametersEdgeTtlArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RulesetRuleActionParametersEdgeTtlStatusCodeTtlInput)(nil)).Elem(), RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs{}) @@ -72172,6 +74161,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountBlockPagePtrInput)(nil)).Elem(), TeamsAccountBlockPageArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountBodyScanningInput)(nil)).Elem(), TeamsAccountBodyScanningArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountBodyScanningPtrInput)(nil)).Elem(), TeamsAccountBodyScanningArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountCertificateInput)(nil)).Elem(), TeamsAccountCertificateArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountCertificatePtrInput)(nil)).Elem(), TeamsAccountCertificateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountCustomCertificateInput)(nil)).Elem(), TeamsAccountCustomCertificateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountCustomCertificatePtrInput)(nil)).Elem(), TeamsAccountCustomCertificateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TeamsAccountExtendedEmailMatchingInput)(nil)).Elem(), TeamsAccountExtendedEmailMatchingArgs{}) @@ -72250,6 +74241,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptAnalyticsEngineBindingArrayInput)(nil)).Elem(), WorkerScriptAnalyticsEngineBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptD1DatabaseBindingInput)(nil)).Elem(), WorkerScriptD1DatabaseBindingArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptD1DatabaseBindingArrayInput)(nil)).Elem(), WorkerScriptD1DatabaseBindingArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptHyperdriveConfigBindingInput)(nil)).Elem(), WorkerScriptHyperdriveConfigBindingArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptHyperdriveConfigBindingArrayInput)(nil)).Elem(), WorkerScriptHyperdriveConfigBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptKvNamespaceBindingInput)(nil)).Elem(), WorkerScriptKvNamespaceBindingArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptKvNamespaceBindingArrayInput)(nil)).Elem(), WorkerScriptKvNamespaceBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkerScriptPlacementInput)(nil)).Elem(), WorkerScriptPlacementArgs{}) @@ -72270,6 +74263,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptAnalyticsEngineBindingArrayInput)(nil)).Elem(), WorkersScriptAnalyticsEngineBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptD1DatabaseBindingInput)(nil)).Elem(), WorkersScriptD1DatabaseBindingArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptD1DatabaseBindingArrayInput)(nil)).Elem(), WorkersScriptD1DatabaseBindingArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptHyperdriveConfigBindingInput)(nil)).Elem(), WorkersScriptHyperdriveConfigBindingArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptHyperdriveConfigBindingArrayInput)(nil)).Elem(), WorkersScriptHyperdriveConfigBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptKvNamespaceBindingInput)(nil)).Elem(), WorkersScriptKvNamespaceBindingArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptKvNamespaceBindingArrayInput)(nil)).Elem(), WorkersScriptKvNamespaceBindingArray{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkersScriptPlacementInput)(nil)).Elem(), WorkersScriptPlacementArgs{}) @@ -72474,6 +74469,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsBlockPagePtrInput)(nil)).Elem(), ZeroTrustGatewaySettingsBlockPageArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsBodyScanningInput)(nil)).Elem(), ZeroTrustGatewaySettingsBodyScanningArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsBodyScanningPtrInput)(nil)).Elem(), ZeroTrustGatewaySettingsBodyScanningArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsCertificateInput)(nil)).Elem(), ZeroTrustGatewaySettingsCertificateArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsCertificatePtrInput)(nil)).Elem(), ZeroTrustGatewaySettingsCertificateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsCustomCertificateInput)(nil)).Elem(), ZeroTrustGatewaySettingsCustomCertificateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsCustomCertificatePtrInput)(nil)).Elem(), ZeroTrustGatewaySettingsCustomCertificateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewaySettingsExtendedEmailMatchingInput)(nil)).Elem(), ZeroTrustGatewaySettingsExtendedEmailMatchingArgs{}) @@ -72598,6 +74595,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyQueryStringPtrInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserPtrInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheReserveInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersCacheReserveArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersCacheReservePtrInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersCacheReserveArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersEdgeTtlInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersEdgeTtlArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersEdgeTtlPtrInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersEdgeTtlArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRulesetsRulesetRuleActionParametersEdgeTtlStatusCodeTtlInput)(nil)).Elem(), GetRulesetsRulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs{}) @@ -72996,6 +74995,8 @@ func init() { pulumi.RegisterOutputType(RulesetRuleActionParametersCacheKeyCustomKeyQueryStringPtrOutput{}) pulumi.RegisterOutputType(RulesetRuleActionParametersCacheKeyCustomKeyUserOutput{}) pulumi.RegisterOutputType(RulesetRuleActionParametersCacheKeyCustomKeyUserPtrOutput{}) + pulumi.RegisterOutputType(RulesetRuleActionParametersCacheReserveOutput{}) + pulumi.RegisterOutputType(RulesetRuleActionParametersCacheReservePtrOutput{}) pulumi.RegisterOutputType(RulesetRuleActionParametersEdgeTtlOutput{}) pulumi.RegisterOutputType(RulesetRuleActionParametersEdgeTtlPtrOutput{}) pulumi.RegisterOutputType(RulesetRuleActionParametersEdgeTtlStatusCodeTtlOutput{}) @@ -73056,6 +75057,8 @@ func init() { pulumi.RegisterOutputType(TeamsAccountBlockPagePtrOutput{}) pulumi.RegisterOutputType(TeamsAccountBodyScanningOutput{}) pulumi.RegisterOutputType(TeamsAccountBodyScanningPtrOutput{}) + pulumi.RegisterOutputType(TeamsAccountCertificateOutput{}) + pulumi.RegisterOutputType(TeamsAccountCertificatePtrOutput{}) pulumi.RegisterOutputType(TeamsAccountCustomCertificateOutput{}) pulumi.RegisterOutputType(TeamsAccountCustomCertificatePtrOutput{}) pulumi.RegisterOutputType(TeamsAccountExtendedEmailMatchingOutput{}) @@ -73134,6 +75137,8 @@ func init() { pulumi.RegisterOutputType(WorkerScriptAnalyticsEngineBindingArrayOutput{}) pulumi.RegisterOutputType(WorkerScriptD1DatabaseBindingOutput{}) pulumi.RegisterOutputType(WorkerScriptD1DatabaseBindingArrayOutput{}) + pulumi.RegisterOutputType(WorkerScriptHyperdriveConfigBindingOutput{}) + pulumi.RegisterOutputType(WorkerScriptHyperdriveConfigBindingArrayOutput{}) pulumi.RegisterOutputType(WorkerScriptKvNamespaceBindingOutput{}) pulumi.RegisterOutputType(WorkerScriptKvNamespaceBindingArrayOutput{}) pulumi.RegisterOutputType(WorkerScriptPlacementOutput{}) @@ -73154,6 +75159,8 @@ func init() { pulumi.RegisterOutputType(WorkersScriptAnalyticsEngineBindingArrayOutput{}) pulumi.RegisterOutputType(WorkersScriptD1DatabaseBindingOutput{}) pulumi.RegisterOutputType(WorkersScriptD1DatabaseBindingArrayOutput{}) + pulumi.RegisterOutputType(WorkersScriptHyperdriveConfigBindingOutput{}) + pulumi.RegisterOutputType(WorkersScriptHyperdriveConfigBindingArrayOutput{}) pulumi.RegisterOutputType(WorkersScriptKvNamespaceBindingOutput{}) pulumi.RegisterOutputType(WorkersScriptKvNamespaceBindingArrayOutput{}) pulumi.RegisterOutputType(WorkersScriptPlacementOutput{}) @@ -73358,6 +75365,8 @@ func init() { pulumi.RegisterOutputType(ZeroTrustGatewaySettingsBlockPagePtrOutput{}) pulumi.RegisterOutputType(ZeroTrustGatewaySettingsBodyScanningOutput{}) pulumi.RegisterOutputType(ZeroTrustGatewaySettingsBodyScanningPtrOutput{}) + pulumi.RegisterOutputType(ZeroTrustGatewaySettingsCertificateOutput{}) + pulumi.RegisterOutputType(ZeroTrustGatewaySettingsCertificatePtrOutput{}) pulumi.RegisterOutputType(ZeroTrustGatewaySettingsCustomCertificateOutput{}) pulumi.RegisterOutputType(ZeroTrustGatewaySettingsCustomCertificatePtrOutput{}) pulumi.RegisterOutputType(ZeroTrustGatewaySettingsExtendedEmailMatchingOutput{}) @@ -73482,6 +75491,8 @@ func init() { pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyQueryStringPtrOutput{}) pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserOutput{}) pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserPtrOutput{}) + pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersCacheReserveOutput{}) + pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersCacheReservePtrOutput{}) pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersEdgeTtlOutput{}) pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersEdgeTtlPtrOutput{}) pulumi.RegisterOutputType(GetRulesetsRulesetRuleActionParametersEdgeTtlStatusCodeTtlOutput{}) diff --git a/sdk/go/cloudflare/teamsAccount.go b/sdk/go/cloudflare/teamsAccount.go index d764d6f81..d26d7f03d 100644 --- a/sdk/go/cloudflare/teamsAccount.go +++ b/sdk/go/cloudflare/teamsAccount.go @@ -56,10 +56,11 @@ import ( // Tls: pulumi.Bool(true), // }, // Proxy: &cloudflare.TeamsAccountProxyArgs{ -// Tcp: pulumi.Bool(true), -// Udp: pulumi.Bool(true), -// RootCa: pulumi.Bool(true), -// VirtualIp: pulumi.Bool(false), +// Tcp: pulumi.Bool(true), +// Udp: pulumi.Bool(true), +// RootCa: pulumi.Bool(true), +// VirtualIp: pulumi.Bool(false), +// DisableForTime: pulumi.Int(3600), // }, // UrlBrowserIsolationEnabled: pulumi.Bool(true), // Logging: &cloudflare.TeamsAccountLoggingArgs{ @@ -110,7 +111,11 @@ type TeamsAccount struct { BlockPage TeamsAccountBlockPagePtrOutput `pulumi:"blockPage"` // Configuration for body scanning. BodyScanning TeamsAccountBodyScanningPtrOutput `pulumi:"bodyScanning"` - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate TeamsAccountCertificatePtrOutput `pulumi:"certificate"` + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate TeamsAccountCustomCertificatePtrOutput `pulumi:"customCertificate"` // Configuration for extended e-mail matching. ExtendedEmailMatching TeamsAccountExtendedEmailMatchingOutput `pulumi:"extendedEmailMatching"` @@ -176,7 +181,11 @@ type teamsAccountState struct { BlockPage *TeamsAccountBlockPage `pulumi:"blockPage"` // Configuration for body scanning. BodyScanning *TeamsAccountBodyScanning `pulumi:"bodyScanning"` - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate *TeamsAccountCertificate `pulumi:"certificate"` + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate *TeamsAccountCustomCertificate `pulumi:"customCertificate"` // Configuration for extended e-mail matching. ExtendedEmailMatching *TeamsAccountExtendedEmailMatching `pulumi:"extendedEmailMatching"` @@ -210,7 +219,11 @@ type TeamsAccountState struct { BlockPage TeamsAccountBlockPagePtrInput // Configuration for body scanning. BodyScanning TeamsAccountBodyScanningPtrInput - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate TeamsAccountCertificatePtrInput + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate TeamsAccountCustomCertificatePtrInput // Configuration for extended e-mail matching. ExtendedEmailMatching TeamsAccountExtendedEmailMatchingPtrInput @@ -248,7 +261,11 @@ type teamsAccountArgs struct { BlockPage *TeamsAccountBlockPage `pulumi:"blockPage"` // Configuration for body scanning. BodyScanning *TeamsAccountBodyScanning `pulumi:"bodyScanning"` - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate *TeamsAccountCertificate `pulumi:"certificate"` + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate *TeamsAccountCustomCertificate `pulumi:"customCertificate"` // Configuration for extended e-mail matching. ExtendedEmailMatching *TeamsAccountExtendedEmailMatching `pulumi:"extendedEmailMatching"` @@ -283,7 +300,11 @@ type TeamsAccountArgs struct { BlockPage TeamsAccountBlockPagePtrInput // Configuration for body scanning. BodyScanning TeamsAccountBodyScanningPtrInput - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate TeamsAccountCertificatePtrInput + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate TeamsAccountCustomCertificatePtrInput // Configuration for extended e-mail matching. ExtendedEmailMatching TeamsAccountExtendedEmailMatchingPtrInput @@ -418,7 +439,14 @@ func (o TeamsAccountOutput) BodyScanning() TeamsAccountBodyScanningPtrOutput { return o.ApplyT(func(v *TeamsAccount) TeamsAccountBodyScanningPtrOutput { return v.BodyScanning }).(TeamsAccountBodyScanningPtrOutput) } -// Configuration for custom certificates / BYO-PKI. +// Configuration for TLS interception certificate. This will be required starting Feb 2025. +func (o TeamsAccountOutput) Certificate() TeamsAccountCertificatePtrOutput { + return o.ApplyT(func(v *TeamsAccount) TeamsAccountCertificatePtrOutput { return v.Certificate }).(TeamsAccountCertificatePtrOutput) +} + +// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. +// +// Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. func (o TeamsAccountOutput) CustomCertificate() TeamsAccountCustomCertificatePtrOutput { return o.ApplyT(func(v *TeamsAccount) TeamsAccountCustomCertificatePtrOutput { return v.CustomCertificate }).(TeamsAccountCustomCertificatePtrOutput) } diff --git a/sdk/go/cloudflare/waitingRoom.go b/sdk/go/cloudflare/waitingRoom.go index ca6558203..b2f1b1a27 100644 --- a/sdk/go/cloudflare/waitingRoom.go +++ b/sdk/go/cloudflare/waitingRoom.go @@ -47,6 +47,9 @@ import ( // }, // }, // QueueingStatusCode: pulumi.Int(200), +// EnabledOriginCommands: pulumi.StringArray{ +// pulumi.String("revoke"), +// }, // }) // if err != nil { // return err @@ -79,7 +82,7 @@ type WaitingRoom struct { Description pulumi.StringPtrOutput `pulumi:"description"` // Disables automatic renewal of session cookies. DisableSessionRenewal pulumi.BoolPtrOutput `pulumi:"disableSessionRenewal"` - // The list of enabled origin commands for the waiting room. Available values: `revoke` + // The list of enabled origin commands for the waiting room. Available values: `revoke`. EnabledOriginCommands pulumi.StringArrayOutput `pulumi:"enabledOriginCommands"` // Host name for which the waiting room will be applied (no wildcards). Host pulumi.StringOutput `pulumi:"host"` @@ -164,7 +167,7 @@ type waitingRoomState struct { Description *string `pulumi:"description"` // Disables automatic renewal of session cookies. DisableSessionRenewal *bool `pulumi:"disableSessionRenewal"` - // The list of enabled origin commands for the waiting room. Available values: `revoke` + // The list of enabled origin commands for the waiting room. Available values: `revoke`. EnabledOriginCommands []string `pulumi:"enabledOriginCommands"` // Host name for which the waiting room will be applied (no wildcards). Host *string `pulumi:"host"` @@ -205,7 +208,7 @@ type WaitingRoomState struct { Description pulumi.StringPtrInput // Disables automatic renewal of session cookies. DisableSessionRenewal pulumi.BoolPtrInput - // The list of enabled origin commands for the waiting room. Available values: `revoke` + // The list of enabled origin commands for the waiting room. Available values: `revoke`. EnabledOriginCommands pulumi.StringArrayInput // Host name for which the waiting room will be applied (no wildcards). Host pulumi.StringPtrInput @@ -250,7 +253,7 @@ type waitingRoomArgs struct { Description *string `pulumi:"description"` // Disables automatic renewal of session cookies. DisableSessionRenewal *bool `pulumi:"disableSessionRenewal"` - // The list of enabled origin commands for the waiting room. Available values: `revoke` + // The list of enabled origin commands for the waiting room. Available values: `revoke`. EnabledOriginCommands []string `pulumi:"enabledOriginCommands"` // Host name for which the waiting room will be applied (no wildcards). Host string `pulumi:"host"` @@ -292,7 +295,7 @@ type WaitingRoomArgs struct { Description pulumi.StringPtrInput // Disables automatic renewal of session cookies. DisableSessionRenewal pulumi.BoolPtrInput - // The list of enabled origin commands for the waiting room. Available values: `revoke` + // The list of enabled origin commands for the waiting room. Available values: `revoke`. EnabledOriginCommands pulumi.StringArrayInput // Host name for which the waiting room will be applied (no wildcards). Host pulumi.StringInput @@ -437,7 +440,7 @@ func (o WaitingRoomOutput) DisableSessionRenewal() pulumi.BoolPtrOutput { return o.ApplyT(func(v *WaitingRoom) pulumi.BoolPtrOutput { return v.DisableSessionRenewal }).(pulumi.BoolPtrOutput) } -// The list of enabled origin commands for the waiting room. Available values: `revoke` +// The list of enabled origin commands for the waiting room. Available values: `revoke`. func (o WaitingRoomOutput) EnabledOriginCommands() pulumi.StringArrayOutput { return o.ApplyT(func(v *WaitingRoom) pulumi.StringArrayOutput { return v.EnabledOriginCommands }).(pulumi.StringArrayOutput) } diff --git a/sdk/go/cloudflare/workerScript.go b/sdk/go/cloudflare/workerScript.go index 1f917fba0..31549251a 100644 --- a/sdk/go/cloudflare/workerScript.go +++ b/sdk/go/cloudflare/workerScript.go @@ -125,8 +125,9 @@ type WorkerScript struct { Content pulumi.StringOutput `pulumi:"content"` D1DatabaseBindings WorkerScriptD1DatabaseBindingArrayOutput `pulumi:"d1DatabaseBindings"` // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace pulumi.StringPtrOutput `pulumi:"dispatchNamespace"` - KvNamespaceBindings WorkerScriptKvNamespaceBindingArrayOutput `pulumi:"kvNamespaceBindings"` + DispatchNamespace pulumi.StringPtrOutput `pulumi:"dispatchNamespace"` + HyperdriveConfigBindings WorkerScriptHyperdriveConfigBindingArrayOutput `pulumi:"hyperdriveConfigBindings"` + KvNamespaceBindings WorkerScriptKvNamespaceBindingArrayOutput `pulumi:"kvNamespaceBindings"` // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush pulumi.BoolPtrOutput `pulumi:"logpush"` // Whether to upload Worker as a module. @@ -193,8 +194,9 @@ type workerScriptState struct { Content *string `pulumi:"content"` D1DatabaseBindings []WorkerScriptD1DatabaseBinding `pulumi:"d1DatabaseBindings"` // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace *string `pulumi:"dispatchNamespace"` - KvNamespaceBindings []WorkerScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` + DispatchNamespace *string `pulumi:"dispatchNamespace"` + HyperdriveConfigBindings []WorkerScriptHyperdriveConfigBinding `pulumi:"hyperdriveConfigBindings"` + KvNamespaceBindings []WorkerScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush *bool `pulumi:"logpush"` // Whether to upload Worker as a module. @@ -223,8 +225,9 @@ type WorkerScriptState struct { Content pulumi.StringPtrInput D1DatabaseBindings WorkerScriptD1DatabaseBindingArrayInput // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace pulumi.StringPtrInput - KvNamespaceBindings WorkerScriptKvNamespaceBindingArrayInput + DispatchNamespace pulumi.StringPtrInput + HyperdriveConfigBindings WorkerScriptHyperdriveConfigBindingArrayInput + KvNamespaceBindings WorkerScriptKvNamespaceBindingArrayInput // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush pulumi.BoolPtrInput // Whether to upload Worker as a module. @@ -257,8 +260,9 @@ type workerScriptArgs struct { Content string `pulumi:"content"` D1DatabaseBindings []WorkerScriptD1DatabaseBinding `pulumi:"d1DatabaseBindings"` // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace *string `pulumi:"dispatchNamespace"` - KvNamespaceBindings []WorkerScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` + DispatchNamespace *string `pulumi:"dispatchNamespace"` + HyperdriveConfigBindings []WorkerScriptHyperdriveConfigBinding `pulumi:"hyperdriveConfigBindings"` + KvNamespaceBindings []WorkerScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush *bool `pulumi:"logpush"` // Whether to upload Worker as a module. @@ -288,8 +292,9 @@ type WorkerScriptArgs struct { Content pulumi.StringInput D1DatabaseBindings WorkerScriptD1DatabaseBindingArrayInput // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace pulumi.StringPtrInput - KvNamespaceBindings WorkerScriptKvNamespaceBindingArrayInput + DispatchNamespace pulumi.StringPtrInput + HyperdriveConfigBindings WorkerScriptHyperdriveConfigBindingArrayInput + KvNamespaceBindings WorkerScriptKvNamespaceBindingArrayInput // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush pulumi.BoolPtrInput // Whether to upload Worker as a module. @@ -426,6 +431,12 @@ func (o WorkerScriptOutput) DispatchNamespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *WorkerScript) pulumi.StringPtrOutput { return v.DispatchNamespace }).(pulumi.StringPtrOutput) } +func (o WorkerScriptOutput) HyperdriveConfigBindings() WorkerScriptHyperdriveConfigBindingArrayOutput { + return o.ApplyT(func(v *WorkerScript) WorkerScriptHyperdriveConfigBindingArrayOutput { + return v.HyperdriveConfigBindings + }).(WorkerScriptHyperdriveConfigBindingArrayOutput) +} + func (o WorkerScriptOutput) KvNamespaceBindings() WorkerScriptKvNamespaceBindingArrayOutput { return o.ApplyT(func(v *WorkerScript) WorkerScriptKvNamespaceBindingArrayOutput { return v.KvNamespaceBindings }).(WorkerScriptKvNamespaceBindingArrayOutput) } diff --git a/sdk/go/cloudflare/workersScript.go b/sdk/go/cloudflare/workersScript.go index f93154099..2ee6d11ba 100644 --- a/sdk/go/cloudflare/workersScript.go +++ b/sdk/go/cloudflare/workersScript.go @@ -125,8 +125,9 @@ type WorkersScript struct { Content pulumi.StringOutput `pulumi:"content"` D1DatabaseBindings WorkersScriptD1DatabaseBindingArrayOutput `pulumi:"d1DatabaseBindings"` // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace pulumi.StringPtrOutput `pulumi:"dispatchNamespace"` - KvNamespaceBindings WorkersScriptKvNamespaceBindingArrayOutput `pulumi:"kvNamespaceBindings"` + DispatchNamespace pulumi.StringPtrOutput `pulumi:"dispatchNamespace"` + HyperdriveConfigBindings WorkersScriptHyperdriveConfigBindingArrayOutput `pulumi:"hyperdriveConfigBindings"` + KvNamespaceBindings WorkersScriptKvNamespaceBindingArrayOutput `pulumi:"kvNamespaceBindings"` // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush pulumi.BoolPtrOutput `pulumi:"logpush"` // Whether to upload Worker as a module. @@ -193,8 +194,9 @@ type workersScriptState struct { Content *string `pulumi:"content"` D1DatabaseBindings []WorkersScriptD1DatabaseBinding `pulumi:"d1DatabaseBindings"` // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace *string `pulumi:"dispatchNamespace"` - KvNamespaceBindings []WorkersScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` + DispatchNamespace *string `pulumi:"dispatchNamespace"` + HyperdriveConfigBindings []WorkersScriptHyperdriveConfigBinding `pulumi:"hyperdriveConfigBindings"` + KvNamespaceBindings []WorkersScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush *bool `pulumi:"logpush"` // Whether to upload Worker as a module. @@ -223,8 +225,9 @@ type WorkersScriptState struct { Content pulumi.StringPtrInput D1DatabaseBindings WorkersScriptD1DatabaseBindingArrayInput // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace pulumi.StringPtrInput - KvNamespaceBindings WorkersScriptKvNamespaceBindingArrayInput + DispatchNamespace pulumi.StringPtrInput + HyperdriveConfigBindings WorkersScriptHyperdriveConfigBindingArrayInput + KvNamespaceBindings WorkersScriptKvNamespaceBindingArrayInput // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush pulumi.BoolPtrInput // Whether to upload Worker as a module. @@ -257,8 +260,9 @@ type workersScriptArgs struct { Content string `pulumi:"content"` D1DatabaseBindings []WorkersScriptD1DatabaseBinding `pulumi:"d1DatabaseBindings"` // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace *string `pulumi:"dispatchNamespace"` - KvNamespaceBindings []WorkersScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` + DispatchNamespace *string `pulumi:"dispatchNamespace"` + HyperdriveConfigBindings []WorkersScriptHyperdriveConfigBinding `pulumi:"hyperdriveConfigBindings"` + KvNamespaceBindings []WorkersScriptKvNamespaceBinding `pulumi:"kvNamespaceBindings"` // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush *bool `pulumi:"logpush"` // Whether to upload Worker as a module. @@ -288,8 +292,9 @@ type WorkersScriptArgs struct { Content pulumi.StringInput D1DatabaseBindings WorkersScriptD1DatabaseBindingArrayInput // Name of the Workers for Platforms dispatch namespace. - DispatchNamespace pulumi.StringPtrInput - KvNamespaceBindings WorkersScriptKvNamespaceBindingArrayInput + DispatchNamespace pulumi.StringPtrInput + HyperdriveConfigBindings WorkersScriptHyperdriveConfigBindingArrayInput + KvNamespaceBindings WorkersScriptKvNamespaceBindingArrayInput // Enabling allows Worker events to be sent to a defined Logpush destination. Logpush pulumi.BoolPtrInput // Whether to upload Worker as a module. @@ -428,6 +433,12 @@ func (o WorkersScriptOutput) DispatchNamespace() pulumi.StringPtrOutput { return o.ApplyT(func(v *WorkersScript) pulumi.StringPtrOutput { return v.DispatchNamespace }).(pulumi.StringPtrOutput) } +func (o WorkersScriptOutput) HyperdriveConfigBindings() WorkersScriptHyperdriveConfigBindingArrayOutput { + return o.ApplyT(func(v *WorkersScript) WorkersScriptHyperdriveConfigBindingArrayOutput { + return v.HyperdriveConfigBindings + }).(WorkersScriptHyperdriveConfigBindingArrayOutput) +} + func (o WorkersScriptOutput) KvNamespaceBindings() WorkersScriptKvNamespaceBindingArrayOutput { return o.ApplyT(func(v *WorkersScript) WorkersScriptKvNamespaceBindingArrayOutput { return v.KvNamespaceBindings }).(WorkersScriptKvNamespaceBindingArrayOutput) } diff --git a/sdk/go/cloudflare/zeroTrustAccessPolicy.go b/sdk/go/cloudflare/zeroTrustAccessPolicy.go index 82eaa557e..575bd47d6 100644 --- a/sdk/go/cloudflare/zeroTrustAccessPolicy.go +++ b/sdk/go/cloudflare/zeroTrustAccessPolicy.go @@ -33,7 +33,7 @@ import ( type ZeroTrustAccessPolicy struct { pulumi.CustomResourceState - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId pulumi.StringPtrOutput `pulumi:"accountId"` // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId pulumi.StringPtrOutput `pulumi:"applicationId"` @@ -59,7 +59,7 @@ type ZeroTrustAccessPolicy struct { Requires ZeroTrustAccessPolicyRequireArrayOutput `pulumi:"requires"` // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration pulumi.StringPtrOutput `pulumi:"sessionDuration"` - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId pulumi.StringPtrOutput `pulumi:"zoneId"` } @@ -102,7 +102,7 @@ func GetZeroTrustAccessPolicy(ctx *pulumi.Context, // Input properties used for looking up and filtering ZeroTrustAccessPolicy resources. type zeroTrustAccessPolicyState struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId *string `pulumi:"accountId"` // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId *string `pulumi:"applicationId"` @@ -128,12 +128,12 @@ type zeroTrustAccessPolicyState struct { Requires []ZeroTrustAccessPolicyRequire `pulumi:"requires"` // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration *string `pulumi:"sessionDuration"` - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId *string `pulumi:"zoneId"` } type ZeroTrustAccessPolicyState struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId pulumi.StringPtrInput // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId pulumi.StringPtrInput @@ -159,7 +159,7 @@ type ZeroTrustAccessPolicyState struct { Requires ZeroTrustAccessPolicyRequireArrayInput // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration pulumi.StringPtrInput - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId pulumi.StringPtrInput } @@ -168,7 +168,7 @@ func (ZeroTrustAccessPolicyState) ElementType() reflect.Type { } type zeroTrustAccessPolicyArgs struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId *string `pulumi:"accountId"` // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId *string `pulumi:"applicationId"` @@ -194,13 +194,13 @@ type zeroTrustAccessPolicyArgs struct { Requires []ZeroTrustAccessPolicyRequire `pulumi:"requires"` // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration *string `pulumi:"sessionDuration"` - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId *string `pulumi:"zoneId"` } // The set of arguments for constructing a ZeroTrustAccessPolicy resource. type ZeroTrustAccessPolicyArgs struct { - // The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + // The account identifier to target for the resource. Conflicts with `zoneId`. AccountId pulumi.StringPtrInput // The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** ApplicationId pulumi.StringPtrInput @@ -226,7 +226,7 @@ type ZeroTrustAccessPolicyArgs struct { Requires ZeroTrustAccessPolicyRequireArrayInput // How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. SessionDuration pulumi.StringPtrInput - // The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + // The zone identifier to target for the resource. Conflicts with `accountId`. ZoneId pulumi.StringPtrInput } @@ -317,7 +317,7 @@ func (o ZeroTrustAccessPolicyOutput) ToZeroTrustAccessPolicyOutputWithContext(ct return o } -// The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** +// The account identifier to target for the resource. Conflicts with `zoneId`. func (o ZeroTrustAccessPolicyOutput) AccountId() pulumi.StringPtrOutput { return o.ApplyT(func(v *ZeroTrustAccessPolicy) pulumi.StringPtrOutput { return v.AccountId }).(pulumi.StringPtrOutput) } @@ -385,7 +385,7 @@ func (o ZeroTrustAccessPolicyOutput) SessionDuration() pulumi.StringPtrOutput { return o.ApplyT(func(v *ZeroTrustAccessPolicy) pulumi.StringPtrOutput { return v.SessionDuration }).(pulumi.StringPtrOutput) } -// The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** +// The zone identifier to target for the resource. Conflicts with `accountId`. func (o ZeroTrustAccessPolicyOutput) ZoneId() pulumi.StringPtrOutput { return o.ApplyT(func(v *ZeroTrustAccessPolicy) pulumi.StringPtrOutput { return v.ZoneId }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/cloudflare/zeroTrustDevicePostureRule.go b/sdk/go/cloudflare/zeroTrustDevicePostureRule.go index e44aa29a9..64c4fc828 100644 --- a/sdk/go/cloudflare/zeroTrustDevicePostureRule.go +++ b/sdk/go/cloudflare/zeroTrustDevicePostureRule.go @@ -81,7 +81,7 @@ type ZeroTrustDevicePostureRule struct { Name pulumi.StringPtrOutput `pulumi:"name"` // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. Schedule pulumi.StringPtrOutput `pulumi:"schedule"` - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type pulumi.StringOutput `pulumi:"type"` } @@ -134,7 +134,7 @@ type zeroTrustDevicePostureRuleState struct { Name *string `pulumi:"name"` // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. Schedule *string `pulumi:"schedule"` - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type *string `pulumi:"type"` } @@ -152,7 +152,7 @@ type ZeroTrustDevicePostureRuleState struct { Name pulumi.StringPtrInput // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. Schedule pulumi.StringPtrInput - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type pulumi.StringPtrInput } @@ -174,7 +174,7 @@ type zeroTrustDevicePostureRuleArgs struct { Name *string `pulumi:"name"` // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. Schedule *string `pulumi:"schedule"` - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type string `pulumi:"type"` } @@ -193,7 +193,7 @@ type ZeroTrustDevicePostureRuleArgs struct { Name pulumi.StringPtrInput // Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. Schedule pulumi.StringPtrInput - // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + // The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. Type pulumi.StringInput } @@ -318,7 +318,7 @@ func (o ZeroTrustDevicePostureRuleOutput) Schedule() pulumi.StringPtrOutput { return o.ApplyT(func(v *ZeroTrustDevicePostureRule) pulumi.StringPtrOutput { return v.Schedule }).(pulumi.StringPtrOutput) } -// The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. +// The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. func (o ZeroTrustDevicePostureRuleOutput) Type() pulumi.StringOutput { return o.ApplyT(func(v *ZeroTrustDevicePostureRule) pulumi.StringOutput { return v.Type }).(pulumi.StringOutput) } diff --git a/sdk/go/cloudflare/zeroTrustDeviceProfiles.go b/sdk/go/cloudflare/zeroTrustDeviceProfiles.go index 3ea53cfe7..2033a0b39 100644 --- a/sdk/go/cloudflare/zeroTrustDeviceProfiles.go +++ b/sdk/go/cloudflare/zeroTrustDeviceProfiles.go @@ -103,7 +103,7 @@ type ZeroTrustDeviceProfiles struct { SupportUrl pulumi.StringPtrOutput `pulumi:"supportUrl"` // Enablement of the ZT client switch lock. SwitchLocked pulumi.BoolPtrOutput `pulumi:"switchLocked"` - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol pulumi.StringPtrOutput `pulumi:"tunnelProtocol"` } @@ -182,7 +182,7 @@ type zeroTrustDeviceProfilesState struct { SupportUrl *string `pulumi:"supportUrl"` // Enablement of the ZT client switch lock. SwitchLocked *bool `pulumi:"switchLocked"` - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol *string `pulumi:"tunnelProtocol"` } @@ -223,7 +223,7 @@ type ZeroTrustDeviceProfilesState struct { SupportUrl pulumi.StringPtrInput // Enablement of the ZT client switch lock. SwitchLocked pulumi.BoolPtrInput - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol pulumi.StringPtrInput } @@ -268,7 +268,7 @@ type zeroTrustDeviceProfilesArgs struct { SupportUrl *string `pulumi:"supportUrl"` // Enablement of the ZT client switch lock. SwitchLocked *bool `pulumi:"switchLocked"` - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol *string `pulumi:"tunnelProtocol"` } @@ -310,7 +310,7 @@ type ZeroTrustDeviceProfilesArgs struct { SupportUrl pulumi.StringPtrInput // Enablement of the ZT client switch lock. SwitchLocked pulumi.BoolPtrInput - // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + // Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. TunnelProtocol pulumi.StringPtrInput } @@ -491,7 +491,7 @@ func (o ZeroTrustDeviceProfilesOutput) SwitchLocked() pulumi.BoolPtrOutput { return o.ApplyT(func(v *ZeroTrustDeviceProfiles) pulumi.BoolPtrOutput { return v.SwitchLocked }).(pulumi.BoolPtrOutput) } -// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` +// Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. func (o ZeroTrustDeviceProfilesOutput) TunnelProtocol() pulumi.StringPtrOutput { return o.ApplyT(func(v *ZeroTrustDeviceProfiles) pulumi.StringPtrOutput { return v.TunnelProtocol }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/cloudflare/zeroTrustGatewayCertificate.go b/sdk/go/cloudflare/zeroTrustGatewayCertificate.go new file mode 100644 index 000000000..e75bf90c0 --- /dev/null +++ b/sdk/go/cloudflare/zeroTrustGatewayCertificate.go @@ -0,0 +1,330 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package cloudflare + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can +// be specified for Gateway TLS interception and block pages. +type ZeroTrustGatewayCertificate struct { + pulumi.CustomResourceState + + // The account identifier to target for the resource. + AccountId pulumi.StringOutput `pulumi:"accountId"` + // Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + Activate pulumi.BoolPtrOutput `pulumi:"activate"` + // The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + BindingStatus pulumi.StringOutput `pulumi:"bindingStatus"` + CreatedAt pulumi.StringOutput `pulumi:"createdAt"` + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + Custom pulumi.BoolPtrOutput `pulumi:"custom"` + ExpiresOn pulumi.StringOutput `pulumi:"expiresOn"` + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + GatewayManaged pulumi.BoolPtrOutput `pulumi:"gatewayManaged"` + // Whether the certificate is in use by Gateway for TLS interception and the block page. + InUse pulumi.BoolOutput `pulumi:"inUse"` + QsPackId pulumi.StringOutput `pulumi:"qsPackId"` + UploadedOn pulumi.StringOutput `pulumi:"uploadedOn"` + // Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + ValidityPeriodDays pulumi.IntPtrOutput `pulumi:"validityPeriodDays"` +} + +// NewZeroTrustGatewayCertificate registers a new resource with the given unique name, arguments, and options. +func NewZeroTrustGatewayCertificate(ctx *pulumi.Context, + name string, args *ZeroTrustGatewayCertificateArgs, opts ...pulumi.ResourceOption) (*ZeroTrustGatewayCertificate, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AccountId == nil { + return nil, errors.New("invalid value for required argument 'AccountId'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource ZeroTrustGatewayCertificate + err := ctx.RegisterResource("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetZeroTrustGatewayCertificate gets an existing ZeroTrustGatewayCertificate resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetZeroTrustGatewayCertificate(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ZeroTrustGatewayCertificateState, opts ...pulumi.ResourceOption) (*ZeroTrustGatewayCertificate, error) { + var resource ZeroTrustGatewayCertificate + err := ctx.ReadResource("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ZeroTrustGatewayCertificate resources. +type zeroTrustGatewayCertificateState struct { + // The account identifier to target for the resource. + AccountId *string `pulumi:"accountId"` + // Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + Activate *bool `pulumi:"activate"` + // The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + BindingStatus *string `pulumi:"bindingStatus"` + CreatedAt *string `pulumi:"createdAt"` + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + Custom *bool `pulumi:"custom"` + ExpiresOn *string `pulumi:"expiresOn"` + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + GatewayManaged *bool `pulumi:"gatewayManaged"` + // Whether the certificate is in use by Gateway for TLS interception and the block page. + InUse *bool `pulumi:"inUse"` + QsPackId *string `pulumi:"qsPackId"` + UploadedOn *string `pulumi:"uploadedOn"` + // Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + ValidityPeriodDays *int `pulumi:"validityPeriodDays"` +} + +type ZeroTrustGatewayCertificateState struct { + // The account identifier to target for the resource. + AccountId pulumi.StringPtrInput + // Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + Activate pulumi.BoolPtrInput + // The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + BindingStatus pulumi.StringPtrInput + CreatedAt pulumi.StringPtrInput + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + Custom pulumi.BoolPtrInput + ExpiresOn pulumi.StringPtrInput + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + GatewayManaged pulumi.BoolPtrInput + // Whether the certificate is in use by Gateway for TLS interception and the block page. + InUse pulumi.BoolPtrInput + QsPackId pulumi.StringPtrInput + UploadedOn pulumi.StringPtrInput + // Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + ValidityPeriodDays pulumi.IntPtrInput +} + +func (ZeroTrustGatewayCertificateState) ElementType() reflect.Type { + return reflect.TypeOf((*zeroTrustGatewayCertificateState)(nil)).Elem() +} + +type zeroTrustGatewayCertificateArgs struct { + // The account identifier to target for the resource. + AccountId string `pulumi:"accountId"` + // Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + Activate *bool `pulumi:"activate"` + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + Custom *bool `pulumi:"custom"` + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + GatewayManaged *bool `pulumi:"gatewayManaged"` + // Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + ValidityPeriodDays *int `pulumi:"validityPeriodDays"` +} + +// The set of arguments for constructing a ZeroTrustGatewayCertificate resource. +type ZeroTrustGatewayCertificateArgs struct { + // The account identifier to target for the resource. + AccountId pulumi.StringInput + // Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + Activate pulumi.BoolPtrInput + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + Custom pulumi.BoolPtrInput + // The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + GatewayManaged pulumi.BoolPtrInput + // Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + ValidityPeriodDays pulumi.IntPtrInput +} + +func (ZeroTrustGatewayCertificateArgs) ElementType() reflect.Type { + return reflect.TypeOf((*zeroTrustGatewayCertificateArgs)(nil)).Elem() +} + +type ZeroTrustGatewayCertificateInput interface { + pulumi.Input + + ToZeroTrustGatewayCertificateOutput() ZeroTrustGatewayCertificateOutput + ToZeroTrustGatewayCertificateOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateOutput +} + +func (*ZeroTrustGatewayCertificate) ElementType() reflect.Type { + return reflect.TypeOf((**ZeroTrustGatewayCertificate)(nil)).Elem() +} + +func (i *ZeroTrustGatewayCertificate) ToZeroTrustGatewayCertificateOutput() ZeroTrustGatewayCertificateOutput { + return i.ToZeroTrustGatewayCertificateOutputWithContext(context.Background()) +} + +func (i *ZeroTrustGatewayCertificate) ToZeroTrustGatewayCertificateOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateOutput { + return pulumi.ToOutputWithContext(ctx, i).(ZeroTrustGatewayCertificateOutput) +} + +// ZeroTrustGatewayCertificateArrayInput is an input type that accepts ZeroTrustGatewayCertificateArray and ZeroTrustGatewayCertificateArrayOutput values. +// You can construct a concrete instance of `ZeroTrustGatewayCertificateArrayInput` via: +// +// ZeroTrustGatewayCertificateArray{ ZeroTrustGatewayCertificateArgs{...} } +type ZeroTrustGatewayCertificateArrayInput interface { + pulumi.Input + + ToZeroTrustGatewayCertificateArrayOutput() ZeroTrustGatewayCertificateArrayOutput + ToZeroTrustGatewayCertificateArrayOutputWithContext(context.Context) ZeroTrustGatewayCertificateArrayOutput +} + +type ZeroTrustGatewayCertificateArray []ZeroTrustGatewayCertificateInput + +func (ZeroTrustGatewayCertificateArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ZeroTrustGatewayCertificate)(nil)).Elem() +} + +func (i ZeroTrustGatewayCertificateArray) ToZeroTrustGatewayCertificateArrayOutput() ZeroTrustGatewayCertificateArrayOutput { + return i.ToZeroTrustGatewayCertificateArrayOutputWithContext(context.Background()) +} + +func (i ZeroTrustGatewayCertificateArray) ToZeroTrustGatewayCertificateArrayOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ZeroTrustGatewayCertificateArrayOutput) +} + +// ZeroTrustGatewayCertificateMapInput is an input type that accepts ZeroTrustGatewayCertificateMap and ZeroTrustGatewayCertificateMapOutput values. +// You can construct a concrete instance of `ZeroTrustGatewayCertificateMapInput` via: +// +// ZeroTrustGatewayCertificateMap{ "key": ZeroTrustGatewayCertificateArgs{...} } +type ZeroTrustGatewayCertificateMapInput interface { + pulumi.Input + + ToZeroTrustGatewayCertificateMapOutput() ZeroTrustGatewayCertificateMapOutput + ToZeroTrustGatewayCertificateMapOutputWithContext(context.Context) ZeroTrustGatewayCertificateMapOutput +} + +type ZeroTrustGatewayCertificateMap map[string]ZeroTrustGatewayCertificateInput + +func (ZeroTrustGatewayCertificateMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ZeroTrustGatewayCertificate)(nil)).Elem() +} + +func (i ZeroTrustGatewayCertificateMap) ToZeroTrustGatewayCertificateMapOutput() ZeroTrustGatewayCertificateMapOutput { + return i.ToZeroTrustGatewayCertificateMapOutputWithContext(context.Background()) +} + +func (i ZeroTrustGatewayCertificateMap) ToZeroTrustGatewayCertificateMapOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ZeroTrustGatewayCertificateMapOutput) +} + +type ZeroTrustGatewayCertificateOutput struct{ *pulumi.OutputState } + +func (ZeroTrustGatewayCertificateOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ZeroTrustGatewayCertificate)(nil)).Elem() +} + +func (o ZeroTrustGatewayCertificateOutput) ToZeroTrustGatewayCertificateOutput() ZeroTrustGatewayCertificateOutput { + return o +} + +func (o ZeroTrustGatewayCertificateOutput) ToZeroTrustGatewayCertificateOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateOutput { + return o +} + +// The account identifier to target for the resource. +func (o ZeroTrustGatewayCertificateOutput) AccountId() pulumi.StringOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.StringOutput { return v.AccountId }).(pulumi.StringOutput) +} + +// Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. +func (o ZeroTrustGatewayCertificateOutput) Activate() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.BoolPtrOutput { return v.Activate }).(pulumi.BoolPtrOutput) +} + +// The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. +func (o ZeroTrustGatewayCertificateOutput) BindingStatus() pulumi.StringOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.StringOutput { return v.BindingStatus }).(pulumi.StringOutput) +} + +func (o ZeroTrustGatewayCertificateOutput) CreatedAt() pulumi.StringOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.StringOutput { return v.CreatedAt }).(pulumi.StringOutput) +} + +// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. +func (o ZeroTrustGatewayCertificateOutput) Custom() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.BoolPtrOutput { return v.Custom }).(pulumi.BoolPtrOutput) +} + +func (o ZeroTrustGatewayCertificateOutput) ExpiresOn() pulumi.StringOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.StringOutput { return v.ExpiresOn }).(pulumi.StringOutput) +} + +// The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. +func (o ZeroTrustGatewayCertificateOutput) GatewayManaged() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.BoolPtrOutput { return v.GatewayManaged }).(pulumi.BoolPtrOutput) +} + +// Whether the certificate is in use by Gateway for TLS interception and the block page. +func (o ZeroTrustGatewayCertificateOutput) InUse() pulumi.BoolOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.BoolOutput { return v.InUse }).(pulumi.BoolOutput) +} + +func (o ZeroTrustGatewayCertificateOutput) QsPackId() pulumi.StringOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.StringOutput { return v.QsPackId }).(pulumi.StringOutput) +} + +func (o ZeroTrustGatewayCertificateOutput) UploadedOn() pulumi.StringOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.StringOutput { return v.UploadedOn }).(pulumi.StringOutput) +} + +// Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** +func (o ZeroTrustGatewayCertificateOutput) ValidityPeriodDays() pulumi.IntPtrOutput { + return o.ApplyT(func(v *ZeroTrustGatewayCertificate) pulumi.IntPtrOutput { return v.ValidityPeriodDays }).(pulumi.IntPtrOutput) +} + +type ZeroTrustGatewayCertificateArrayOutput struct{ *pulumi.OutputState } + +func (ZeroTrustGatewayCertificateArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ZeroTrustGatewayCertificate)(nil)).Elem() +} + +func (o ZeroTrustGatewayCertificateArrayOutput) ToZeroTrustGatewayCertificateArrayOutput() ZeroTrustGatewayCertificateArrayOutput { + return o +} + +func (o ZeroTrustGatewayCertificateArrayOutput) ToZeroTrustGatewayCertificateArrayOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateArrayOutput { + return o +} + +func (o ZeroTrustGatewayCertificateArrayOutput) Index(i pulumi.IntInput) ZeroTrustGatewayCertificateOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *ZeroTrustGatewayCertificate { + return vs[0].([]*ZeroTrustGatewayCertificate)[vs[1].(int)] + }).(ZeroTrustGatewayCertificateOutput) +} + +type ZeroTrustGatewayCertificateMapOutput struct{ *pulumi.OutputState } + +func (ZeroTrustGatewayCertificateMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ZeroTrustGatewayCertificate)(nil)).Elem() +} + +func (o ZeroTrustGatewayCertificateMapOutput) ToZeroTrustGatewayCertificateMapOutput() ZeroTrustGatewayCertificateMapOutput { + return o +} + +func (o ZeroTrustGatewayCertificateMapOutput) ToZeroTrustGatewayCertificateMapOutputWithContext(ctx context.Context) ZeroTrustGatewayCertificateMapOutput { + return o +} + +func (o ZeroTrustGatewayCertificateMapOutput) MapIndex(k pulumi.StringInput) ZeroTrustGatewayCertificateOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *ZeroTrustGatewayCertificate { + return vs[0].(map[string]*ZeroTrustGatewayCertificate)[vs[1].(string)] + }).(ZeroTrustGatewayCertificateOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewayCertificateInput)(nil)).Elem(), &ZeroTrustGatewayCertificate{}) + pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewayCertificateArrayInput)(nil)).Elem(), ZeroTrustGatewayCertificateArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ZeroTrustGatewayCertificateMapInput)(nil)).Elem(), ZeroTrustGatewayCertificateMap{}) + pulumi.RegisterOutputType(ZeroTrustGatewayCertificateOutput{}) + pulumi.RegisterOutputType(ZeroTrustGatewayCertificateArrayOutput{}) + pulumi.RegisterOutputType(ZeroTrustGatewayCertificateMapOutput{}) +} diff --git a/sdk/go/cloudflare/zeroTrustGatewaySettings.go b/sdk/go/cloudflare/zeroTrustGatewaySettings.go index adc0e8d95..6484a38d7 100644 --- a/sdk/go/cloudflare/zeroTrustGatewaySettings.go +++ b/sdk/go/cloudflare/zeroTrustGatewaySettings.go @@ -56,10 +56,11 @@ import ( // Tls: pulumi.Bool(true), // }, // Proxy: &cloudflare.ZeroTrustGatewaySettingsProxyArgs{ -// Tcp: pulumi.Bool(true), -// Udp: pulumi.Bool(true), -// RootCa: pulumi.Bool(true), -// VirtualIp: pulumi.Bool(false), +// Tcp: pulumi.Bool(true), +// Udp: pulumi.Bool(true), +// RootCa: pulumi.Bool(true), +// VirtualIp: pulumi.Bool(false), +// DisableForTime: pulumi.Int(3600), // }, // UrlBrowserIsolationEnabled: pulumi.Bool(true), // Logging: &cloudflare.ZeroTrustGatewaySettingsLoggingArgs{ @@ -110,7 +111,11 @@ type ZeroTrustGatewaySettings struct { BlockPage ZeroTrustGatewaySettingsBlockPagePtrOutput `pulumi:"blockPage"` // Configuration for body scanning. BodyScanning ZeroTrustGatewaySettingsBodyScanningPtrOutput `pulumi:"bodyScanning"` - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate ZeroTrustGatewaySettingsCertificatePtrOutput `pulumi:"certificate"` + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate ZeroTrustGatewaySettingsCustomCertificatePtrOutput `pulumi:"customCertificate"` // Configuration for extended e-mail matching. ExtendedEmailMatching ZeroTrustGatewaySettingsExtendedEmailMatchingOutput `pulumi:"extendedEmailMatching"` @@ -176,7 +181,11 @@ type zeroTrustGatewaySettingsState struct { BlockPage *ZeroTrustGatewaySettingsBlockPage `pulumi:"blockPage"` // Configuration for body scanning. BodyScanning *ZeroTrustGatewaySettingsBodyScanning `pulumi:"bodyScanning"` - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate *ZeroTrustGatewaySettingsCertificate `pulumi:"certificate"` + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate *ZeroTrustGatewaySettingsCustomCertificate `pulumi:"customCertificate"` // Configuration for extended e-mail matching. ExtendedEmailMatching *ZeroTrustGatewaySettingsExtendedEmailMatching `pulumi:"extendedEmailMatching"` @@ -210,7 +219,11 @@ type ZeroTrustGatewaySettingsState struct { BlockPage ZeroTrustGatewaySettingsBlockPagePtrInput // Configuration for body scanning. BodyScanning ZeroTrustGatewaySettingsBodyScanningPtrInput - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate ZeroTrustGatewaySettingsCertificatePtrInput + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate ZeroTrustGatewaySettingsCustomCertificatePtrInput // Configuration for extended e-mail matching. ExtendedEmailMatching ZeroTrustGatewaySettingsExtendedEmailMatchingPtrInput @@ -248,7 +261,11 @@ type zeroTrustGatewaySettingsArgs struct { BlockPage *ZeroTrustGatewaySettingsBlockPage `pulumi:"blockPage"` // Configuration for body scanning. BodyScanning *ZeroTrustGatewaySettingsBodyScanning `pulumi:"bodyScanning"` - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate *ZeroTrustGatewaySettingsCertificate `pulumi:"certificate"` + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate *ZeroTrustGatewaySettingsCustomCertificate `pulumi:"customCertificate"` // Configuration for extended e-mail matching. ExtendedEmailMatching *ZeroTrustGatewaySettingsExtendedEmailMatching `pulumi:"extendedEmailMatching"` @@ -283,7 +300,11 @@ type ZeroTrustGatewaySettingsArgs struct { BlockPage ZeroTrustGatewaySettingsBlockPagePtrInput // Configuration for body scanning. BodyScanning ZeroTrustGatewaySettingsBodyScanningPtrInput - // Configuration for custom certificates / BYO-PKI. + // Configuration for TLS interception certificate. This will be required starting Feb 2025. + Certificate ZeroTrustGatewaySettingsCertificatePtrInput + // Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + // + // Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. CustomCertificate ZeroTrustGatewaySettingsCustomCertificatePtrInput // Configuration for extended e-mail matching. ExtendedEmailMatching ZeroTrustGatewaySettingsExtendedEmailMatchingPtrInput @@ -418,7 +439,14 @@ func (o ZeroTrustGatewaySettingsOutput) BodyScanning() ZeroTrustGatewaySettingsB return o.ApplyT(func(v *ZeroTrustGatewaySettings) ZeroTrustGatewaySettingsBodyScanningPtrOutput { return v.BodyScanning }).(ZeroTrustGatewaySettingsBodyScanningPtrOutput) } -// Configuration for custom certificates / BYO-PKI. +// Configuration for TLS interception certificate. This will be required starting Feb 2025. +func (o ZeroTrustGatewaySettingsOutput) Certificate() ZeroTrustGatewaySettingsCertificatePtrOutput { + return o.ApplyT(func(v *ZeroTrustGatewaySettings) ZeroTrustGatewaySettingsCertificatePtrOutput { return v.Certificate }).(ZeroTrustGatewaySettingsCertificatePtrOutput) +} + +// Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. +// +// Deprecated: Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. func (o ZeroTrustGatewaySettingsOutput) CustomCertificate() ZeroTrustGatewaySettingsCustomCertificatePtrOutput { return o.ApplyT(func(v *ZeroTrustGatewaySettings) ZeroTrustGatewaySettingsCustomCertificatePtrOutput { return v.CustomCertificate diff --git a/sdk/go/cloudflare/zeroTrustRiskScoreIntegration.go b/sdk/go/cloudflare/zeroTrustRiskScoreIntegration.go index 17eeb306e..7df1d2236 100644 --- a/sdk/go/cloudflare/zeroTrustRiskScoreIntegration.go +++ b/sdk/go/cloudflare/zeroTrustRiskScoreIntegration.go @@ -12,6 +12,7 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta. type ZeroTrustRiskScoreIntegration struct { pulumi.CustomResourceState @@ -19,17 +20,13 @@ type ZeroTrustRiskScoreIntegration struct { AccountId pulumi.StringOutput `pulumi:"accountId"` // Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. Active pulumi.BoolOutput `pulumi:"active"` - // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - // https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body IntegrationType pulumi.StringOutput `pulumi:"integrationType"` - // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - // omitted, a random UUIDv4 is used. - // https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ReferenceId pulumi.StringOutput `pulumi:"referenceId"` // The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. TenantUrl pulumi.StringOutput `pulumi:"tenantUrl"` - // The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - // https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + // The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 WellKnownUrl pulumi.StringOutput `pulumi:"wellKnownUrl"` } @@ -76,17 +73,13 @@ type zeroTrustRiskScoreIntegrationState struct { AccountId *string `pulumi:"accountId"` // Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. Active *bool `pulumi:"active"` - // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - // https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body IntegrationType *string `pulumi:"integrationType"` - // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - // omitted, a random UUIDv4 is used. - // https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ReferenceId *string `pulumi:"referenceId"` // The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. TenantUrl *string `pulumi:"tenantUrl"` - // The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - // https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + // The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 WellKnownUrl *string `pulumi:"wellKnownUrl"` } @@ -95,17 +88,13 @@ type ZeroTrustRiskScoreIntegrationState struct { AccountId pulumi.StringPtrInput // Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. Active pulumi.BoolPtrInput - // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - // https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body IntegrationType pulumi.StringPtrInput - // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - // omitted, a random UUIDv4 is used. - // https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ReferenceId pulumi.StringPtrInput // The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. TenantUrl pulumi.StringPtrInput - // The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - // https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + // The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 WellKnownUrl pulumi.StringPtrInput } @@ -118,12 +107,9 @@ type zeroTrustRiskScoreIntegrationArgs struct { AccountId string `pulumi:"accountId"` // Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. Active *bool `pulumi:"active"` - // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - // https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body IntegrationType string `pulumi:"integrationType"` - // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - // omitted, a random UUIDv4 is used. - // https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ReferenceId *string `pulumi:"referenceId"` // The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. TenantUrl string `pulumi:"tenantUrl"` @@ -135,12 +121,9 @@ type ZeroTrustRiskScoreIntegrationArgs struct { AccountId pulumi.StringInput // Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. Active pulumi.BoolPtrInput - // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - // https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + // The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body IntegrationType pulumi.StringInput - // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - // omitted, a random UUIDv4 is used. - // https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + // A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider ReferenceId pulumi.StringPtrInput // The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. TenantUrl pulumi.StringInput @@ -243,15 +226,12 @@ func (o ZeroTrustRiskScoreIntegrationOutput) Active() pulumi.BoolOutput { return o.ApplyT(func(v *ZeroTrustRiskScoreIntegration) pulumi.BoolOutput { return v.Active }).(pulumi.BoolOutput) } -// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: -// https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body +// The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body func (o ZeroTrustRiskScoreIntegrationOutput) IntegrationType() pulumi.StringOutput { return o.ApplyT(func(v *ZeroTrustRiskScoreIntegration) pulumi.StringOutput { return v.IntegrationType }).(pulumi.StringOutput) } -// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If -// omitted, a random UUIDv4 is used. -// https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider +// A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider func (o ZeroTrustRiskScoreIntegrationOutput) ReferenceId() pulumi.StringOutput { return o.ApplyT(func(v *ZeroTrustRiskScoreIntegration) pulumi.StringOutput { return v.ReferenceId }).(pulumi.StringOutput) } @@ -261,8 +241,7 @@ func (o ZeroTrustRiskScoreIntegrationOutput) TenantUrl() pulumi.StringOutput { return o.ApplyT(func(v *ZeroTrustRiskScoreIntegration) pulumi.StringOutput { return v.TenantUrl }).(pulumi.StringOutput) } -// The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. -// https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 +// The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 func (o ZeroTrustRiskScoreIntegrationOutput) WellKnownUrl() pulumi.StringOutput { return o.ApplyT(func(v *ZeroTrustRiskScoreIntegration) pulumi.StringOutput { return v.WellKnownUrl }).(pulumi.StringOutput) } diff --git a/sdk/java/build.gradle b/sdk/java/build.gradle index 11471d304..3e34a6d9d 100644 --- a/sdk/java/build.gradle +++ b/sdk/java/build.gradle @@ -44,7 +44,7 @@ repositories { dependencies { implementation("com.google.code.findbugs:jsr305:3.0.2") implementation("com.google.code.gson:gson:2.8.9") - implementation("com.pulumi:pulumi:0.16.0") + implementation("com.pulumi:pulumi:0.16.1") } task sourcesJar(type: Jar) { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicy.java b/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicy.java index c8c5c8bbb..c12e2f114 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicy.java @@ -44,14 +44,14 @@ @ResourceType(type="cloudflare:index/accessPolicy:AccessPolicy") public class AccessPolicy extends com.pulumi.resources.CustomResource { /** - * The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zone_id`. * */ @Export(name="accountId", refs={String.class}, tree="[0]") private Output accountId; /** - * @return The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @return The account identifier to target for the resource. Conflicts with `zone_id`. * */ public Output> accountId() { @@ -224,14 +224,14 @@ public Output> sessionDuration() { return Codegen.optional(this.sessionDuration); } /** - * The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `account_id`. * */ @Export(name="zoneId", refs={String.class}, tree="[0]") private Output zoneId; /** - * @return The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @return The zone identifier to target for the resource. Conflicts with `account_id`. * */ public Output> zoneId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicyArgs.java index 10faecab6..42d4f2a79 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/AccessPolicyArgs.java @@ -24,14 +24,14 @@ public final class AccessPolicyArgs extends com.pulumi.resources.ResourceArgs { public static final AccessPolicyArgs Empty = new AccessPolicyArgs(); /** - * The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zone_id`. * */ @Import(name="accountId") private @Nullable Output accountId; /** - * @return The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @return The account identifier to target for the resource. Conflicts with `zone_id`. * */ public Optional> accountId() { @@ -218,14 +218,14 @@ public Optional> sessionDuration() { } /** - * The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `account_id`. * */ @Import(name="zoneId") private @Nullable Output zoneId; /** - * @return The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @return The zone identifier to target for the resource. Conflicts with `account_id`. * */ public Optional> zoneId() { @@ -271,7 +271,7 @@ public Builder(AccessPolicyArgs defaults) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -282,7 +282,7 @@ public Builder accountId(@Nullable Output accountId) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -575,7 +575,7 @@ public Builder sessionDuration(String sessionDuration) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * @@ -586,7 +586,7 @@ public Builder zoneId(@Nullable Output zoneId) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagement.java b/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagement.java index c1f81a832..2c895e202 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagement.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagement.java @@ -74,6 +74,20 @@ */ @ResourceType(type="cloudflare:index/botManagement:BotManagement") public class BotManagement extends com.pulumi.resources.CustomResource { + /** + * Enable rule to block AI Scrapers and Crawlers. + * + */ + @Export(name="aiBotsProtection", refs={String.class}, tree="[0]") + private Output aiBotsProtection; + + /** + * @return Enable rule to block AI Scrapers and Crawlers. + * + */ + public Output aiBotsProtection() { + return this.aiBotsProtection; + } /** * Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagementArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagementArgs.java index 74eb27665..e59751cba 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagementArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/BotManagementArgs.java @@ -17,6 +17,21 @@ public final class BotManagementArgs extends com.pulumi.resources.ResourceArgs { public static final BotManagementArgs Empty = new BotManagementArgs(); + /** + * Enable rule to block AI Scrapers and Crawlers. + * + */ + @Import(name="aiBotsProtection") + private @Nullable Output aiBotsProtection; + + /** + * @return Enable rule to block AI Scrapers and Crawlers. + * + */ + public Optional> aiBotsProtection() { + return Optional.ofNullable(this.aiBotsProtection); + } + /** * Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). * @@ -170,6 +185,7 @@ public Output zoneId() { private BotManagementArgs() {} private BotManagementArgs(BotManagementArgs $) { + this.aiBotsProtection = $.aiBotsProtection; this.autoUpdateModel = $.autoUpdateModel; this.enableJs = $.enableJs; this.fightMode = $.fightMode; @@ -200,6 +216,27 @@ public Builder(BotManagementArgs defaults) { $ = new BotManagementArgs(Objects.requireNonNull(defaults)); } + /** + * @param aiBotsProtection Enable rule to block AI Scrapers and Crawlers. + * + * @return builder + * + */ + public Builder aiBotsProtection(@Nullable Output aiBotsProtection) { + $.aiBotsProtection = aiBotsProtection; + return this; + } + + /** + * @param aiBotsProtection Enable rule to block AI Scrapers and Crawlers. + * + * @return builder + * + */ + public Builder aiBotsProtection(String aiBotsProtection) { + return aiBotsProtection(Output.of(aiBotsProtection)); + } + /** * @param autoUpdateModel Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicy.java b/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicy.java index 324c9e074..7052896f9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicy.java @@ -336,14 +336,14 @@ public Output> switchLocked() { return Codegen.optional(this.switchLocked); } /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ @Export(name="tunnelProtocol", refs={String.class}, tree="[0]") private Output tunnelProtocol; /** - * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ public Output> tunnelProtocol() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicyArgs.java index 6e58631ac..f43deb6e9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/DeviceSettingsPolicyArgs.java @@ -289,14 +289,14 @@ public Optional> switchLocked() { } /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ @Import(name="tunnelProtocol") private @Nullable Output tunnelProtocol; /** - * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ public Optional> tunnelProtocol() { @@ -724,7 +724,7 @@ public Builder switchLocked(Boolean switchLocked) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * @@ -735,7 +735,7 @@ public Builder tunnelProtocol(@Nullable Output tunnelProtocol) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicy.java b/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicy.java index 235fdb6dd..eda395c41 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicy.java @@ -49,14 +49,14 @@ public Output accountId() { return this.accountId; } /** - * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * */ @Export(name="alertType", refs={String.class}, tree="[0]") private Output alertType; /** - * @return The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @return The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * */ public Output alertType() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicyArgs.java index 8b4c071ef..8b0ad4199 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/NotificationPolicyArgs.java @@ -38,14 +38,14 @@ public Output accountId() { } /** - * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * */ @Import(name="alertType", required=true) private Output alertType; /** - * @return The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @return The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * */ public Output alertType() { @@ -211,7 +211,7 @@ public Builder accountId(String accountId) { } /** - * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * * @return builder * @@ -222,7 +222,7 @@ public Builder alertType(Output alertType) { } /** - * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/Ruleset.java b/sdk/java/src/main/java/com/pulumi/cloudflare/Ruleset.java index fab130437..849738ce2 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/Ruleset.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/Ruleset.java @@ -25,461 +25,6 @@ * in different products, allowing you to configure several products using the same * basic syntax. * - * ## Example Usage - * - * <!--Start PulumiCodeChooser --> - * 
- * {@code
- * package generated_program;
- * 
- * import com.pulumi.Context;
- * import com.pulumi.Pulumi;
- * import com.pulumi.core.Output;
- * import com.pulumi.cloudflare.Ruleset;
- * import com.pulumi.cloudflare.RulesetArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersOverridesArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriPathArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersUriQueryArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleRatelimitArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersOriginArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersEdgeTtlArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersBrowserTtlArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersServeStaleArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyUserArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyCustomKeyHostArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromListArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueArgs;
- * import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueTargetUrlArgs;
- * import java.util.List;
- * import java.util.ArrayList;
- * import java.util.Map;
- * import java.io.File;
- * import java.nio.file.Files;
- * import java.nio.file.Paths;
- * 
- * public class App {
- *     public static void main(String[] args) {
- *         Pulumi.run(App::stack);
- *     }
- * 
- *     public static void stack(Context ctx) {
- *         // Magic Transit
- *         var magicTransitExample = new Ruleset("magicTransitExample", RulesetArgs.builder()
- *             .accountId("f037e56e89293a057740de681ac9abbe")
- *             .name("account magic transit")
- *             .description("example magic transit ruleset description")
- *             .kind("root")
- *             .phase("magic_transit")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("allow")
- *                 .expression("tcp.dstport in { 32768..65535 }")
- *                 .description("Allow TCP Ephemeral Ports")
- *                 .build())
- *             .build());
- * 
- *         // Zone-level WAF Managed Ruleset
- *         var zoneLevelManagedWaf = new Ruleset("zoneLevelManagedWaf", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("managed WAF")
- *             .description("managed WAF ruleset description")
- *             .kind("zone")
- *             .phase("http_request_firewall_managed")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("execute")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .id("efb7b8c949ac4650a09736fc376e9aee")
- *                     .build())
- *                 .expression("(http.host eq \"example.host.com\")")
- *                 .description("Execute Cloudflare Managed Ruleset on my zone-level phase entry point ruleset")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Zone-level WAF with tag-based overrides
- *         var zoneLevelManagedWafWithCategoryBasedOverrides = new Ruleset("zoneLevelManagedWafWithCategoryBasedOverrides", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("managed WAF with tag-based overrides")
- *             .description("managed WAF with tag-based overrides ruleset description")
- *             .kind("zone")
- *             .phase("http_request_firewall_managed")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("execute")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .id("efb7b8c949ac4650a09736fc376e9aee")
- *                     .overrides(RulesetRuleActionParametersOverridesArgs.builder()
- *                         .categories(                        
- *                             RulesetRuleActionParametersOverridesCategoryArgs.builder()
- *                                 .category("wordpress")
- *                                 .action("block")
- *                                 .enabled(true)
- *                                 .build(),
- *                             RulesetRuleActionParametersOverridesCategoryArgs.builder()
- *                                 .category("joomla")
- *                                 .action("block")
- *                                 .enabled(true)
- *                                 .build())
- *                         .build())
- *                     .build())
- *                 .expression("(http.host eq \"example.host.com\")")
- *                 .description("overrides to only enable wordpress rules to block")
- *                 .enabled(false)
- *                 .build())
- *             .build());
- * 
- *         // Rewrite the URI path component to a static path
- *         var transformUriRulePath = new Ruleset("transformUriRulePath", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("transform rule for URI path")
- *             .description("change the URI path to a new static path")
- *             .kind("zone")
- *             .phase("http_request_transform")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("rewrite")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .uri(RulesetRuleActionParametersUriArgs.builder()
- *                         .path(RulesetRuleActionParametersUriPathArgs.builder()
- *                             .value("/my-new-route")
- *                             .build())
- *                         .build())
- *                     .build())
- *                 .expression("(http.host eq \"example.com\" and http.request.uri.path eq \"/old-path\")")
- *                 .description("example URI path transform rule")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Rewrite the URI query component to a static query
- *         var transformUriRuleQuery = new Ruleset("transformUriRuleQuery", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("transform rule for URI query parameter")
- *             .description("change the URI query to a new static query")
- *             .kind("zone")
- *             .phase("http_request_transform")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("rewrite")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .uri(RulesetRuleActionParametersUriArgs.builder()
- *                         .query(RulesetRuleActionParametersUriQueryArgs.builder()
- *                             .value("old=new_again")
- *                             .build())
- *                         .build())
- *                     .build())
- *                 .expression("(http.host eq \"example.host.com\")")
- *                 .description("URI transformation query example")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Rewrite HTTP headers to a modified values
- *         var transformUriHttpHeaders = new Ruleset("transformUriHttpHeaders", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("transform rule for HTTP headers")
- *             .description("modify HTTP headers before reaching origin")
- *             .kind("zone")
- *             .phase("http_request_late_transform")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("rewrite")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .headers(                    
- *                         RulesetRuleActionParametersHeaderArgs.builder()
- *                             .name("example-http-header-1")
- *                             .operation("set")
- *                             .value("my-http-header-value-1")
- *                             .build(),
- *                         RulesetRuleActionParametersHeaderArgs.builder()
- *                             .name("example-http-header-2")
- *                             .operation("set")
- *                             .expression("cf.zone.name")
- *                             .build(),
- *                         RulesetRuleActionParametersHeaderArgs.builder()
- *                             .name("example-http-header-3-to-remove")
- *                             .operation("remove")
- *                             .build())
- *                     .build())
- *                 .expression("(http.host eq \"example.host.com\")")
- *                 .description("example request header transform rule")
- *                 .enabled(false)
- *                 .build())
- *             .build());
- * 
- *         // HTTP rate limit for an API route
- *         var rateLimitingExample = new Ruleset("rateLimitingExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("restrict API requests count")
- *             .description("apply HTTP rate limiting for a route")
- *             .kind("zone")
- *             .phase("http_ratelimit")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("block")
- *                 .ratelimit(RulesetRuleRatelimitArgs.builder()
- *                     .characteristics(                    
- *                         "cf.colo.id",
- *                         "ip.src")
- *                     .period(60)
- *                     .requestsPerPeriod(100)
- *                     .mitigationTimeout(600)
- *                     .build())
- *                 .expression("(http.request.uri.path matches \"^/api/\")")
- *                 .description("rate limit for API")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Change origin for an API route
- *         var httpOriginExample = new Ruleset("httpOriginExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("Change to some origin")
- *             .description("Change origin for a route")
- *             .kind("zone")
- *             .phase("http_request_origin")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("route")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .hostHeader("some.host")
- *                     .origin(RulesetRuleActionParametersOriginArgs.builder()
- *                         .host("some.host")
- *                         .port(80)
- *                         .build())
- *                     .build())
- *                 .expression("(http.request.uri.path matches \"^/api/\")")
- *                 .description("change origin to some.host")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Custom fields logging
- *         var customFieldsLoggingExample = new Ruleset("customFieldsLoggingExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("log custom fields")
- *             .description("add custom fields to logging")
- *             .kind("zone")
- *             .phase("http_log_custom_fields")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("log_custom_field")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .requestFields(                    
- *                         "content-type",
- *                         "x-forwarded-for",
- *                         "host")
- *                     .responseFields(                    
- *                         "server",
- *                         "content-type",
- *                         "allow")
- *                     .cookieFields(                    
- *                         "__ga",
- *                         "accountNumber",
- *                         "__cfruid")
- *                     .build())
- *                 .expression("(http.host eq \"example.host.com\")")
- *                 .description("log custom fields rule")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Custom cache keys + settings
- *         var cacheSettingsExample = new Ruleset("cacheSettingsExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("set cache settings")
- *             .description("set cache settings for the request")
- *             .kind("zone")
- *             .phase("http_request_cache_settings")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("set_cache_settings")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .edgeTtl(RulesetRuleActionParametersEdgeTtlArgs.builder()
- *                         .mode("override_origin")
- *                         .default_(60)
- *                         .statusCodeTtls(                        
- *                             RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()
- *                                 .statusCode(200)
- *                                 .value(50)
- *                                 .build(),
- *                             RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs.builder()
- *                                 .statusCodeRange(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
- *                                 .value(30)
- *                                 .build())
- *                         .build())
- *                     .browserTtl(RulesetRuleActionParametersBrowserTtlArgs.builder()
- *                         .mode("respect_origin")
- *                         .build())
- *                     .serveStale(RulesetRuleActionParametersServeStaleArgs.builder()
- *                         .disableStaleWhileUpdating(true)
- *                         .build())
- *                     .respectStrongEtags(true)
- *                     .cacheKey(RulesetRuleActionParametersCacheKeyArgs.builder()
- *                         .ignoreQueryStringsOrder(false)
- *                         .cacheDeceptionArmor(true)
- *                         .customKey(RulesetRuleActionParametersCacheKeyCustomKeyArgs.builder()
- *                             .queryString(RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs.builder()
- *                                 .excludes("*")
- *                                 .build())
- *                             .header(RulesetRuleActionParametersCacheKeyCustomKeyHeaderArgs.builder()
- *                                 .includes(                                
- *                                     "habc",
- *                                     "hdef")
- *                                 .checkPresences(                                
- *                                     "habc_t",
- *                                     "hdef_t")
- *                                 .excludeOrigin(true)
- *                                 .contains(Map.ofEntries(
- *                                     Map.entry("accept",                                     
- *                                         "image/web",
- *                                         "image/png"),
- *                                     Map.entry("accept-encoding",                                     
- *                                         "br",
- *                                         "zstd"),
- *                                     Map.entry("some-header",                                     
- *                                         "some-value",
- *                                         "some-other-value")
- *                                 ))
- *                                 .build())
- *                             .cookie(RulesetRuleActionParametersCacheKeyCustomKeyCookieArgs.builder()
- *                                 .includes(                                
- *                                     "cabc",
- *                                     "cdef")
- *                                 .checkPresences(                                
- *                                     "cabc_t",
- *                                     "cdef_t")
- *                                 .build())
- *                             .user(RulesetRuleActionParametersCacheKeyCustomKeyUserArgs.builder()
- *                                 .deviceType(true)
- *                                 .geo(false)
- *                                 .build())
- *                             .host(RulesetRuleActionParametersCacheKeyCustomKeyHostArgs.builder()
- *                                 .resolved(true)
- *                                 .build())
- *                             .build())
- *                         .build())
- *                     .originErrorPagePassthru(false)
- *                     .build())
- *                 .expression("(http.host eq \"example.host.com\")")
- *                 .description("set cache settings rule")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Redirects based on a List resource
- *         var redirectFromListExample = new Ruleset("redirectFromListExample", RulesetArgs.builder()
- *             .accountId("f037e56e89293a057740de681ac9abbe")
- *             .name("redirects")
- *             .description("Redirect ruleset")
- *             .kind("root")
- *             .phase("http_request_redirect")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("redirect")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .fromList(RulesetRuleActionParametersFromListArgs.builder()
- *                         .name("redirect_list")
- *                         .key("http.request.full_uri")
- *                         .build())
- *                     .build())
- *                 .expression("http.request.full_uri in $redirect_list")
- *                 .description("Apply redirects from redirect_list")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Dynamic Redirects from value resource
- *         var redirectFromValueExample = new Ruleset("redirectFromValueExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("redirects")
- *             .description("Redirect ruleset")
- *             .kind("zone")
- *             .phase("http_request_dynamic_redirect")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("redirect")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .fromValue(RulesetRuleActionParametersFromValueArgs.builder()
- *                         .statusCode(301)
- *                         .targetUrl(RulesetRuleActionParametersFromValueTargetUrlArgs.builder()
- *                             .value("some_host.com")
- *                             .build())
- *                         .preserveQueryString(true)
- *                         .build())
- *                     .build())
- *                 .expression("(http.request.uri.path matches \"^/api/\")")
- *                 .description("Apply redirect from value")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Serve some custom error response
- *         var httpCustomErrorExample = new Ruleset("httpCustomErrorExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("Serve some error response")
- *             .description("Serve some error response")
- *             .kind("zone")
- *             .phase("http_custom_errors")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("serve_error")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .content("some error html")
- *                     .contentType("text/html")
- *                     .statusCode("530")
- *                     .build())
- *                 .expression("(http.request.uri.path matches \"^/api/\")")
- *                 .description("serve some error response")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Set Configuration Rules for an API route
- *         var httpConfigRulesExample = new Ruleset("httpConfigRulesExample", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("set config rules")
- *             .description("set config rules for request")
- *             .kind("zone")
- *             .phase("http_config_settings")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("set_config")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .emailObfuscation(true)
- *                     .bic(true)
- *                     .build())
- *                 .expression("(http.request.uri.path matches \"^/api/\")")
- *                 .description("set config rules for matching request")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *         // Set compress algorithm for response.
- *         var responseCompressBrotliHtml = new Ruleset("responseCompressBrotliHtml", RulesetArgs.builder()
- *             .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
- *             .name("Brotli response compression for HTML")
- *             .description("Response compression ruleset")
- *             .kind("zone")
- *             .phase("http_response_compression")
- *             .rules(RulesetRuleArgs.builder()
- *                 .action("compress_response")
- *                 .actionParameters(RulesetRuleActionParametersArgs.builder()
- *                     .algorithms(                    
- *                         RulesetRuleActionParametersAlgorithmArgs.builder()
- *                             .name("brotli")
- *                             .build(),
- *                         RulesetRuleActionParametersAlgorithmArgs.builder()
- *                             .name("auto")
- *                             .build())
- *                     .build())
- *                 .expression("http.response.content_type.media_type == \"text/html\"")
- *                 .description("Prefer brotli compression for HTML")
- *                 .enabled(true)
- *                 .build())
- *             .build());
- * 
- *     }
- * }
- * }
- *
- * <!--End PulumiCodeChooser --> - * * ## Import * * Import an account scoped Ruleset configuration. diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccount.java b/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccount.java index 1321823b9..c9777d417 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccount.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccount.java @@ -9,6 +9,7 @@ import com.pulumi.cloudflare.outputs.TeamsAccountAntivirus; import com.pulumi.cloudflare.outputs.TeamsAccountBlockPage; import com.pulumi.cloudflare.outputs.TeamsAccountBodyScanning; +import com.pulumi.cloudflare.outputs.TeamsAccountCertificate; import com.pulumi.cloudflare.outputs.TeamsAccountCustomCertificate; import com.pulumi.cloudflare.outputs.TeamsAccountExtendedEmailMatching; import com.pulumi.cloudflare.outputs.TeamsAccountFips; @@ -97,6 +98,7 @@ * .udp(true) * .rootCa(true) * .virtualIp(false) + * .disableForTime(3600) * .build()) * .urlBrowserIsolationEnabled(true) * .logging(TeamsAccountLoggingArgs.builder() @@ -207,14 +209,32 @@ public Output> bodyScanning() { return Codegen.optional(this.bodyScanning); } /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. * */ + @Export(name="certificate", refs={TeamsAccountCertificate.class}, tree="[0]") + private Output certificate; + + /** + * @return Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + */ + public Output> certificate() { + return Codegen.optional(this.certificate); + } + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * + */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ @Export(name="customCertificate", refs={TeamsAccountCustomCertificate.class}, tree="[0]") private Output customCertificate; /** - * @return Configuration for custom certificates / BYO-PKI. + * @return Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * */ public Output> customCertificate() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccountArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccountArgs.java index 840447ec6..419d01236 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccountArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/TeamsAccountArgs.java @@ -6,6 +6,7 @@ import com.pulumi.cloudflare.inputs.TeamsAccountAntivirusArgs; import com.pulumi.cloudflare.inputs.TeamsAccountBlockPageArgs; import com.pulumi.cloudflare.inputs.TeamsAccountBodyScanningArgs; +import com.pulumi.cloudflare.inputs.TeamsAccountCertificateArgs; import com.pulumi.cloudflare.inputs.TeamsAccountCustomCertificateArgs; import com.pulumi.cloudflare.inputs.TeamsAccountExtendedEmailMatchingArgs; import com.pulumi.cloudflare.inputs.TeamsAccountFipsArgs; @@ -103,16 +104,39 @@ public Optional> bodyScanning() { } /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. * */ + @Import(name="certificate") + private @Nullable Output certificate; + + /** + * @return Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + */ + public Optional> certificate() { + return Optional.ofNullable(this.certificate); + } + + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * + */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ @Import(name="customCertificate") private @Nullable Output customCertificate; /** - * @return Configuration for custom certificates / BYO-PKI. + * @return Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Optional> customCertificate() { return Optional.ofNullable(this.customCertificate); } @@ -267,6 +291,7 @@ private TeamsAccountArgs(TeamsAccountArgs $) { this.antivirus = $.antivirus; this.blockPage = $.blockPage; this.bodyScanning = $.bodyScanning; + this.certificate = $.certificate; this.customCertificate = $.customCertificate; this.extendedEmailMatching = $.extendedEmailMatching; this.fips = $.fips; @@ -404,22 +429,51 @@ public Builder bodyScanning(TeamsAccountBodyScanningArgs bodyScanning) { } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(@Nullable Output certificate) { + $.certificate = certificate; + return this; + } + + /** + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(TeamsAccountCertificateArgs certificate) { + return certificate(Output.of(certificate)); + } + + /** + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(@Nullable Output customCertificate) { $.customCertificate = customCertificate; return this; } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(TeamsAccountCustomCertificateArgs customCertificate) { return customCertificate(Output.of(customCertificate)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoom.java b/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoom.java index 2f5b995ab..34302bdb1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoom.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoom.java @@ -65,6 +65,7 @@ * .host("shop2.example.com") * .build()) * .queueingStatusCode(200) + * .enabledOriginCommands("revoke") * .build()); * * } @@ -169,14 +170,14 @@ public Output> disableSessionRenewal() { return Codegen.optional(this.disableSessionRenewal); } /** - * The list of enabled origin commands for the waiting room. Available values: `revoke` + * The list of enabled origin commands for the waiting room. Available values: `revoke`. * */ @Export(name="enabledOriginCommands", refs={List.class,String.class}, tree="[0,1]") private Output> enabledOriginCommands; /** - * @return The list of enabled origin commands for the waiting room. Available values: `revoke` + * @return The list of enabled origin commands for the waiting room. Available values: `revoke`. * */ public Output>> enabledOriginCommands() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoomArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoomArgs.java index a1993cea3..08a38e8d6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoomArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/WaitingRoomArgs.java @@ -111,14 +111,14 @@ public Optional> disableSessionRenewal() { } /** - * The list of enabled origin commands for the waiting room. Available values: `revoke` + * The list of enabled origin commands for the waiting room. Available values: `revoke`. * */ @Import(name="enabledOriginCommands") private @Nullable Output> enabledOriginCommands; /** - * @return The list of enabled origin commands for the waiting room. Available values: `revoke` + * @return The list of enabled origin commands for the waiting room. Available values: `revoke`. * */ public Optional>> enabledOriginCommands() { @@ -484,7 +484,7 @@ public Builder disableSessionRenewal(Boolean disableSessionRenewal) { } /** - * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke` + * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke`. * * @return builder * @@ -495,7 +495,7 @@ public Builder enabledOriginCommands(@Nullable Output> enabledOrigi } /** - * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke` + * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke`. * * @return builder * @@ -505,7 +505,7 @@ public Builder enabledOriginCommands(List enabledOriginCommands) { } /** - * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke` + * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScript.java b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScript.java index 07a47cbba..8315bd9a8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScript.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScript.java @@ -8,6 +8,7 @@ import com.pulumi.cloudflare.inputs.WorkerScriptState; import com.pulumi.cloudflare.outputs.WorkerScriptAnalyticsEngineBinding; import com.pulumi.cloudflare.outputs.WorkerScriptD1DatabaseBinding; +import com.pulumi.cloudflare.outputs.WorkerScriptHyperdriveConfigBinding; import com.pulumi.cloudflare.outputs.WorkerScriptKvNamespaceBinding; import com.pulumi.cloudflare.outputs.WorkerScriptPlacement; import com.pulumi.cloudflare.outputs.WorkerScriptPlainTextBinding; @@ -205,6 +206,12 @@ public Output>> d1DatabaseBindings( public Output> dispatchNamespace() { return Codegen.optional(this.dispatchNamespace); } + @Export(name="hyperdriveConfigBindings", refs={List.class,WorkerScriptHyperdriveConfigBinding.class}, tree="[0,1]") + private Output> hyperdriveConfigBindings; + + public Output>> hyperdriveConfigBindings() { + return Codegen.optional(this.hyperdriveConfigBindings); + } @Export(name="kvNamespaceBindings", refs={List.class,WorkerScriptKvNamespaceBinding.class}, tree="[0,1]") private Output> kvNamespaceBindings; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScriptArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScriptArgs.java index f2808600d..e75552334 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScriptArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkerScriptArgs.java @@ -5,6 +5,7 @@ import com.pulumi.cloudflare.inputs.WorkerScriptAnalyticsEngineBindingArgs; import com.pulumi.cloudflare.inputs.WorkerScriptD1DatabaseBindingArgs; +import com.pulumi.cloudflare.inputs.WorkerScriptHyperdriveConfigBindingArgs; import com.pulumi.cloudflare.inputs.WorkerScriptKvNamespaceBindingArgs; import com.pulumi.cloudflare.inputs.WorkerScriptPlacementArgs; import com.pulumi.cloudflare.inputs.WorkerScriptPlainTextBindingArgs; @@ -117,6 +118,13 @@ public Optional> dispatchNamespace() { return Optional.ofNullable(this.dispatchNamespace); } + @Import(name="hyperdriveConfigBindings") + private @Nullable Output> hyperdriveConfigBindings; + + public Optional>> hyperdriveConfigBindings() { + return Optional.ofNullable(this.hyperdriveConfigBindings); + } + @Import(name="kvNamespaceBindings") private @Nullable Output> kvNamespaceBindings; @@ -235,6 +243,7 @@ private WorkerScriptArgs(WorkerScriptArgs $) { this.content = $.content; this.d1DatabaseBindings = $.d1DatabaseBindings; this.dispatchNamespace = $.dispatchNamespace; + this.hyperdriveConfigBindings = $.hyperdriveConfigBindings; this.kvNamespaceBindings = $.kvNamespaceBindings; this.logpush = $.logpush; this.module = $.module; @@ -408,6 +417,19 @@ public Builder dispatchNamespace(String dispatchNamespace) { return dispatchNamespace(Output.of(dispatchNamespace)); } + public Builder hyperdriveConfigBindings(@Nullable Output> hyperdriveConfigBindings) { + $.hyperdriveConfigBindings = hyperdriveConfigBindings; + return this; + } + + public Builder hyperdriveConfigBindings(List hyperdriveConfigBindings) { + return hyperdriveConfigBindings(Output.of(hyperdriveConfigBindings)); + } + + public Builder hyperdriveConfigBindings(WorkerScriptHyperdriveConfigBindingArgs... hyperdriveConfigBindings) { + return hyperdriveConfigBindings(List.of(hyperdriveConfigBindings)); + } + public Builder kvNamespaceBindings(@Nullable Output> kvNamespaceBindings) { $.kvNamespaceBindings = kvNamespaceBindings; return this; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScript.java b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScript.java index 6c6385119..ebaa8d559 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScript.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScript.java @@ -8,6 +8,7 @@ import com.pulumi.cloudflare.inputs.WorkersScriptState; import com.pulumi.cloudflare.outputs.WorkersScriptAnalyticsEngineBinding; import com.pulumi.cloudflare.outputs.WorkersScriptD1DatabaseBinding; +import com.pulumi.cloudflare.outputs.WorkersScriptHyperdriveConfigBinding; import com.pulumi.cloudflare.outputs.WorkersScriptKvNamespaceBinding; import com.pulumi.cloudflare.outputs.WorkersScriptPlacement; import com.pulumi.cloudflare.outputs.WorkersScriptPlainTextBinding; @@ -205,6 +206,12 @@ public Output>> d1DatabaseBindings public Output> dispatchNamespace() { return Codegen.optional(this.dispatchNamespace); } + @Export(name="hyperdriveConfigBindings", refs={List.class,WorkersScriptHyperdriveConfigBinding.class}, tree="[0,1]") + private Output> hyperdriveConfigBindings; + + public Output>> hyperdriveConfigBindings() { + return Codegen.optional(this.hyperdriveConfigBindings); + } @Export(name="kvNamespaceBindings", refs={List.class,WorkersScriptKvNamespaceBinding.class}, tree="[0,1]") private Output> kvNamespaceBindings; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScriptArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScriptArgs.java index 685aa98ba..370120fa5 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScriptArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/WorkersScriptArgs.java @@ -5,6 +5,7 @@ import com.pulumi.cloudflare.inputs.WorkersScriptAnalyticsEngineBindingArgs; import com.pulumi.cloudflare.inputs.WorkersScriptD1DatabaseBindingArgs; +import com.pulumi.cloudflare.inputs.WorkersScriptHyperdriveConfigBindingArgs; import com.pulumi.cloudflare.inputs.WorkersScriptKvNamespaceBindingArgs; import com.pulumi.cloudflare.inputs.WorkersScriptPlacementArgs; import com.pulumi.cloudflare.inputs.WorkersScriptPlainTextBindingArgs; @@ -117,6 +118,13 @@ public Optional> dispatchNamespace() { return Optional.ofNullable(this.dispatchNamespace); } + @Import(name="hyperdriveConfigBindings") + private @Nullable Output> hyperdriveConfigBindings; + + public Optional>> hyperdriveConfigBindings() { + return Optional.ofNullable(this.hyperdriveConfigBindings); + } + @Import(name="kvNamespaceBindings") private @Nullable Output> kvNamespaceBindings; @@ -235,6 +243,7 @@ private WorkersScriptArgs(WorkersScriptArgs $) { this.content = $.content; this.d1DatabaseBindings = $.d1DatabaseBindings; this.dispatchNamespace = $.dispatchNamespace; + this.hyperdriveConfigBindings = $.hyperdriveConfigBindings; this.kvNamespaceBindings = $.kvNamespaceBindings; this.logpush = $.logpush; this.module = $.module; @@ -408,6 +417,19 @@ public Builder dispatchNamespace(String dispatchNamespace) { return dispatchNamespace(Output.of(dispatchNamespace)); } + public Builder hyperdriveConfigBindings(@Nullable Output> hyperdriveConfigBindings) { + $.hyperdriveConfigBindings = hyperdriveConfigBindings; + return this; + } + + public Builder hyperdriveConfigBindings(List hyperdriveConfigBindings) { + return hyperdriveConfigBindings(Output.of(hyperdriveConfigBindings)); + } + + public Builder hyperdriveConfigBindings(WorkersScriptHyperdriveConfigBindingArgs... hyperdriveConfigBindings) { + return hyperdriveConfigBindings(List.of(hyperdriveConfigBindings)); + } + public Builder kvNamespaceBindings(@Nullable Output> kvNamespaceBindings) { $.kvNamespaceBindings = kvNamespaceBindings; return this; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicy.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicy.java index fdd7b3ee6..69fd66062 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicy.java @@ -44,14 +44,14 @@ @ResourceType(type="cloudflare:index/zeroTrustAccessPolicy:ZeroTrustAccessPolicy") public class ZeroTrustAccessPolicy extends com.pulumi.resources.CustomResource { /** - * The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zone_id`. * */ @Export(name="accountId", refs={String.class}, tree="[0]") private Output accountId; /** - * @return The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @return The account identifier to target for the resource. Conflicts with `zone_id`. * */ public Output> accountId() { @@ -224,14 +224,14 @@ public Output> sessionDuration() { return Codegen.optional(this.sessionDuration); } /** - * The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `account_id`. * */ @Export(name="zoneId", refs={String.class}, tree="[0]") private Output zoneId; /** - * @return The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @return The zone identifier to target for the resource. Conflicts with `account_id`. * */ public Output> zoneId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicyArgs.java index 774ef1833..50f5bf2d1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustAccessPolicyArgs.java @@ -24,14 +24,14 @@ public final class ZeroTrustAccessPolicyArgs extends com.pulumi.resources.Resour public static final ZeroTrustAccessPolicyArgs Empty = new ZeroTrustAccessPolicyArgs(); /** - * The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zone_id`. * */ @Import(name="accountId") private @Nullable Output accountId; /** - * @return The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @return The account identifier to target for the resource. Conflicts with `zone_id`. * */ public Optional> accountId() { @@ -218,14 +218,14 @@ public Optional> sessionDuration() { } /** - * The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `account_id`. * */ @Import(name="zoneId") private @Nullable Output zoneId; /** - * @return The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @return The zone identifier to target for the resource. Conflicts with `account_id`. * */ public Optional> zoneId() { @@ -271,7 +271,7 @@ public Builder(ZeroTrustAccessPolicyArgs defaults) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -282,7 +282,7 @@ public Builder accountId(@Nullable Output accountId) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -575,7 +575,7 @@ public Builder sessionDuration(String sessionDuration) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * @@ -586,7 +586,7 @@ public Builder zoneId(@Nullable Output zoneId) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRule.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRule.java index d322b3d44..1adccded0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRule.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRule.java @@ -173,14 +173,14 @@ public Output> schedule() { return Codegen.optional(this.schedule); } /** - * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ @Export(name="type", refs={String.class}, tree="[0]") private Output type; /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ public Output type() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRuleArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRuleArgs.java index 4c6aebb01..39132ffec 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRuleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDevicePostureRuleArgs.java @@ -117,14 +117,14 @@ public Optional> schedule() { } /** - * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ @Import(name="type", required=true) private Output type; /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ public Output type() { @@ -318,7 +318,7 @@ public Builder schedule(String schedule) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * @@ -329,7 +329,7 @@ public Builder type(Output type) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfiles.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfiles.java index 881e05076..e976fbd27 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfiles.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfiles.java @@ -335,14 +335,14 @@ public Output> switchLocked() { return Codegen.optional(this.switchLocked); } /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ @Export(name="tunnelProtocol", refs={String.class}, tree="[0]") private Output tunnelProtocol; /** - * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ public Output> tunnelProtocol() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfilesArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfilesArgs.java index afb9c8b95..c9b37a012 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfilesArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustDeviceProfilesArgs.java @@ -289,14 +289,14 @@ public Optional> switchLocked() { } /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ @Import(name="tunnelProtocol") private @Nullable Output tunnelProtocol; /** - * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ public Optional> tunnelProtocol() { @@ -724,7 +724,7 @@ public Builder switchLocked(Boolean switchLocked) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * @@ -735,7 +735,7 @@ public Builder tunnelProtocol(@Nullable Output tunnelProtocol) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificate.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificate.java new file mode 100644 index 000000000..7fb67cc20 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificate.java @@ -0,0 +1,204 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare; + +import com.pulumi.cloudflare.Utilities; +import com.pulumi.cloudflare.ZeroTrustGatewayCertificateArgs; +import com.pulumi.cloudflare.inputs.ZeroTrustGatewayCertificateState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can + * be specified for Gateway TLS interception and block pages. + * + */ +@ResourceType(type="cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate") +public class ZeroTrustGatewayCertificate extends com.pulumi.resources.CustomResource { + /** + * The account identifier to target for the resource. + * + */ + @Export(name="accountId", refs={String.class}, tree="[0]") + private Output accountId; + + /** + * @return The account identifier to target for the resource. + * + */ + public Output accountId() { + return this.accountId; + } + /** + * Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + */ + @Export(name="activate", refs={Boolean.class}, tree="[0]") + private Output activate; + + /** + * @return Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + */ + public Output> activate() { + return Codegen.optional(this.activate); + } + /** + * The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + * + */ + @Export(name="bindingStatus", refs={String.class}, tree="[0]") + private Output bindingStatus; + + /** + * @return The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + * + */ + public Output bindingStatus() { + return this.bindingStatus; + } + @Export(name="createdAt", refs={String.class}, tree="[0]") + private Output createdAt; + + public Output createdAt() { + return this.createdAt; + } + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + @Export(name="custom", refs={Boolean.class}, tree="[0]") + private Output custom; + + /** + * @return The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + public Output> custom() { + return Codegen.optional(this.custom); + } + @Export(name="expiresOn", refs={String.class}, tree="[0]") + private Output expiresOn; + + public Output expiresOn() { + return this.expiresOn; + } + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + @Export(name="gatewayManaged", refs={Boolean.class}, tree="[0]") + private Output gatewayManaged; + + /** + * @return The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + public Output> gatewayManaged() { + return Codegen.optional(this.gatewayManaged); + } + /** + * Whether the certificate is in use by Gateway for TLS interception and the block page. + * + */ + @Export(name="inUse", refs={Boolean.class}, tree="[0]") + private Output inUse; + + /** + * @return Whether the certificate is in use by Gateway for TLS interception and the block page. + * + */ + public Output inUse() { + return this.inUse; + } + @Export(name="qsPackId", refs={String.class}, tree="[0]") + private Output qsPackId; + + public Output qsPackId() { + return this.qsPackId; + } + @Export(name="uploadedOn", refs={String.class}, tree="[0]") + private Output uploadedOn; + + public Output uploadedOn() { + return this.uploadedOn; + } + /** + * Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + */ + @Export(name="validityPeriodDays", refs={Integer.class}, tree="[0]") + private Output validityPeriodDays; + + /** + * @return Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + */ + public Output> validityPeriodDays() { + return Codegen.optional(this.validityPeriodDays); + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public ZeroTrustGatewayCertificate(java.lang.String name) { + this(name, ZeroTrustGatewayCertificateArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public ZeroTrustGatewayCertificate(java.lang.String name, ZeroTrustGatewayCertificateArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public ZeroTrustGatewayCertificate(java.lang.String name, ZeroTrustGatewayCertificateArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private ZeroTrustGatewayCertificate(java.lang.String name, Output id, @Nullable ZeroTrustGatewayCertificateState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate", name, state, makeResourceOptions(options, id), false); + } + + private static ZeroTrustGatewayCertificateArgs makeArgs(ZeroTrustGatewayCertificateArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? ZeroTrustGatewayCertificateArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static ZeroTrustGatewayCertificate get(java.lang.String name, Output id, @Nullable ZeroTrustGatewayCertificateState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new ZeroTrustGatewayCertificate(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificateArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificateArgs.java new file mode 100644 index 000000000..2675af3aa --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewayCertificateArgs.java @@ -0,0 +1,237 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ZeroTrustGatewayCertificateArgs extends com.pulumi.resources.ResourceArgs { + + public static final ZeroTrustGatewayCertificateArgs Empty = new ZeroTrustGatewayCertificateArgs(); + + /** + * The account identifier to target for the resource. + * + */ + @Import(name="accountId", required=true) + private Output accountId; + + /** + * @return The account identifier to target for the resource. + * + */ + public Output accountId() { + return this.accountId; + } + + /** + * Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + */ + @Import(name="activate") + private @Nullable Output activate; + + /** + * @return Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + */ + public Optional> activate() { + return Optional.ofNullable(this.activate); + } + + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + @Import(name="custom") + private @Nullable Output custom; + + /** + * @return The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + public Optional> custom() { + return Optional.ofNullable(this.custom); + } + + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + @Import(name="gatewayManaged") + private @Nullable Output gatewayManaged; + + /** + * @return The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + public Optional> gatewayManaged() { + return Optional.ofNullable(this.gatewayManaged); + } + + /** + * Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + */ + @Import(name="validityPeriodDays") + private @Nullable Output validityPeriodDays; + + /** + * @return Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + */ + public Optional> validityPeriodDays() { + return Optional.ofNullable(this.validityPeriodDays); + } + + private ZeroTrustGatewayCertificateArgs() {} + + private ZeroTrustGatewayCertificateArgs(ZeroTrustGatewayCertificateArgs $) { + this.accountId = $.accountId; + this.activate = $.activate; + this.custom = $.custom; + this.gatewayManaged = $.gatewayManaged; + this.validityPeriodDays = $.validityPeriodDays; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ZeroTrustGatewayCertificateArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ZeroTrustGatewayCertificateArgs $; + + public Builder() { + $ = new ZeroTrustGatewayCertificateArgs(); + } + + public Builder(ZeroTrustGatewayCertificateArgs defaults) { + $ = new ZeroTrustGatewayCertificateArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param accountId The account identifier to target for the resource. + * + * @return builder + * + */ + public Builder accountId(Output accountId) { + $.accountId = accountId; + return this; + } + + /** + * @param accountId The account identifier to target for the resource. + * + * @return builder + * + */ + public Builder accountId(String accountId) { + return accountId(Output.of(accountId)); + } + + /** + * @param activate Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + * @return builder + * + */ + public Builder activate(@Nullable Output activate) { + $.activate = activate; + return this; + } + + /** + * @param activate Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + * @return builder + * + */ + public Builder activate(Boolean activate) { + return activate(Output.of(activate)); + } + + /** + * @param custom The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder custom(@Nullable Output custom) { + $.custom = custom; + return this; + } + + /** + * @param custom The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder custom(Boolean custom) { + return custom(Output.of(custom)); + } + + /** + * @param gatewayManaged The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder gatewayManaged(@Nullable Output gatewayManaged) { + $.gatewayManaged = gatewayManaged; + return this; + } + + /** + * @param gatewayManaged The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder gatewayManaged(Boolean gatewayManaged) { + return gatewayManaged(Output.of(gatewayManaged)); + } + + /** + * @param validityPeriodDays Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + * @return builder + * + */ + public Builder validityPeriodDays(@Nullable Output validityPeriodDays) { + $.validityPeriodDays = validityPeriodDays; + return this; + } + + /** + * @param validityPeriodDays Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + * @return builder + * + */ + public Builder validityPeriodDays(Integer validityPeriodDays) { + return validityPeriodDays(Output.of(validityPeriodDays)); + } + + public ZeroTrustGatewayCertificateArgs build() { + if ($.accountId == null) { + throw new MissingRequiredPropertyException("ZeroTrustGatewayCertificateArgs", "accountId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettings.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettings.java index d2027133b..5788d2633 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettings.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettings.java @@ -9,6 +9,7 @@ import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsAntivirus; import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsBlockPage; import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsBodyScanning; +import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsCertificate; import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsCustomCertificate; import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsExtendedEmailMatching; import com.pulumi.cloudflare.outputs.ZeroTrustGatewaySettingsFips; @@ -97,6 +98,7 @@ * .udp(true) * .rootCa(true) * .virtualIp(false) + * .disableForTime(3600) * .build()) * .urlBrowserIsolationEnabled(true) * .logging(ZeroTrustGatewaySettingsLoggingArgs.builder() @@ -207,14 +209,32 @@ public Output> bodyScanning() { return Codegen.optional(this.bodyScanning); } /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. * */ + @Export(name="certificate", refs={ZeroTrustGatewaySettingsCertificate.class}, tree="[0]") + private Output certificate; + + /** + * @return Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + */ + public Output> certificate() { + return Codegen.optional(this.certificate); + } + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * + */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ @Export(name="customCertificate", refs={ZeroTrustGatewaySettingsCustomCertificate.class}, tree="[0]") private Output customCertificate; /** - * @return Configuration for custom certificates / BYO-PKI. + * @return Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * */ public Output> customCertificate() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettingsArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettingsArgs.java index 022d817b7..b425b99be 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettingsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustGatewaySettingsArgs.java @@ -6,6 +6,7 @@ import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsAntivirusArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBlockPageArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBodyScanningArgs; +import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsCertificateArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsCustomCertificateArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsFipsArgs; @@ -103,16 +104,39 @@ public Optional> bodyScanning() } /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. * */ + @Import(name="certificate") + private @Nullable Output certificate; + + /** + * @return Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + */ + public Optional> certificate() { + return Optional.ofNullable(this.certificate); + } + + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * + */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ @Import(name="customCertificate") private @Nullable Output customCertificate; /** - * @return Configuration for custom certificates / BYO-PKI. + * @return Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Optional> customCertificate() { return Optional.ofNullable(this.customCertificate); } @@ -267,6 +291,7 @@ private ZeroTrustGatewaySettingsArgs(ZeroTrustGatewaySettingsArgs $) { this.antivirus = $.antivirus; this.blockPage = $.blockPage; this.bodyScanning = $.bodyScanning; + this.certificate = $.certificate; this.customCertificate = $.customCertificate; this.extendedEmailMatching = $.extendedEmailMatching; this.fips = $.fips; @@ -404,22 +429,51 @@ public Builder bodyScanning(ZeroTrustGatewaySettingsBodyScanningArgs bodyScannin } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(@Nullable Output certificate) { + $.certificate = certificate; + return this; + } + + /** + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(ZeroTrustGatewaySettingsCertificateArgs certificate) { + return certificate(Output.of(certificate)); + } + + /** + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(@Nullable Output customCertificate) { $.customCertificate = customCertificate; return this; } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(ZeroTrustGatewaySettingsCustomCertificateArgs customCertificate) { return customCertificate(Output.of(customCertificate)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegration.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegration.java index 271c89442..53e7b3858 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegration.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegration.java @@ -14,6 +14,10 @@ import java.lang.String; import javax.annotation.Nullable; +/** + * The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta. + * + */ @ResourceType(type="cloudflare:index/zeroTrustRiskScoreIntegration:ZeroTrustRiskScoreIntegration") public class ZeroTrustRiskScoreIntegration extends com.pulumi.resources.CustomResource { /** @@ -45,34 +49,28 @@ public Output active() { return this.active; } /** - * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * */ @Export(name="integrationType", refs={String.class}, tree="[0]") private Output integrationType; /** - * @return The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @return The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * */ public Output integrationType() { return this.integrationType; } /** - * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * */ @Export(name="referenceId", refs={String.class}, tree="[0]") private Output referenceId; /** - * @return A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @return A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * */ public Output referenceId() { @@ -93,16 +91,14 @@ public Output tenantUrl() { return this.tenantUrl; } /** - * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 * */ @Export(name="wellKnownUrl", refs={String.class}, tree="[0]") private Output wellKnownUrl; /** - * @return The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * @return The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 * */ public Output wellKnownUrl() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegrationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegrationArgs.java index 91a34cf9b..f05d20f5a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegrationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/ZeroTrustRiskScoreIntegrationArgs.java @@ -48,16 +48,14 @@ public Optional> active() { } /** - * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * */ @Import(name="integrationType", required=true) private Output integrationType; /** - * @return The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @return The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * */ public Output integrationType() { @@ -65,18 +63,14 @@ public Output integrationType() { } /** - * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * */ @Import(name="referenceId") private @Nullable Output referenceId; /** - * @return A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @return A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * */ public Optional> referenceId() { @@ -169,8 +163,7 @@ public Builder active(Boolean active) { } /** - * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * * @return builder * @@ -181,8 +174,7 @@ public Builder integrationType(Output integrationType) { } /** - * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * * @return builder * @@ -192,9 +184,7 @@ public Builder integrationType(String integrationType) { } /** - * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * * @return builder * @@ -205,9 +195,7 @@ public Builder referenceId(@Nullable Output referenceId) { } /** - * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeArgs.java index 0be8a510c..b3d2a56c9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeArgs.java @@ -24,9 +24,17 @@ public final class AccessGroupExcludeArgs extends com.pulumi.resources.ResourceA public static final AccessGroupExcludeArgs Empty = new AccessGroupExcludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authContexts() return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluation") private @Nullable Output externalEvaluation; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional> externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(AccessGroupExcludeArgs defaults) { $ = new AccessGroupExcludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(AccessGroupExcludeAuthContextArgs... authContexts) { return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(AccessGroupExcludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,130 +566,298 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(@Nullable Output externalEvaluation) { $.externalEvaluation = externalEvaluation; return this; } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(AccessGroupExcludeExternalEvaluationArgs externalEvaluation) { return externalEvaluation(Output.of(externalEvaluation)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(AccessGroupExcludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(AccessGroupExcludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -482,7 +868,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -492,7 +878,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -532,54 +918,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(AccessGroupExcludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(AccessGroupExcludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAuthContextArgs.java index e52815d65..defb8eaf6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAzureArgs.java index 37a2006bc..868d3fce1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeAzureArgs.java @@ -17,14 +17,14 @@ public final class AccessGroupExcludeAzureArgs extends com.pulumi.resources.Reso public static final AccessGroupExcludeAzureArgs Empty = new AccessGroupExcludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(AccessGroupExcludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeExternalEvaluationArgs.java index f69de6b8f..b2363f224 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class AccessGroupExcludeExternalEvaluationArgs extends com.pulumi.r public static final AccessGroupExcludeExternalEvaluationArgs Empty = new AccessGroupExcludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(AccessGroupExcludeExternalEvaluationArgs defaults) { $ = new AccessGroupExcludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGithubArgs.java index 50a533bc5..01237ea58 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGithubArgs.java @@ -16,23 +16,47 @@ public final class AccessGroupExcludeGithubArgs extends com.pulumi.resources.Res public static final AccessGroupExcludeGithubArgs Empty = new AccessGroupExcludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(AccessGroupExcludeGithubArgs defaults) { $ = new AccessGroupExcludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGsuiteArgs.java index d1ca60cdb..58d8d5a6b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class AccessGroupExcludeGsuiteArgs extends com.pulumi.resources.Res public static final AccessGroupExcludeGsuiteArgs Empty = new AccessGroupExcludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(AccessGroupExcludeGsuiteArgs defaults) { $ = new AccessGroupExcludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeOktaArgs.java index fb0b4ddae..ec441ca8c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeOktaArgs.java @@ -16,16 +16,32 @@ public final class AccessGroupExcludeOktaArgs extends com.pulumi.resources.Resou public static final AccessGroupExcludeOktaArgs Empty = new AccessGroupExcludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(AccessGroupExcludeOktaArgs defaults) { $ = new AccessGroupExcludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeSamlArgs.java index 162fc8eac..b60afeefe 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupExcludeSamlArgs.java @@ -15,23 +15,47 @@ public final class AccessGroupExcludeSamlArgs extends com.pulumi.resources.Resou public static final AccessGroupExcludeSamlArgs Empty = new AccessGroupExcludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(AccessGroupExcludeSamlArgs defaults) { $ = new AccessGroupExcludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeArgs.java index c2838777f..beee4b1e0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeArgs.java @@ -24,9 +24,17 @@ public final class AccessGroupIncludeArgs extends com.pulumi.resources.ResourceA public static final AccessGroupIncludeArgs Empty = new AccessGroupIncludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authContexts() return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluation") private @Nullable Output externalEvaluation; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional> externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(AccessGroupIncludeArgs defaults) { $ = new AccessGroupIncludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(AccessGroupIncludeAuthContextArgs... authContexts) { return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(AccessGroupIncludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,130 +566,298 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(@Nullable Output externalEvaluation) { $.externalEvaluation = externalEvaluation; return this; } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(AccessGroupIncludeExternalEvaluationArgs externalEvaluation) { return externalEvaluation(Output.of(externalEvaluation)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(AccessGroupIncludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(AccessGroupIncludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -482,7 +868,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -492,7 +878,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -532,54 +918,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(AccessGroupIncludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(AccessGroupIncludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAuthContextArgs.java index f0a379939..3ee58e608 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAzureArgs.java index d0bc3e7b9..319c2056d 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeAzureArgs.java @@ -17,14 +17,14 @@ public final class AccessGroupIncludeAzureArgs extends com.pulumi.resources.Reso public static final AccessGroupIncludeAzureArgs Empty = new AccessGroupIncludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(AccessGroupIncludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeExternalEvaluationArgs.java index 3b1a5f209..3eec2b320 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class AccessGroupIncludeExternalEvaluationArgs extends com.pulumi.r public static final AccessGroupIncludeExternalEvaluationArgs Empty = new AccessGroupIncludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(AccessGroupIncludeExternalEvaluationArgs defaults) { $ = new AccessGroupIncludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGithubArgs.java index 02e402cb3..e95cec203 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGithubArgs.java @@ -16,23 +16,47 @@ public final class AccessGroupIncludeGithubArgs extends com.pulumi.resources.Res public static final AccessGroupIncludeGithubArgs Empty = new AccessGroupIncludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(AccessGroupIncludeGithubArgs defaults) { $ = new AccessGroupIncludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGsuiteArgs.java index f46fc8ec9..746e07c13 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class AccessGroupIncludeGsuiteArgs extends com.pulumi.resources.Res public static final AccessGroupIncludeGsuiteArgs Empty = new AccessGroupIncludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(AccessGroupIncludeGsuiteArgs defaults) { $ = new AccessGroupIncludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeOktaArgs.java index bdd5dcd18..9514b9cc8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeOktaArgs.java @@ -16,16 +16,32 @@ public final class AccessGroupIncludeOktaArgs extends com.pulumi.resources.Resou public static final AccessGroupIncludeOktaArgs Empty = new AccessGroupIncludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(AccessGroupIncludeOktaArgs defaults) { $ = new AccessGroupIncludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeSamlArgs.java index 59f7bdb01..1c0382b57 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupIncludeSamlArgs.java @@ -15,23 +15,47 @@ public final class AccessGroupIncludeSamlArgs extends com.pulumi.resources.Resou public static final AccessGroupIncludeSamlArgs Empty = new AccessGroupIncludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(AccessGroupIncludeSamlArgs defaults) { $ = new AccessGroupIncludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireArgs.java index 9a170145c..2acdd7eef 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireArgs.java @@ -24,9 +24,17 @@ public final class AccessGroupRequireArgs extends com.pulumi.resources.ResourceA public static final AccessGroupRequireArgs Empty = new AccessGroupRequireArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authContexts() return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluation") private @Nullable Output externalEvaluation; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional> externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(AccessGroupRequireArgs defaults) { $ = new AccessGroupRequireArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(AccessGroupRequireAuthContextArgs... authContexts) { return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(AccessGroupRequireAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,130 +566,298 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(@Nullable Output externalEvaluation) { $.externalEvaluation = externalEvaluation; return this; } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(AccessGroupRequireExternalEvaluationArgs externalEvaluation) { return externalEvaluation(Output.of(externalEvaluation)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(AccessGroupRequireGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(AccessGroupRequireGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -482,7 +868,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -492,7 +878,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -532,54 +918,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(AccessGroupRequireOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(AccessGroupRequireSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAuthContextArgs.java index a32b7e017..de5064b13 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAzureArgs.java index d920bef36..6cf875b04 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireAzureArgs.java @@ -17,14 +17,14 @@ public final class AccessGroupRequireAzureArgs extends com.pulumi.resources.Reso public static final AccessGroupRequireAzureArgs Empty = new AccessGroupRequireAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(AccessGroupRequireAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireExternalEvaluationArgs.java index 00503aa2b..0f0a3574b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class AccessGroupRequireExternalEvaluationArgs extends com.pulumi.r public static final AccessGroupRequireExternalEvaluationArgs Empty = new AccessGroupRequireExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(AccessGroupRequireExternalEvaluationArgs defaults) { $ = new AccessGroupRequireExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGithubArgs.java index ce8b21be1..cc04240f6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGithubArgs.java @@ -16,23 +16,47 @@ public final class AccessGroupRequireGithubArgs extends com.pulumi.resources.Res public static final AccessGroupRequireGithubArgs Empty = new AccessGroupRequireGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(AccessGroupRequireGithubArgs defaults) { $ = new AccessGroupRequireGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGsuiteArgs.java index af13b0810..65c03da67 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireGsuiteArgs.java @@ -16,16 +16,32 @@ public final class AccessGroupRequireGsuiteArgs extends com.pulumi.resources.Res public static final AccessGroupRequireGsuiteArgs Empty = new AccessGroupRequireGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(AccessGroupRequireGsuiteArgs defaults) { $ = new AccessGroupRequireGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireOktaArgs.java index 0957cdfd9..51b5d96dc 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireOktaArgs.java @@ -16,16 +16,32 @@ public final class AccessGroupRequireOktaArgs extends com.pulumi.resources.Resou public static final AccessGroupRequireOktaArgs Empty = new AccessGroupRequireOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(AccessGroupRequireOktaArgs defaults) { $ = new AccessGroupRequireOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireSamlArgs.java index e1e599398..8d5521aee 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessGroupRequireSamlArgs.java @@ -15,23 +15,47 @@ public final class AccessGroupRequireSamlArgs extends com.pulumi.resources.Resou public static final AccessGroupRequireSamlArgs Empty = new AccessGroupRequireSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(AccessGroupRequireSamlArgs defaults) { $ = new AccessGroupRequireSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeArgs.java index 298287010..df6de6065 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeArgs.java @@ -24,9 +24,17 @@ public final class AccessPolicyExcludeArgs extends com.pulumi.resources.Resource public static final AccessPolicyExcludeArgs Empty = new AccessPolicyExcludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authContexts() return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluation") private @Nullable Output externalEvaluation; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional> externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(AccessPolicyExcludeArgs defaults) { $ = new AccessPolicyExcludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(AccessPolicyExcludeAuthContextArgs... authContexts) return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(AccessPolicyExcludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,130 +566,298 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(@Nullable Output externalEvaluation) { $.externalEvaluation = externalEvaluation; return this; } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(AccessPolicyExcludeExternalEvaluationArgs externalEvaluation) { return externalEvaluation(Output.of(externalEvaluation)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(AccessPolicyExcludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(AccessPolicyExcludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -482,7 +868,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -492,7 +878,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -532,54 +918,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(AccessPolicyExcludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(AccessPolicyExcludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAuthContextArgs.java index 1c0657229..e62e00fb3 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAzureArgs.java index cf4035aab..418103648 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeAzureArgs.java @@ -17,14 +17,14 @@ public final class AccessPolicyExcludeAzureArgs extends com.pulumi.resources.Res public static final AccessPolicyExcludeAzureArgs Empty = new AccessPolicyExcludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(AccessPolicyExcludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeExternalEvaluationArgs.java index dfe98410c..33c3d662b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class AccessPolicyExcludeExternalEvaluationArgs extends com.pulumi. public static final AccessPolicyExcludeExternalEvaluationArgs Empty = new AccessPolicyExcludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(AccessPolicyExcludeExternalEvaluationArgs defaults) { $ = new AccessPolicyExcludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGithubArgs.java index 0f4095463..6608f2afc 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGithubArgs.java @@ -16,23 +16,47 @@ public final class AccessPolicyExcludeGithubArgs extends com.pulumi.resources.Re public static final AccessPolicyExcludeGithubArgs Empty = new AccessPolicyExcludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(AccessPolicyExcludeGithubArgs defaults) { $ = new AccessPolicyExcludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGsuiteArgs.java index 19961d564..c3138f680 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class AccessPolicyExcludeGsuiteArgs extends com.pulumi.resources.Re public static final AccessPolicyExcludeGsuiteArgs Empty = new AccessPolicyExcludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(AccessPolicyExcludeGsuiteArgs defaults) { $ = new AccessPolicyExcludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeOktaArgs.java index e68fe1970..8c6ce8099 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeOktaArgs.java @@ -16,16 +16,32 @@ public final class AccessPolicyExcludeOktaArgs extends com.pulumi.resources.Reso public static final AccessPolicyExcludeOktaArgs Empty = new AccessPolicyExcludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(AccessPolicyExcludeOktaArgs defaults) { $ = new AccessPolicyExcludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeSamlArgs.java index 5b0412baa..767d6ac7a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyExcludeSamlArgs.java @@ -15,23 +15,47 @@ public final class AccessPolicyExcludeSamlArgs extends com.pulumi.resources.Reso public static final AccessPolicyExcludeSamlArgs Empty = new AccessPolicyExcludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(AccessPolicyExcludeSamlArgs defaults) { $ = new AccessPolicyExcludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeArgs.java index 8ad429950..3c96e505a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeArgs.java @@ -24,9 +24,17 @@ public final class AccessPolicyIncludeArgs extends com.pulumi.resources.Resource public static final AccessPolicyIncludeArgs Empty = new AccessPolicyIncludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authContexts() return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluation") private @Nullable Output externalEvaluation; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional> externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(AccessPolicyIncludeArgs defaults) { $ = new AccessPolicyIncludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(AccessPolicyIncludeAuthContextArgs... authContexts) return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(AccessPolicyIncludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,130 +566,298 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(@Nullable Output externalEvaluation) { $.externalEvaluation = externalEvaluation; return this; } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(AccessPolicyIncludeExternalEvaluationArgs externalEvaluation) { return externalEvaluation(Output.of(externalEvaluation)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(AccessPolicyIncludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(AccessPolicyIncludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -482,7 +868,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -492,7 +878,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -532,54 +918,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(AccessPolicyIncludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(AccessPolicyIncludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAuthContextArgs.java index 88a3bbc6c..67dc4f486 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAzureArgs.java index c061522a1..0aa70d5c5 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeAzureArgs.java @@ -17,14 +17,14 @@ public final class AccessPolicyIncludeAzureArgs extends com.pulumi.resources.Res public static final AccessPolicyIncludeAzureArgs Empty = new AccessPolicyIncludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(AccessPolicyIncludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeExternalEvaluationArgs.java index a49a813dd..37db17459 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class AccessPolicyIncludeExternalEvaluationArgs extends com.pulumi. public static final AccessPolicyIncludeExternalEvaluationArgs Empty = new AccessPolicyIncludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(AccessPolicyIncludeExternalEvaluationArgs defaults) { $ = new AccessPolicyIncludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGithubArgs.java index 81d28e553..9e22ec298 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGithubArgs.java @@ -16,23 +16,47 @@ public final class AccessPolicyIncludeGithubArgs extends com.pulumi.resources.Re public static final AccessPolicyIncludeGithubArgs Empty = new AccessPolicyIncludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(AccessPolicyIncludeGithubArgs defaults) { $ = new AccessPolicyIncludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGsuiteArgs.java index 8b81b15a9..4605d35fa 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class AccessPolicyIncludeGsuiteArgs extends com.pulumi.resources.Re public static final AccessPolicyIncludeGsuiteArgs Empty = new AccessPolicyIncludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(AccessPolicyIncludeGsuiteArgs defaults) { $ = new AccessPolicyIncludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeOktaArgs.java index a17066235..786adb6c6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeOktaArgs.java @@ -16,16 +16,32 @@ public final class AccessPolicyIncludeOktaArgs extends com.pulumi.resources.Reso public static final AccessPolicyIncludeOktaArgs Empty = new AccessPolicyIncludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(AccessPolicyIncludeOktaArgs defaults) { $ = new AccessPolicyIncludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeSamlArgs.java index 69292b9e0..895d465ba 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyIncludeSamlArgs.java @@ -15,23 +15,47 @@ public final class AccessPolicyIncludeSamlArgs extends com.pulumi.resources.Reso public static final AccessPolicyIncludeSamlArgs Empty = new AccessPolicyIncludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(AccessPolicyIncludeSamlArgs defaults) { $ = new AccessPolicyIncludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireArgs.java index 8e6c26fe6..eddab6594 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireArgs.java @@ -24,9 +24,17 @@ public final class AccessPolicyRequireArgs extends com.pulumi.resources.Resource public static final AccessPolicyRequireArgs Empty = new AccessPolicyRequireArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authContexts() return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluation") private @Nullable Output externalEvaluation; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional> externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(AccessPolicyRequireArgs defaults) { $ = new AccessPolicyRequireArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(AccessPolicyRequireAuthContextArgs... authContexts) return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(AccessPolicyRequireAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,130 +566,298 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(@Nullable Output externalEvaluation) { $.externalEvaluation = externalEvaluation; return this; } + /** + * @param externalEvaluation Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluation(AccessPolicyRequireExternalEvaluationArgs externalEvaluation) { return externalEvaluation(Output.of(externalEvaluation)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(AccessPolicyRequireGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(AccessPolicyRequireGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -482,7 +868,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -492,7 +878,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -532,54 +918,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(AccessPolicyRequireOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(AccessPolicyRequireSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAuthContextArgs.java index 37c3467dc..939a44d78 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAzureArgs.java index f4160a96d..e68424c4e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireAzureArgs.java @@ -17,14 +17,14 @@ public final class AccessPolicyRequireAzureArgs extends com.pulumi.resources.Res public static final AccessPolicyRequireAzureArgs Empty = new AccessPolicyRequireAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(AccessPolicyRequireAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireExternalEvaluationArgs.java index db3cbef9f..4ee56b0c4 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class AccessPolicyRequireExternalEvaluationArgs extends com.pulumi. public static final AccessPolicyRequireExternalEvaluationArgs Empty = new AccessPolicyRequireExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(AccessPolicyRequireExternalEvaluationArgs defaults) { $ = new AccessPolicyRequireExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGithubArgs.java index 510c6ac56..b5d51721e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGithubArgs.java @@ -16,23 +16,47 @@ public final class AccessPolicyRequireGithubArgs extends com.pulumi.resources.Re public static final AccessPolicyRequireGithubArgs Empty = new AccessPolicyRequireGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(AccessPolicyRequireGithubArgs defaults) { $ = new AccessPolicyRequireGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGsuiteArgs.java index 05a09626f..8de7fdaca 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireGsuiteArgs.java @@ -16,16 +16,32 @@ public final class AccessPolicyRequireGsuiteArgs extends com.pulumi.resources.Re public static final AccessPolicyRequireGsuiteArgs Empty = new AccessPolicyRequireGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(AccessPolicyRequireGsuiteArgs defaults) { $ = new AccessPolicyRequireGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireOktaArgs.java index 282ddc648..7c075ec30 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireOktaArgs.java @@ -16,16 +16,32 @@ public final class AccessPolicyRequireOktaArgs extends com.pulumi.resources.Reso public static final AccessPolicyRequireOktaArgs Empty = new AccessPolicyRequireOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(AccessPolicyRequireOktaArgs defaults) { $ = new AccessPolicyRequireOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireSamlArgs.java index 2cb8a55b9..98b4df97b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyRequireSamlArgs.java @@ -15,23 +15,47 @@ public final class AccessPolicyRequireSamlArgs extends com.pulumi.resources.Reso public static final AccessPolicyRequireSamlArgs Empty = new AccessPolicyRequireSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(AccessPolicyRequireSamlArgs defaults) { $ = new AccessPolicyRequireSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyState.java index 4944c2839..3d8f8ca51 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/AccessPolicyState.java @@ -23,14 +23,14 @@ public final class AccessPolicyState extends com.pulumi.resources.ResourceArgs { public static final AccessPolicyState Empty = new AccessPolicyState(); /** - * The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zone_id`. * */ @Import(name="accountId") private @Nullable Output accountId; /** - * @return The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @return The account identifier to target for the resource. Conflicts with `zone_id`. * */ public Optional> accountId() { @@ -217,14 +217,14 @@ public Optional> sessionDuration() { } /** - * The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `account_id`. * */ @Import(name="zoneId") private @Nullable Output zoneId; /** - * @return The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @return The zone identifier to target for the resource. Conflicts with `account_id`. * */ public Optional> zoneId() { @@ -270,7 +270,7 @@ public Builder(AccessPolicyState defaults) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -281,7 +281,7 @@ public Builder accountId(@Nullable Output accountId) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -574,7 +574,7 @@ public Builder sessionDuration(String sessionDuration) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * @@ -585,7 +585,7 @@ public Builder zoneId(@Nullable Output zoneId) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/BotManagementState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/BotManagementState.java index f753fb9d2..f62b9e614 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/BotManagementState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/BotManagementState.java @@ -16,6 +16,21 @@ public final class BotManagementState extends com.pulumi.resources.ResourceArgs public static final BotManagementState Empty = new BotManagementState(); + /** + * Enable rule to block AI Scrapers and Crawlers. + * + */ + @Import(name="aiBotsProtection") + private @Nullable Output aiBotsProtection; + + /** + * @return Enable rule to block AI Scrapers and Crawlers. + * + */ + public Optional> aiBotsProtection() { + return Optional.ofNullable(this.aiBotsProtection); + } + /** * Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). * @@ -184,6 +199,7 @@ public Optional> zoneId() { private BotManagementState() {} private BotManagementState(BotManagementState $) { + this.aiBotsProtection = $.aiBotsProtection; this.autoUpdateModel = $.autoUpdateModel; this.enableJs = $.enableJs; this.fightMode = $.fightMode; @@ -215,6 +231,27 @@ public Builder(BotManagementState defaults) { $ = new BotManagementState(Objects.requireNonNull(defaults)); } + /** + * @param aiBotsProtection Enable rule to block AI Scrapers and Crawlers. + * + * @return builder + * + */ + public Builder aiBotsProtection(@Nullable Output aiBotsProtection) { + $.aiBotsProtection = aiBotsProtection; + return this; + } + + /** + * @param aiBotsProtection Enable rule to block AI Scrapers and Crawlers. + * + * @return builder + * + */ + public Builder aiBotsProtection(String aiBotsProtection) { + return aiBotsProtection(Output.of(aiBotsProtection)); + } + /** * @param autoUpdateModel Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputArgs.java index 835f910a3..1fb27c19e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputArgs.java @@ -290,14 +290,14 @@ public Optional> lastSeen() { } /** - * List of locations to check for client certificate posture check. + * List of operating system locations to check for a client certificate.. * */ @Import(name="locations") private @Nullable Output> locations; /** - * @return List of locations to check for client certificate posture check. + * @return List of operating system locations to check for a client certificate.. * */ public Optional>> locations() { @@ -560,14 +560,14 @@ public Optional> version() { } /** - * The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ @Import(name="versionOperator") private @Nullable Output versionOperator; /** - * @return The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @return The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ public Optional> versionOperator() { @@ -1033,7 +1033,7 @@ public Builder lastSeen(String lastSeen) { } /** - * @param locations List of locations to check for client certificate posture check. + * @param locations List of operating system locations to check for a client certificate.. * * @return builder * @@ -1044,7 +1044,7 @@ public Builder locations(@Nullable Output locations) { } /** - * @param locations List of locations to check for client certificate posture check. + * @param locations List of operating system locations to check for a client certificate.. * * @return builder * @@ -1421,7 +1421,7 @@ public Builder version(String version) { } /** - * @param versionOperator The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @param versionOperator The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * * @return builder * @@ -1432,7 +1432,7 @@ public Builder versionOperator(@Nullable Output versionOperator) { } /** - * @param versionOperator The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @param versionOperator The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputLocationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputLocationArgs.java index 793fb7068..1e0d66739 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputLocationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DevicePostureRuleInputLocationArgs.java @@ -17,14 +17,14 @@ public final class DevicePostureRuleInputLocationArgs extends com.pulumi.resourc public static final DevicePostureRuleInputLocationArgs Empty = new DevicePostureRuleInputLocationArgs(); /** - * List of paths to check for client certificate. + * List of paths to check for client certificate rule. * */ @Import(name="paths") private @Nullable Output> paths; /** - * @return List of paths to check for client certificate. + * @return List of paths to check for client certificate rule. * */ public Optional>> paths() { @@ -32,14 +32,14 @@ public Optional>> paths() { } /** - * List of trust stores to check for client certificate. Available values: `system`, `user`. + * List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ @Import(name="trustStores") private @Nullable Output> trustStores; /** - * @return List of trust stores to check for client certificate. Available values: `system`, `user`. + * @return List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ public Optional>> trustStores() { @@ -72,7 +72,7 @@ public Builder(DevicePostureRuleInputLocationArgs defaults) { } /** - * @param paths List of paths to check for client certificate. + * @param paths List of paths to check for client certificate rule. * * @return builder * @@ -83,7 +83,7 @@ public Builder paths(@Nullable Output> paths) { } /** - * @param paths List of paths to check for client certificate. + * @param paths List of paths to check for client certificate rule. * * @return builder * @@ -93,7 +93,7 @@ public Builder paths(List paths) { } /** - * @param paths List of paths to check for client certificate. + * @param paths List of paths to check for client certificate rule. * * @return builder * @@ -103,7 +103,7 @@ public Builder paths(String... paths) { } /** - * @param trustStores List of trust stores to check for client certificate. Available values: `system`, `user`. + * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user`. * * @return builder * @@ -114,7 +114,7 @@ public Builder trustStores(@Nullable Output> trustStores) { } /** - * @param trustStores List of trust stores to check for client certificate. Available values: `system`, `user`. + * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user`. * * @return builder * @@ -124,7 +124,7 @@ public Builder trustStores(List trustStores) { } /** - * @param trustStores List of trust stores to check for client certificate. Available values: `system`, `user`. + * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DeviceSettingsPolicyState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DeviceSettingsPolicyState.java index 4b7dd503d..492006768 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DeviceSettingsPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/DeviceSettingsPolicyState.java @@ -288,14 +288,14 @@ public Optional> switchLocked() { } /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ @Import(name="tunnelProtocol") private @Nullable Output tunnelProtocol; /** - * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ public Optional> tunnelProtocol() { @@ -723,7 +723,7 @@ public Builder switchLocked(Boolean switchLocked) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * @@ -734,7 +734,7 @@ public Builder tunnelProtocol(@Nullable Output tunnelProtocol) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesArgs.java index 812fe222d..9a1f321c8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesArgs.java @@ -47,14 +47,14 @@ public Optional> name() { } /** - * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ @Import(name="type") private @Nullable Output type; /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ public Optional> type() { @@ -130,7 +130,7 @@ public Builder name(String name) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * @@ -141,7 +141,7 @@ public Builder type(@Nullable Output type) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesPlainArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesPlainArgs.java index 21fbd28d3..69aa48916 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesPlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/GetDevicePostureRulesPlainArgs.java @@ -46,14 +46,14 @@ public Optional name() { } /** - * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ @Import(name="type") private @Nullable String type; /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ public Optional type() { @@ -109,7 +109,7 @@ public Builder name(@Nullable String name) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/NotificationPolicyState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/NotificationPolicyState.java index 86e3c52e3..078a4993f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/NotificationPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/NotificationPolicyState.java @@ -37,14 +37,14 @@ public Optional> accountId() { } /** - * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * */ @Import(name="alertType") private @Nullable Output alertType; /** - * @return The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @return The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * */ public Optional> alertType() { @@ -242,7 +242,7 @@ public Builder accountId(String accountId) { } /** - * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * * @return builder * @@ -253,7 +253,7 @@ public Builder alertType(@Nullable Output alertType) { } /** - * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + * @param alertType The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersArgs.java index 5ed9c1323..4480fa11a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersArgs.java @@ -7,6 +7,7 @@ import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersAutominifyArgs; import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersBrowserTtlArgs; import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheKeyArgs; +import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersCacheReserveArgs; import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersEdgeTtlArgs; import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromListArgs; import com.pulumi.cloudflare.inputs.RulesetRuleActionParametersFromValueArgs; @@ -154,6 +155,21 @@ public Optional> cacheKey() { return Optional.ofNullable(this.cacheKey); } + /** + * List of cache reserve parameters to apply to the request. + * + */ + @Import(name="cacheReserve") + private @Nullable Output cacheReserve; + + /** + * @return List of cache reserve parameters to apply to the request. + * + */ + public Optional> cacheReserve() { + return Optional.ofNullable(this.cacheReserve); + } + /** * Content of the custom error response. * @@ -832,6 +848,7 @@ private RulesetRuleActionParametersArgs(RulesetRuleActionParametersArgs $) { this.browserTtl = $.browserTtl; this.cache = $.cache; this.cacheKey = $.cacheKey; + this.cacheReserve = $.cacheReserve; this.content = $.content; this.contentType = $.contentType; this.cookieFields = $.cookieFields; @@ -1095,6 +1112,27 @@ public Builder cacheKey(RulesetRuleActionParametersCacheKeyArgs cacheKey) { return cacheKey(Output.of(cacheKey)); } + /** + * @param cacheReserve List of cache reserve parameters to apply to the request. + * + * @return builder + * + */ + public Builder cacheReserve(@Nullable Output cacheReserve) { + $.cacheReserve = cacheReserve; + return this; + } + + /** + * @param cacheReserve List of cache reserve parameters to apply to the request. + * + * @return builder + * + */ + public Builder cacheReserve(RulesetRuleActionParametersCacheReserveArgs cacheReserve) { + return cacheReserve(Output.of(cacheReserve)); + } + /** * @param content Content of the custom error response. * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersCacheReserveArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersCacheReserveArgs.java new file mode 100644 index 000000000..734f2243a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/RulesetRuleActionParametersCacheReserveArgs.java @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RulesetRuleActionParametersCacheReserveArgs extends com.pulumi.resources.ResourceArgs { + + public static final RulesetRuleActionParametersCacheReserveArgs Empty = new RulesetRuleActionParametersCacheReserveArgs(); + + /** + * Determines whether Cloudflare will write the eligible resource to cache reserve. + * + */ + @Import(name="eligible", required=true) + private Output eligible; + + /** + * @return Determines whether Cloudflare will write the eligible resource to cache reserve. + * + */ + public Output eligible() { + return this.eligible; + } + + /** + * The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + */ + @Import(name="minimumFileSize") + private @Nullable Output minimumFileSize; + + /** + * @return The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + */ + public Optional> minimumFileSize() { + return Optional.ofNullable(this.minimumFileSize); + } + + private RulesetRuleActionParametersCacheReserveArgs() {} + + private RulesetRuleActionParametersCacheReserveArgs(RulesetRuleActionParametersCacheReserveArgs $) { + this.eligible = $.eligible; + this.minimumFileSize = $.minimumFileSize; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RulesetRuleActionParametersCacheReserveArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RulesetRuleActionParametersCacheReserveArgs $; + + public Builder() { + $ = new RulesetRuleActionParametersCacheReserveArgs(); + } + + public Builder(RulesetRuleActionParametersCacheReserveArgs defaults) { + $ = new RulesetRuleActionParametersCacheReserveArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param eligible Determines whether Cloudflare will write the eligible resource to cache reserve. + * + * @return builder + * + */ + public Builder eligible(Output eligible) { + $.eligible = eligible; + return this; + } + + /** + * @param eligible Determines whether Cloudflare will write the eligible resource to cache reserve. + * + * @return builder + * + */ + public Builder eligible(Boolean eligible) { + return eligible(Output.of(eligible)); + } + + /** + * @param minimumFileSize The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + * @return builder + * + */ + public Builder minimumFileSize(@Nullable Output minimumFileSize) { + $.minimumFileSize = minimumFileSize; + return this; + } + + /** + * @param minimumFileSize The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + * @return builder + * + */ + public Builder minimumFileSize(Integer minimumFileSize) { + return minimumFileSize(Output.of(minimumFileSize)); + } + + public RulesetRuleActionParametersCacheReserveArgs build() { + if ($.eligible == null) { + throw new MissingRequiredPropertyException("RulesetRuleActionParametersCacheReserveArgs", "eligible"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountCertificateArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountCertificateArgs.java new file mode 100644 index 000000000..c1fa3dde5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountCertificateArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class TeamsAccountCertificateArgs extends com.pulumi.resources.ResourceArgs { + + public static final TeamsAccountCertificateArgs Empty = new TeamsAccountCertificateArgs(); + + /** + * ID of certificate for TLS interception. + * + */ + @Import(name="id", required=true) + private Output id; + + /** + * @return ID of certificate for TLS interception. + * + */ + public Output id() { + return this.id; + } + + private TeamsAccountCertificateArgs() {} + + private TeamsAccountCertificateArgs(TeamsAccountCertificateArgs $) { + this.id = $.id; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(TeamsAccountCertificateArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private TeamsAccountCertificateArgs $; + + public Builder() { + $ = new TeamsAccountCertificateArgs(); + } + + public Builder(TeamsAccountCertificateArgs defaults) { + $ = new TeamsAccountCertificateArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param id ID of certificate for TLS interception. + * + * @return builder + * + */ + public Builder id(Output id) { + $.id = id; + return this; + } + + /** + * @param id ID of certificate for TLS interception. + * + * @return builder + * + */ + public Builder id(String id) { + return id(Output.of(id)); + } + + public TeamsAccountCertificateArgs build() { + if ($.id == null) { + throw new MissingRequiredPropertyException("TeamsAccountCertificateArgs", "id"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountProxyArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountProxyArgs.java index 8705d6265..934a059d8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountProxyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountProxyArgs.java @@ -16,14 +16,14 @@ public final class TeamsAccountProxyArgs extends com.pulumi.resources.ResourceAr public static final TeamsAccountProxyArgs Empty = new TeamsAccountProxyArgs(); /** - * Sets the time limit in seconds that a user can use an override code to bypass WARP + * Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ @Import(name="disableForTime", required=true) private Output disableForTime; /** - * @return Sets the time limit in seconds that a user can use an override code to bypass WARP + * @return Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ public Output disableForTime() { @@ -119,7 +119,7 @@ public Builder(TeamsAccountProxyArgs defaults) { } /** - * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP + * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP. * * @return builder * @@ -130,7 +130,7 @@ public Builder disableForTime(Output disableForTime) { } /** - * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP + * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountState.java index 99e8c76f2..a9c48f3ef 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/TeamsAccountState.java @@ -6,6 +6,7 @@ import com.pulumi.cloudflare.inputs.TeamsAccountAntivirusArgs; import com.pulumi.cloudflare.inputs.TeamsAccountBlockPageArgs; import com.pulumi.cloudflare.inputs.TeamsAccountBodyScanningArgs; +import com.pulumi.cloudflare.inputs.TeamsAccountCertificateArgs; import com.pulumi.cloudflare.inputs.TeamsAccountCustomCertificateArgs; import com.pulumi.cloudflare.inputs.TeamsAccountExtendedEmailMatchingArgs; import com.pulumi.cloudflare.inputs.TeamsAccountFipsArgs; @@ -102,16 +103,39 @@ public Optional> bodyScanning() { } /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. * */ + @Import(name="certificate") + private @Nullable Output certificate; + + /** + * @return Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + */ + public Optional> certificate() { + return Optional.ofNullable(this.certificate); + } + + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * + */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ @Import(name="customCertificate") private @Nullable Output customCertificate; /** - * @return Configuration for custom certificates / BYO-PKI. + * @return Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Optional> customCertificate() { return Optional.ofNullable(this.customCertificate); } @@ -266,6 +290,7 @@ private TeamsAccountState(TeamsAccountState $) { this.antivirus = $.antivirus; this.blockPage = $.blockPage; this.bodyScanning = $.bodyScanning; + this.certificate = $.certificate; this.customCertificate = $.customCertificate; this.extendedEmailMatching = $.extendedEmailMatching; this.fips = $.fips; @@ -403,22 +428,51 @@ public Builder bodyScanning(TeamsAccountBodyScanningArgs bodyScanning) { } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(@Nullable Output certificate) { + $.certificate = certificate; + return this; + } + + /** + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(TeamsAccountCertificateArgs certificate) { + return certificate(Output.of(certificate)); + } + + /** + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(@Nullable Output customCertificate) { $.customCertificate = customCertificate; return this; } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(TeamsAccountCustomCertificateArgs customCertificate) { return customCertificate(Output.of(customCertificate)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WaitingRoomState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WaitingRoomState.java index 5d55831c4..ec5089413 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WaitingRoomState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WaitingRoomState.java @@ -110,14 +110,14 @@ public Optional> disableSessionRenewal() { } /** - * The list of enabled origin commands for the waiting room. Available values: `revoke` + * The list of enabled origin commands for the waiting room. Available values: `revoke`. * */ @Import(name="enabledOriginCommands") private @Nullable Output> enabledOriginCommands; /** - * @return The list of enabled origin commands for the waiting room. Available values: `revoke` + * @return The list of enabled origin commands for the waiting room. Available values: `revoke`. * */ public Optional>> enabledOriginCommands() { @@ -483,7 +483,7 @@ public Builder disableSessionRenewal(Boolean disableSessionRenewal) { } /** - * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke` + * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke`. * * @return builder * @@ -494,7 +494,7 @@ public Builder enabledOriginCommands(@Nullable Output> enabledOrigi } /** - * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke` + * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke`. * * @return builder * @@ -504,7 +504,7 @@ public Builder enabledOriginCommands(List enabledOriginCommands) { } /** - * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke` + * @param enabledOriginCommands The list of enabled origin commands for the waiting room. Available values: `revoke`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptHyperdriveConfigBindingArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptHyperdriveConfigBindingArgs.java new file mode 100644 index 000000000..62457e44e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptHyperdriveConfigBindingArgs.java @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class WorkerScriptHyperdriveConfigBindingArgs extends com.pulumi.resources.ResourceArgs { + + public static final WorkerScriptHyperdriveConfigBindingArgs Empty = new WorkerScriptHyperdriveConfigBindingArgs(); + + /** + * The global variable for the binding in your Worker code. + * + */ + @Import(name="binding", required=true) + private Output binding; + + /** + * @return The global variable for the binding in your Worker code. + * + */ + public Output binding() { + return this.binding; + } + + /** + * The ID of the Hyperdrive config to use. + * + */ + @Import(name="id", required=true) + private Output id; + + /** + * @return The ID of the Hyperdrive config to use. + * + */ + public Output id() { + return this.id; + } + + private WorkerScriptHyperdriveConfigBindingArgs() {} + + private WorkerScriptHyperdriveConfigBindingArgs(WorkerScriptHyperdriveConfigBindingArgs $) { + this.binding = $.binding; + this.id = $.id; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(WorkerScriptHyperdriveConfigBindingArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private WorkerScriptHyperdriveConfigBindingArgs $; + + public Builder() { + $ = new WorkerScriptHyperdriveConfigBindingArgs(); + } + + public Builder(WorkerScriptHyperdriveConfigBindingArgs defaults) { + $ = new WorkerScriptHyperdriveConfigBindingArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param binding The global variable for the binding in your Worker code. + * + * @return builder + * + */ + public Builder binding(Output binding) { + $.binding = binding; + return this; + } + + /** + * @param binding The global variable for the binding in your Worker code. + * + * @return builder + * + */ + public Builder binding(String binding) { + return binding(Output.of(binding)); + } + + /** + * @param id The ID of the Hyperdrive config to use. + * + * @return builder + * + */ + public Builder id(Output id) { + $.id = id; + return this; + } + + /** + * @param id The ID of the Hyperdrive config to use. + * + * @return builder + * + */ + public Builder id(String id) { + return id(Output.of(id)); + } + + public WorkerScriptHyperdriveConfigBindingArgs build() { + if ($.binding == null) { + throw new MissingRequiredPropertyException("WorkerScriptHyperdriveConfigBindingArgs", "binding"); + } + if ($.id == null) { + throw new MissingRequiredPropertyException("WorkerScriptHyperdriveConfigBindingArgs", "id"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptState.java index 98253b0f9..31f8531a4 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkerScriptState.java @@ -5,6 +5,7 @@ import com.pulumi.cloudflare.inputs.WorkerScriptAnalyticsEngineBindingArgs; import com.pulumi.cloudflare.inputs.WorkerScriptD1DatabaseBindingArgs; +import com.pulumi.cloudflare.inputs.WorkerScriptHyperdriveConfigBindingArgs; import com.pulumi.cloudflare.inputs.WorkerScriptKvNamespaceBindingArgs; import com.pulumi.cloudflare.inputs.WorkerScriptPlacementArgs; import com.pulumi.cloudflare.inputs.WorkerScriptPlainTextBindingArgs; @@ -116,6 +117,13 @@ public Optional> dispatchNamespace() { return Optional.ofNullable(this.dispatchNamespace); } + @Import(name="hyperdriveConfigBindings") + private @Nullable Output> hyperdriveConfigBindings; + + public Optional>> hyperdriveConfigBindings() { + return Optional.ofNullable(this.hyperdriveConfigBindings); + } + @Import(name="kvNamespaceBindings") private @Nullable Output> kvNamespaceBindings; @@ -234,6 +242,7 @@ private WorkerScriptState(WorkerScriptState $) { this.content = $.content; this.d1DatabaseBindings = $.d1DatabaseBindings; this.dispatchNamespace = $.dispatchNamespace; + this.hyperdriveConfigBindings = $.hyperdriveConfigBindings; this.kvNamespaceBindings = $.kvNamespaceBindings; this.logpush = $.logpush; this.module = $.module; @@ -407,6 +416,19 @@ public Builder dispatchNamespace(String dispatchNamespace) { return dispatchNamespace(Output.of(dispatchNamespace)); } + public Builder hyperdriveConfigBindings(@Nullable Output> hyperdriveConfigBindings) { + $.hyperdriveConfigBindings = hyperdriveConfigBindings; + return this; + } + + public Builder hyperdriveConfigBindings(List hyperdriveConfigBindings) { + return hyperdriveConfigBindings(Output.of(hyperdriveConfigBindings)); + } + + public Builder hyperdriveConfigBindings(WorkerScriptHyperdriveConfigBindingArgs... hyperdriveConfigBindings) { + return hyperdriveConfigBindings(List.of(hyperdriveConfigBindings)); + } + public Builder kvNamespaceBindings(@Nullable Output> kvNamespaceBindings) { $.kvNamespaceBindings = kvNamespaceBindings; return this; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptHyperdriveConfigBindingArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptHyperdriveConfigBindingArgs.java new file mode 100644 index 000000000..7a6bfe814 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptHyperdriveConfigBindingArgs.java @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class WorkersScriptHyperdriveConfigBindingArgs extends com.pulumi.resources.ResourceArgs { + + public static final WorkersScriptHyperdriveConfigBindingArgs Empty = new WorkersScriptHyperdriveConfigBindingArgs(); + + /** + * The global variable for the binding in your Worker code. + * + */ + @Import(name="binding", required=true) + private Output binding; + + /** + * @return The global variable for the binding in your Worker code. + * + */ + public Output binding() { + return this.binding; + } + + /** + * The ID of the Hyperdrive config to use. + * + */ + @Import(name="id", required=true) + private Output id; + + /** + * @return The ID of the Hyperdrive config to use. + * + */ + public Output id() { + return this.id; + } + + private WorkersScriptHyperdriveConfigBindingArgs() {} + + private WorkersScriptHyperdriveConfigBindingArgs(WorkersScriptHyperdriveConfigBindingArgs $) { + this.binding = $.binding; + this.id = $.id; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(WorkersScriptHyperdriveConfigBindingArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private WorkersScriptHyperdriveConfigBindingArgs $; + + public Builder() { + $ = new WorkersScriptHyperdriveConfigBindingArgs(); + } + + public Builder(WorkersScriptHyperdriveConfigBindingArgs defaults) { + $ = new WorkersScriptHyperdriveConfigBindingArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param binding The global variable for the binding in your Worker code. + * + * @return builder + * + */ + public Builder binding(Output binding) { + $.binding = binding; + return this; + } + + /** + * @param binding The global variable for the binding in your Worker code. + * + * @return builder + * + */ + public Builder binding(String binding) { + return binding(Output.of(binding)); + } + + /** + * @param id The ID of the Hyperdrive config to use. + * + * @return builder + * + */ + public Builder id(Output id) { + $.id = id; + return this; + } + + /** + * @param id The ID of the Hyperdrive config to use. + * + * @return builder + * + */ + public Builder id(String id) { + return id(Output.of(id)); + } + + public WorkersScriptHyperdriveConfigBindingArgs build() { + if ($.binding == null) { + throw new MissingRequiredPropertyException("WorkersScriptHyperdriveConfigBindingArgs", "binding"); + } + if ($.id == null) { + throw new MissingRequiredPropertyException("WorkersScriptHyperdriveConfigBindingArgs", "id"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptState.java index 9590a2073..adb4b474f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/WorkersScriptState.java @@ -5,6 +5,7 @@ import com.pulumi.cloudflare.inputs.WorkersScriptAnalyticsEngineBindingArgs; import com.pulumi.cloudflare.inputs.WorkersScriptD1DatabaseBindingArgs; +import com.pulumi.cloudflare.inputs.WorkersScriptHyperdriveConfigBindingArgs; import com.pulumi.cloudflare.inputs.WorkersScriptKvNamespaceBindingArgs; import com.pulumi.cloudflare.inputs.WorkersScriptPlacementArgs; import com.pulumi.cloudflare.inputs.WorkersScriptPlainTextBindingArgs; @@ -116,6 +117,13 @@ public Optional> dispatchNamespace() { return Optional.ofNullable(this.dispatchNamespace); } + @Import(name="hyperdriveConfigBindings") + private @Nullable Output> hyperdriveConfigBindings; + + public Optional>> hyperdriveConfigBindings() { + return Optional.ofNullable(this.hyperdriveConfigBindings); + } + @Import(name="kvNamespaceBindings") private @Nullable Output> kvNamespaceBindings; @@ -234,6 +242,7 @@ private WorkersScriptState(WorkersScriptState $) { this.content = $.content; this.d1DatabaseBindings = $.d1DatabaseBindings; this.dispatchNamespace = $.dispatchNamespace; + this.hyperdriveConfigBindings = $.hyperdriveConfigBindings; this.kvNamespaceBindings = $.kvNamespaceBindings; this.logpush = $.logpush; this.module = $.module; @@ -407,6 +416,19 @@ public Builder dispatchNamespace(String dispatchNamespace) { return dispatchNamespace(Output.of(dispatchNamespace)); } + public Builder hyperdriveConfigBindings(@Nullable Output> hyperdriveConfigBindings) { + $.hyperdriveConfigBindings = hyperdriveConfigBindings; + return this; + } + + public Builder hyperdriveConfigBindings(List hyperdriveConfigBindings) { + return hyperdriveConfigBindings(Output.of(hyperdriveConfigBindings)); + } + + public Builder hyperdriveConfigBindings(WorkersScriptHyperdriveConfigBindingArgs... hyperdriveConfigBindings) { + return hyperdriveConfigBindings(List.of(hyperdriveConfigBindings)); + } + public Builder kvNamespaceBindings(@Nullable Output> kvNamespaceBindings) { $.kvNamespaceBindings = kvNamespaceBindings; return this; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeArgs.java index 2b7c4036a..176ddf116 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeArgs.java @@ -24,9 +24,17 @@ public final class ZeroTrustAccessGroupExcludeArgs extends com.pulumi.resources. public static final ZeroTrustAccessGroupExcludeArgs Empty = new ZeroTrustAccessGroupExcludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authCo return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluations") private @Nullable Output> externalEvaluations; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional>> externalEvaluations() { return Optional.ofNullable(this.externalEvaluations); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(ZeroTrustAccessGroupExcludeArgs defaults) { $ = new ZeroTrustAccessGroupExcludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(ZeroTrustAccessGroupExcludeAuthContextArgs... authCo return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(ZeroTrustAccessGroupExcludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,134 +566,308 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(@Nullable Output> externalEvaluations) { $.externalEvaluations = externalEvaluations; return this; } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(List externalEvaluations) { return externalEvaluations(Output.of(externalEvaluations)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(ZeroTrustAccessGroupExcludeExternalEvaluationArgs... externalEvaluations) { return externalEvaluations(List.of(externalEvaluations)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(ZeroTrustAccessGroupExcludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(ZeroTrustAccessGroupExcludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -486,7 +878,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -496,7 +888,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -536,54 +928,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(ZeroTrustAccessGroupExcludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(ZeroTrustAccessGroupExcludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.java index a73b69ee9..cf23f9cc1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAzureArgs.java index ffd9680a2..78545a7fc 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeAzureArgs.java @@ -17,14 +17,14 @@ public final class ZeroTrustAccessGroupExcludeAzureArgs extends com.pulumi.resou public static final ZeroTrustAccessGroupExcludeAzureArgs Empty = new ZeroTrustAccessGroupExcludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(ZeroTrustAccessGroupExcludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.java index 00ab023d6..d426fd98f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class ZeroTrustAccessGroupExcludeExternalEvaluationArgs extends com public static final ZeroTrustAccessGroupExcludeExternalEvaluationArgs Empty = new ZeroTrustAccessGroupExcludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(ZeroTrustAccessGroupExcludeExternalEvaluationArgs defaults) { $ = new ZeroTrustAccessGroupExcludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGithubArgs.java index 0186f10d8..a2d6687e7 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGithubArgs.java @@ -16,23 +16,47 @@ public final class ZeroTrustAccessGroupExcludeGithubArgs extends com.pulumi.reso public static final ZeroTrustAccessGroupExcludeGithubArgs Empty = new ZeroTrustAccessGroupExcludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(ZeroTrustAccessGroupExcludeGithubArgs defaults) { $ = new ZeroTrustAccessGroupExcludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.java index 1f3a88d32..c91c8ecc9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessGroupExcludeGsuiteArgs extends com.pulumi.reso public static final ZeroTrustAccessGroupExcludeGsuiteArgs Empty = new ZeroTrustAccessGroupExcludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessGroupExcludeGsuiteArgs defaults) { $ = new ZeroTrustAccessGroupExcludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeOktaArgs.java index ae88b5ac5..3299f6418 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeOktaArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessGroupExcludeOktaArgs extends com.pulumi.resour public static final ZeroTrustAccessGroupExcludeOktaArgs Empty = new ZeroTrustAccessGroupExcludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessGroupExcludeOktaArgs defaults) { $ = new ZeroTrustAccessGroupExcludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeSamlArgs.java index 70b6cf11c..0cacd2604 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupExcludeSamlArgs.java @@ -15,23 +15,47 @@ public final class ZeroTrustAccessGroupExcludeSamlArgs extends com.pulumi.resour public static final ZeroTrustAccessGroupExcludeSamlArgs Empty = new ZeroTrustAccessGroupExcludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(ZeroTrustAccessGroupExcludeSamlArgs defaults) { $ = new ZeroTrustAccessGroupExcludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeArgs.java index d3abf47ec..70ea456d7 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeArgs.java @@ -24,9 +24,17 @@ public final class ZeroTrustAccessGroupIncludeArgs extends com.pulumi.resources. public static final ZeroTrustAccessGroupIncludeArgs Empty = new ZeroTrustAccessGroupIncludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authCo return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluations") private @Nullable Output> externalEvaluations; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional>> externalEvaluations() { return Optional.ofNullable(this.externalEvaluations); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(ZeroTrustAccessGroupIncludeArgs defaults) { $ = new ZeroTrustAccessGroupIncludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(ZeroTrustAccessGroupIncludeAuthContextArgs... authCo return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(ZeroTrustAccessGroupIncludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,134 +566,308 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(@Nullable Output> externalEvaluations) { $.externalEvaluations = externalEvaluations; return this; } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(List externalEvaluations) { return externalEvaluations(Output.of(externalEvaluations)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(ZeroTrustAccessGroupIncludeExternalEvaluationArgs... externalEvaluations) { return externalEvaluations(List.of(externalEvaluations)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(ZeroTrustAccessGroupIncludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(ZeroTrustAccessGroupIncludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -486,7 +878,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -496,7 +888,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -536,54 +928,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(ZeroTrustAccessGroupIncludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(ZeroTrustAccessGroupIncludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.java index 6d17b6954..949a01145 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAzureArgs.java index 9ea977fc3..d84bc74ab 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeAzureArgs.java @@ -17,14 +17,14 @@ public final class ZeroTrustAccessGroupIncludeAzureArgs extends com.pulumi.resou public static final ZeroTrustAccessGroupIncludeAzureArgs Empty = new ZeroTrustAccessGroupIncludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(ZeroTrustAccessGroupIncludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.java index dafebebe0..dde304f3a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class ZeroTrustAccessGroupIncludeExternalEvaluationArgs extends com public static final ZeroTrustAccessGroupIncludeExternalEvaluationArgs Empty = new ZeroTrustAccessGroupIncludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(ZeroTrustAccessGroupIncludeExternalEvaluationArgs defaults) { $ = new ZeroTrustAccessGroupIncludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGithubArgs.java index 26047a20e..15adb68e8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGithubArgs.java @@ -16,23 +16,47 @@ public final class ZeroTrustAccessGroupIncludeGithubArgs extends com.pulumi.reso public static final ZeroTrustAccessGroupIncludeGithubArgs Empty = new ZeroTrustAccessGroupIncludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(ZeroTrustAccessGroupIncludeGithubArgs defaults) { $ = new ZeroTrustAccessGroupIncludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.java index d9c488213..40a67ec6e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessGroupIncludeGsuiteArgs extends com.pulumi.reso public static final ZeroTrustAccessGroupIncludeGsuiteArgs Empty = new ZeroTrustAccessGroupIncludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessGroupIncludeGsuiteArgs defaults) { $ = new ZeroTrustAccessGroupIncludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeOktaArgs.java index 930297d23..7e4d0081c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeOktaArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessGroupIncludeOktaArgs extends com.pulumi.resour public static final ZeroTrustAccessGroupIncludeOktaArgs Empty = new ZeroTrustAccessGroupIncludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessGroupIncludeOktaArgs defaults) { $ = new ZeroTrustAccessGroupIncludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeSamlArgs.java index ebbe75090..51d7af1b7 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupIncludeSamlArgs.java @@ -15,23 +15,47 @@ public final class ZeroTrustAccessGroupIncludeSamlArgs extends com.pulumi.resour public static final ZeroTrustAccessGroupIncludeSamlArgs Empty = new ZeroTrustAccessGroupIncludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(ZeroTrustAccessGroupIncludeSamlArgs defaults) { $ = new ZeroTrustAccessGroupIncludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireArgs.java index ab8f56831..408528ed5 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireArgs.java @@ -24,9 +24,17 @@ public final class ZeroTrustAccessGroupRequireArgs extends com.pulumi.resources. public static final ZeroTrustAccessGroupRequireArgs Empty = new ZeroTrustAccessGroupRequireArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authCo return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluations") private @Nullable Output> externalEvaluations; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional>> externalEvaluations() { return Optional.ofNullable(this.externalEvaluations); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(ZeroTrustAccessGroupRequireArgs defaults) { $ = new ZeroTrustAccessGroupRequireArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(ZeroTrustAccessGroupRequireAuthContextArgs... authCo return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(ZeroTrustAccessGroupRequireAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,134 +566,308 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(@Nullable Output> externalEvaluations) { $.externalEvaluations = externalEvaluations; return this; } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(List externalEvaluations) { return externalEvaluations(Output.of(externalEvaluations)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(ZeroTrustAccessGroupRequireExternalEvaluationArgs... externalEvaluations) { return externalEvaluations(List.of(externalEvaluations)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(ZeroTrustAccessGroupRequireGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(ZeroTrustAccessGroupRequireGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -486,7 +878,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -496,7 +888,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -536,54 +928,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(ZeroTrustAccessGroupRequireOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(ZeroTrustAccessGroupRequireSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAuthContextArgs.java index 78b413686..e6692d675 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAzureArgs.java index 1fa86d715..3e430b5c2 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireAzureArgs.java @@ -17,14 +17,14 @@ public final class ZeroTrustAccessGroupRequireAzureArgs extends com.pulumi.resou public static final ZeroTrustAccessGroupRequireAzureArgs Empty = new ZeroTrustAccessGroupRequireAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(ZeroTrustAccessGroupRequireAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.java index 707772a43..27c6f2f85 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class ZeroTrustAccessGroupRequireExternalEvaluationArgs extends com public static final ZeroTrustAccessGroupRequireExternalEvaluationArgs Empty = new ZeroTrustAccessGroupRequireExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(ZeroTrustAccessGroupRequireExternalEvaluationArgs defaults) { $ = new ZeroTrustAccessGroupRequireExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGithubArgs.java index 186464e8d..c42dc218c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGithubArgs.java @@ -16,23 +16,47 @@ public final class ZeroTrustAccessGroupRequireGithubArgs extends com.pulumi.reso public static final ZeroTrustAccessGroupRequireGithubArgs Empty = new ZeroTrustAccessGroupRequireGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(ZeroTrustAccessGroupRequireGithubArgs defaults) { $ = new ZeroTrustAccessGroupRequireGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGsuiteArgs.java index fc766da6b..c1ceae6cd 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireGsuiteArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessGroupRequireGsuiteArgs extends com.pulumi.reso public static final ZeroTrustAccessGroupRequireGsuiteArgs Empty = new ZeroTrustAccessGroupRequireGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessGroupRequireGsuiteArgs defaults) { $ = new ZeroTrustAccessGroupRequireGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireOktaArgs.java index 0baa08ede..35f02de9b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireOktaArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessGroupRequireOktaArgs extends com.pulumi.resour public static final ZeroTrustAccessGroupRequireOktaArgs Empty = new ZeroTrustAccessGroupRequireOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessGroupRequireOktaArgs defaults) { $ = new ZeroTrustAccessGroupRequireOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireSamlArgs.java index d117f9294..774dbbe81 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessGroupRequireSamlArgs.java @@ -15,23 +15,47 @@ public final class ZeroTrustAccessGroupRequireSamlArgs extends com.pulumi.resour public static final ZeroTrustAccessGroupRequireSamlArgs Empty = new ZeroTrustAccessGroupRequireSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(ZeroTrustAccessGroupRequireSamlArgs defaults) { $ = new ZeroTrustAccessGroupRequireSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeArgs.java index 2b2eacbc0..4c0bdaba5 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeArgs.java @@ -24,9 +24,17 @@ public final class ZeroTrustAccessPolicyExcludeArgs extends com.pulumi.resources public static final ZeroTrustAccessPolicyExcludeArgs Empty = new ZeroTrustAccessPolicyExcludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authC return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluations") private @Nullable Output> externalEvaluations; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional>> externalEvaluations() { return Optional.ofNullable(this.externalEvaluations); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(ZeroTrustAccessPolicyExcludeArgs defaults) { $ = new ZeroTrustAccessPolicyExcludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(ZeroTrustAccessPolicyExcludeAuthContextArgs... authC return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(ZeroTrustAccessPolicyExcludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,134 +566,308 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(@Nullable Output> externalEvaluations) { $.externalEvaluations = externalEvaluations; return this; } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(List externalEvaluations) { return externalEvaluations(Output.of(externalEvaluations)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(ZeroTrustAccessPolicyExcludeExternalEvaluationArgs... externalEvaluations) { return externalEvaluations(List.of(externalEvaluations)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(ZeroTrustAccessPolicyExcludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(ZeroTrustAccessPolicyExcludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -486,7 +878,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -496,7 +888,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -536,54 +928,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(ZeroTrustAccessPolicyExcludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(ZeroTrustAccessPolicyExcludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.java index 794f025b2..69ae97420 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAzureArgs.java index 498b4692f..9f233b1f0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeAzureArgs.java @@ -17,14 +17,14 @@ public final class ZeroTrustAccessPolicyExcludeAzureArgs extends com.pulumi.reso public static final ZeroTrustAccessPolicyExcludeAzureArgs Empty = new ZeroTrustAccessPolicyExcludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(ZeroTrustAccessPolicyExcludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.java index 575c9f665..98f4dbfc9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class ZeroTrustAccessPolicyExcludeExternalEvaluationArgs extends co public static final ZeroTrustAccessPolicyExcludeExternalEvaluationArgs Empty = new ZeroTrustAccessPolicyExcludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(ZeroTrustAccessPolicyExcludeExternalEvaluationArgs defaults) { $ = new ZeroTrustAccessPolicyExcludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGithubArgs.java index 9c7604f3a..2b9fa6b89 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGithubArgs.java @@ -16,23 +16,47 @@ public final class ZeroTrustAccessPolicyExcludeGithubArgs extends com.pulumi.res public static final ZeroTrustAccessPolicyExcludeGithubArgs Empty = new ZeroTrustAccessPolicyExcludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(ZeroTrustAccessPolicyExcludeGithubArgs defaults) { $ = new ZeroTrustAccessPolicyExcludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.java index e23428554..0cbbe496a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessPolicyExcludeGsuiteArgs extends com.pulumi.res public static final ZeroTrustAccessPolicyExcludeGsuiteArgs Empty = new ZeroTrustAccessPolicyExcludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessPolicyExcludeGsuiteArgs defaults) { $ = new ZeroTrustAccessPolicyExcludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeOktaArgs.java index ef5c019c9..db2d3357b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeOktaArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessPolicyExcludeOktaArgs extends com.pulumi.resou public static final ZeroTrustAccessPolicyExcludeOktaArgs Empty = new ZeroTrustAccessPolicyExcludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessPolicyExcludeOktaArgs defaults) { $ = new ZeroTrustAccessPolicyExcludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeSamlArgs.java index 0b48484ea..2ca41c2fe 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyExcludeSamlArgs.java @@ -15,23 +15,47 @@ public final class ZeroTrustAccessPolicyExcludeSamlArgs extends com.pulumi.resou public static final ZeroTrustAccessPolicyExcludeSamlArgs Empty = new ZeroTrustAccessPolicyExcludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(ZeroTrustAccessPolicyExcludeSamlArgs defaults) { $ = new ZeroTrustAccessPolicyExcludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeArgs.java index aa60e2752..14a05455d 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeArgs.java @@ -24,9 +24,17 @@ public final class ZeroTrustAccessPolicyIncludeArgs extends com.pulumi.resources public static final ZeroTrustAccessPolicyIncludeArgs Empty = new ZeroTrustAccessPolicyIncludeArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authC return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluations") private @Nullable Output> externalEvaluations; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional>> externalEvaluations() { return Optional.ofNullable(this.externalEvaluations); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(ZeroTrustAccessPolicyIncludeArgs defaults) { $ = new ZeroTrustAccessPolicyIncludeArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(ZeroTrustAccessPolicyIncludeAuthContextArgs... authC return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(ZeroTrustAccessPolicyIncludeAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,134 +566,308 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(@Nullable Output> externalEvaluations) { $.externalEvaluations = externalEvaluations; return this; } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(List externalEvaluations) { return externalEvaluations(Output.of(externalEvaluations)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(ZeroTrustAccessPolicyIncludeExternalEvaluationArgs... externalEvaluations) { return externalEvaluations(List.of(externalEvaluations)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(ZeroTrustAccessPolicyIncludeGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(ZeroTrustAccessPolicyIncludeGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -486,7 +878,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -496,7 +888,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -536,54 +928,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(ZeroTrustAccessPolicyIncludeOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(ZeroTrustAccessPolicyIncludeSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.java index d4eb3da77..53795e692 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAzureArgs.java index 608c4fbf7..c43429db0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeAzureArgs.java @@ -17,14 +17,14 @@ public final class ZeroTrustAccessPolicyIncludeAzureArgs extends com.pulumi.reso public static final ZeroTrustAccessPolicyIncludeAzureArgs Empty = new ZeroTrustAccessPolicyIncludeAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(ZeroTrustAccessPolicyIncludeAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.java index 04aaae29e..1428ccb2a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class ZeroTrustAccessPolicyIncludeExternalEvaluationArgs extends co public static final ZeroTrustAccessPolicyIncludeExternalEvaluationArgs Empty = new ZeroTrustAccessPolicyIncludeExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(ZeroTrustAccessPolicyIncludeExternalEvaluationArgs defaults) { $ = new ZeroTrustAccessPolicyIncludeExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGithubArgs.java index d357791c7..9ac05148f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGithubArgs.java @@ -16,23 +16,47 @@ public final class ZeroTrustAccessPolicyIncludeGithubArgs extends com.pulumi.res public static final ZeroTrustAccessPolicyIncludeGithubArgs Empty = new ZeroTrustAccessPolicyIncludeGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(ZeroTrustAccessPolicyIncludeGithubArgs defaults) { $ = new ZeroTrustAccessPolicyIncludeGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.java index db3c1d19f..009a6cda7 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeGsuiteArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessPolicyIncludeGsuiteArgs extends com.pulumi.res public static final ZeroTrustAccessPolicyIncludeGsuiteArgs Empty = new ZeroTrustAccessPolicyIncludeGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessPolicyIncludeGsuiteArgs defaults) { $ = new ZeroTrustAccessPolicyIncludeGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeOktaArgs.java index d5fc6e5de..c2115604c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeOktaArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessPolicyIncludeOktaArgs extends com.pulumi.resou public static final ZeroTrustAccessPolicyIncludeOktaArgs Empty = new ZeroTrustAccessPolicyIncludeOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessPolicyIncludeOktaArgs defaults) { $ = new ZeroTrustAccessPolicyIncludeOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeSamlArgs.java index 3eeb3fe75..a2501aa91 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyIncludeSamlArgs.java @@ -15,23 +15,47 @@ public final class ZeroTrustAccessPolicyIncludeSamlArgs extends com.pulumi.resou public static final ZeroTrustAccessPolicyIncludeSamlArgs Empty = new ZeroTrustAccessPolicyIncludeSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(ZeroTrustAccessPolicyIncludeSamlArgs defaults) { $ = new ZeroTrustAccessPolicyIncludeSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireArgs.java index 1335c4bec..fddaac02e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireArgs.java @@ -24,9 +24,17 @@ public final class ZeroTrustAccessPolicyRequireArgs extends com.pulumi.resources public static final ZeroTrustAccessPolicyRequireArgs Empty = new ZeroTrustAccessPolicyRequireArgs(); + /** + * Matches any valid Access service token. + * + */ @Import(name="anyValidServiceToken") private @Nullable Output anyValidServiceToken; + /** + * @return Matches any valid Access service token. + * + */ public Optional> anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } @@ -38,30 +46,62 @@ public Optional>> authC return Optional.ofNullable(this.authContexts); } + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ @Import(name="authMethod") private @Nullable Output authMethod; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional> authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * Matches an Azure group. Requires an Azure identity provider. + * + */ @Import(name="azures") private @Nullable Output> azures; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public Optional>> azures() { return Optional.ofNullable(this.azures); } + /** + * Matches any valid client certificate. + * + */ @Import(name="certificate") private @Nullable Output certificate; + /** + * @return Matches any valid client certificate. + * + */ public Optional> certificate() { return Optional.ofNullable(this.certificate); } + /** + * Matches a valid client certificate common name. + * + */ @Import(name="commonName") private @Nullable Output commonName; + /** + * @return Matches a valid client certificate common name. + * + */ public Optional> commonName() { return Optional.ofNullable(this.commonName); } @@ -81,85 +121,165 @@ public Optional>> commonNames() { return Optional.ofNullable(this.commonNames); } + /** + * The ID of a device posture integration. + * + */ @Import(name="devicePostures") private @Nullable Output> devicePostures; + /** + * @return The ID of a device posture integration. + * + */ public Optional>> devicePostures() { return Optional.ofNullable(this.devicePostures); } + /** + * The email domain to match. + * + */ @Import(name="emailDomains") private @Nullable Output> emailDomains; + /** + * @return The email domain to match. + * + */ public Optional>> emailDomains() { return Optional.ofNullable(this.emailDomains); } + /** + * The ID of a previously created email list. + * + */ @Import(name="emailLists") private @Nullable Output> emailLists; + /** + * @return The ID of a previously created email list. + * + */ public Optional>> emailLists() { return Optional.ofNullable(this.emailLists); } + /** + * The email of the user. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the user. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * Matches everyone. + * + */ @Import(name="everyone") private @Nullable Output everyone; + /** + * @return Matches everyone. + * + */ public Optional> everyone() { return Optional.ofNullable(this.everyone); } + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ @Import(name="externalEvaluations") private @Nullable Output> externalEvaluations; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional>> externalEvaluations() { return Optional.ofNullable(this.externalEvaluations); } + /** + * Matches a specific country. + * + */ @Import(name="geos") private @Nullable Output> geos; + /** + * @return Matches a specific country. + * + */ public Optional>> geos() { return Optional.ofNullable(this.geos); } + /** + * Matches a Github organization. Requires a Github identity provider. + * + */ @Import(name="githubs") private @Nullable Output> githubs; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public Optional>> githubs() { return Optional.ofNullable(this.githubs); } + /** + * The ID of a previously created Access group. + * + */ @Import(name="groups") private @Nullable Output> groups; + /** + * @return The ID of a previously created Access group. + * + */ public Optional>> groups() { return Optional.ofNullable(this.groups); } + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ @Import(name="gsuites") private @Nullable Output> gsuites; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public Optional>> gsuites() { return Optional.ofNullable(this.gsuites); } /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. * */ @Import(name="ipLists") private @Nullable Output> ipLists; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public Optional>> ipLists() { @@ -181,30 +301,62 @@ public Optional>> ips() { return Optional.ofNullable(this.ips); } + /** + * The ID of a configured identity provider. + * + */ @Import(name="loginMethods") private @Nullable Output> loginMethods; + /** + * @return The ID of a configured identity provider. + * + */ public Optional>> loginMethods() { return Optional.ofNullable(this.loginMethods); } + /** + * Matches an Okta group. Requires an Okta identity provider. + * + */ @Import(name="oktas") private @Nullable Output> oktas; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public Optional>> oktas() { return Optional.ofNullable(this.oktas); } + /** + * Matches a SAML group. Requires a SAML identity provider. + * + */ @Import(name="samls") private @Nullable Output> samls; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public Optional>> samls() { return Optional.ofNullable(this.samls); } + /** + * The ID of an Access service token. + * + */ @Import(name="serviceTokens") private @Nullable Output> serviceTokens; + /** + * @return The ID of an Access service token. + * + */ public Optional>> serviceTokens() { return Optional.ofNullable(this.serviceTokens); } @@ -255,11 +407,23 @@ public Builder(ZeroTrustAccessPolicyRequireArgs defaults) { $ = new ZeroTrustAccessPolicyRequireArgs(Objects.requireNonNull(defaults)); } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(@Nullable Output anyValidServiceToken) { $.anyValidServiceToken = anyValidServiceToken; return this; } + /** + * @param anyValidServiceToken Matches any valid Access service token. + * + * @return builder + * + */ public Builder anyValidServiceToken(Boolean anyValidServiceToken) { return anyValidServiceToken(Output.of(anyValidServiceToken)); } @@ -277,42 +441,96 @@ public Builder authContexts(ZeroTrustAccessPolicyRequireAuthContextArgs... authC return authContexts(List.of(authContexts)); } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(@Nullable Output authMethod) { $.authMethod = authMethod; return this; } + /** + * @param authMethod The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + * @return builder + * + */ public Builder authMethod(String authMethod) { return authMethod(Output.of(authMethod)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(@Nullable Output> azures) { $.azures = azures; return this; } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(List azures) { return azures(Output.of(azures)); } + /** + * @param azures Matches an Azure group. Requires an Azure identity provider. + * + * @return builder + * + */ public Builder azures(ZeroTrustAccessPolicyRequireAzureArgs... azures) { return azures(List.of(azures)); } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(@Nullable Output certificate) { $.certificate = certificate; return this; } + /** + * @param certificate Matches any valid client certificate. + * + * @return builder + * + */ public Builder certificate(Boolean certificate) { return certificate(Output.of(certificate)); } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(@Nullable Output commonName) { $.commonName = commonName; return this; } + /** + * @param commonName Matches a valid client certificate common name. + * + * @return builder + * + */ public Builder commonName(String commonName) { return commonName(Output.of(commonName)); } @@ -348,134 +566,308 @@ public Builder commonNames(String... commonNames) { return commonNames(List.of(commonNames)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(@Nullable Output> devicePostures) { $.devicePostures = devicePostures; return this; } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(List devicePostures) { return devicePostures(Output.of(devicePostures)); } + /** + * @param devicePostures The ID of a device posture integration. + * + * @return builder + * + */ public Builder devicePostures(String... devicePostures) { return devicePostures(List.of(devicePostures)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(@Nullable Output> emailDomains) { $.emailDomains = emailDomains; return this; } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(List emailDomains) { return emailDomains(Output.of(emailDomains)); } + /** + * @param emailDomains The email domain to match. + * + * @return builder + * + */ public Builder emailDomains(String... emailDomains) { return emailDomains(List.of(emailDomains)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(@Nullable Output> emailLists) { $.emailLists = emailLists; return this; } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(List emailLists) { return emailLists(Output.of(emailLists)); } + /** + * @param emailLists The ID of a previously created email list. + * + * @return builder + * + */ public Builder emailLists(String... emailLists) { return emailLists(List.of(emailLists)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the user. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(@Nullable Output everyone) { $.everyone = everyone; return this; } + /** + * @param everyone Matches everyone. + * + * @return builder + * + */ public Builder everyone(Boolean everyone) { return everyone(Output.of(everyone)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(@Nullable Output> externalEvaluations) { $.externalEvaluations = externalEvaluations; return this; } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(List externalEvaluations) { return externalEvaluations(Output.of(externalEvaluations)); } + /** + * @param externalEvaluations Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + * @return builder + * + */ public Builder externalEvaluations(ZeroTrustAccessPolicyRequireExternalEvaluationArgs... externalEvaluations) { return externalEvaluations(List.of(externalEvaluations)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(@Nullable Output> geos) { $.geos = geos; return this; } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(List geos) { return geos(Output.of(geos)); } + /** + * @param geos Matches a specific country. + * + * @return builder + * + */ public Builder geos(String... geos) { return geos(List.of(geos)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(@Nullable Output> githubs) { $.githubs = githubs; return this; } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(List githubs) { return githubs(Output.of(githubs)); } + /** + * @param githubs Matches a Github organization. Requires a Github identity provider. + * + * @return builder + * + */ public Builder githubs(ZeroTrustAccessPolicyRequireGithubArgs... githubs) { return githubs(List.of(githubs)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(@Nullable Output> groups) { $.groups = groups; return this; } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(List groups) { return groups(Output.of(groups)); } + /** + * @param groups The ID of a previously created Access group. + * + * @return builder + * + */ public Builder groups(String... groups) { return groups(List.of(groups)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(@Nullable Output> gsuites) { $.gsuites = gsuites; return this; } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(List gsuites) { return gsuites(Output.of(gsuites)); } + /** + * @param gsuites Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + * @return builder + * + */ public Builder gsuites(ZeroTrustAccessPolicyRequireGsuiteArgs... gsuites) { return gsuites(List.of(gsuites)); } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -486,7 +878,7 @@ public Builder ipLists(@Nullable Output> ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -496,7 +888,7 @@ public Builder ipLists(List ipLists) { } /** - * @param ipLists The ID of an existing IP list to reference. + * @param ipLists The ID of a previously created IP list. * * @return builder * @@ -536,54 +928,126 @@ public Builder ips(String... ips) { return ips(List.of(ips)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(@Nullable Output> loginMethods) { $.loginMethods = loginMethods; return this; } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(List loginMethods) { return loginMethods(Output.of(loginMethods)); } + /** + * @param loginMethods The ID of a configured identity provider. + * + * @return builder + * + */ public Builder loginMethods(String... loginMethods) { return loginMethods(List.of(loginMethods)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(@Nullable Output> oktas) { $.oktas = oktas; return this; } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(List oktas) { return oktas(Output.of(oktas)); } + /** + * @param oktas Matches an Okta group. Requires an Okta identity provider. + * + * @return builder + * + */ public Builder oktas(ZeroTrustAccessPolicyRequireOktaArgs... oktas) { return oktas(List.of(oktas)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(@Nullable Output> samls) { $.samls = samls; return this; } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(List samls) { return samls(Output.of(samls)); } + /** + * @param samls Matches a SAML group. Requires a SAML identity provider. + * + * @return builder + * + */ public Builder samls(ZeroTrustAccessPolicyRequireSamlArgs... samls) { return samls(List.of(samls)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(@Nullable Output> serviceTokens) { $.serviceTokens = serviceTokens; return this; } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(List serviceTokens) { return serviceTokens(Output.of(serviceTokens)); } + /** + * @param serviceTokens The ID of an Access service token. + * + * @return builder + * + */ public Builder serviceTokens(String... serviceTokens) { return serviceTokens(List.of(serviceTokens)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.java index 327340f9d..b7e31e7ef 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAuthContextArgs.java @@ -45,14 +45,14 @@ public Output id() { } /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId", required=true) private Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Output identityProviderId() { @@ -128,7 +128,7 @@ public Builder id(String id) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -139,7 +139,7 @@ public Builder identityProviderId(Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAzureArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAzureArgs.java index 06ee88444..2bc06c75f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAzureArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireAzureArgs.java @@ -17,14 +17,14 @@ public final class ZeroTrustAccessPolicyRequireAzureArgs extends com.pulumi.reso public static final ZeroTrustAccessPolicyRequireAzureArgs Empty = new ZeroTrustAccessPolicyRequireAzureArgs(); /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. * */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional> identityProviderId() { @@ -72,7 +72,7 @@ public Builder(ZeroTrustAccessPolicyRequireAzureArgs defaults) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * @@ -83,7 +83,7 @@ public Builder identityProviderId(@Nullable Output identityProviderId) { } /** - * @param identityProviderId The ID of the Azure Identity provider. + * @param identityProviderId The ID of the Azure identity provider. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.java index 2a6b96c29..2df32fb14 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireExternalEvaluationArgs.java @@ -15,16 +15,32 @@ public final class ZeroTrustAccessPolicyRequireExternalEvaluationArgs extends co public static final ZeroTrustAccessPolicyRequireExternalEvaluationArgs Empty = new ZeroTrustAccessPolicyRequireExternalEvaluationArgs(); + /** + * The API endpoint containing your business logic. + * + */ @Import(name="evaluateUrl") private @Nullable Output evaluateUrl; + /** + * @return The API endpoint containing your business logic. + * + */ public Optional> evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ @Import(name="keysUrl") private @Nullable Output keysUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional> keysUrl() { return Optional.ofNullable(this.keysUrl); } @@ -54,20 +70,44 @@ public Builder(ZeroTrustAccessPolicyRequireExternalEvaluationArgs defaults) { $ = new ZeroTrustAccessPolicyRequireExternalEvaluationArgs(Objects.requireNonNull(defaults)); } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(@Nullable Output evaluateUrl) { $.evaluateUrl = evaluateUrl; return this; } + /** + * @param evaluateUrl The API endpoint containing your business logic. + * + * @return builder + * + */ public Builder evaluateUrl(String evaluateUrl) { return evaluateUrl(Output.of(evaluateUrl)); } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(@Nullable Output keysUrl) { $.keysUrl = keysUrl; return this; } + /** + * @param keysUrl The API endpoint containing the key that Access uses to verify that the response came from your API. + * + * @return builder + * + */ public Builder keysUrl(String keysUrl) { return keysUrl(Output.of(keysUrl)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGithubArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGithubArgs.java index e0e88dd9c..e55e66d30 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGithubArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGithubArgs.java @@ -16,23 +16,47 @@ public final class ZeroTrustAccessPolicyRequireGithubArgs extends com.pulumi.res public static final ZeroTrustAccessPolicyRequireGithubArgs Empty = new ZeroTrustAccessPolicyRequireGithubArgs(); + /** + * The ID of your Github identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Github identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the organization. + * + */ @Import(name="name") private @Nullable Output name; + /** + * @return The name of the organization. + * + */ public Optional> name() { return Optional.ofNullable(this.name); } + /** + * The teams that should be matched. + * + */ @Import(name="teams") private @Nullable Output> teams; + /** + * @return The teams that should be matched. + * + */ public Optional>> teams() { return Optional.ofNullable(this.teams); } @@ -63,33 +87,75 @@ public Builder(ZeroTrustAccessPolicyRequireGithubArgs defaults) { $ = new ZeroTrustAccessPolicyRequireGithubArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Github identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(@Nullable Output name) { $.name = name; return this; } + /** + * @param name The name of the organization. + * + * @return builder + * + */ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(@Nullable Output> teams) { $.teams = teams; return this; } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(List teams) { return teams(Output.of(teams)); } + /** + * @param teams The teams that should be matched. + * + * @return builder + * + */ public Builder teams(String... teams) { return teams(List.of(teams)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.java index 5199c988d..79d7214c6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireGsuiteArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessPolicyRequireGsuiteArgs extends com.pulumi.res public static final ZeroTrustAccessPolicyRequireGsuiteArgs Empty = new ZeroTrustAccessPolicyRequireGsuiteArgs(); + /** + * The email of the Google Workspace group. + * + */ @Import(name="emails") private @Nullable Output> emails; + /** + * @return The email of the Google Workspace group. + * + */ public Optional>> emails() { return Optional.ofNullable(this.emails); } + /** + * The ID of your Google Workspace identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessPolicyRequireGsuiteArgs defaults) { $ = new ZeroTrustAccessPolicyRequireGsuiteArgs(Objects.requireNonNull(defaults)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(@Nullable Output> emails) { $.emails = emails; return this; } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(List emails) { return emails(Output.of(emails)); } + /** + * @param emails The email of the Google Workspace group. + * + * @return builder + * + */ public Builder emails(String... emails) { return emails(List.of(emails)); } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Google Workspace identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireOktaArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireOktaArgs.java index 872eb3e5f..b835406cb 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireOktaArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireOktaArgs.java @@ -16,16 +16,32 @@ public final class ZeroTrustAccessPolicyRequireOktaArgs extends com.pulumi.resou public static final ZeroTrustAccessPolicyRequireOktaArgs Empty = new ZeroTrustAccessPolicyRequireOktaArgs(); + /** + * The ID of your Okta identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your Okta identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * The name of the Okta Group. + * + */ @Import(name="names") private @Nullable Output> names; + /** + * @return The name of the Okta Group. + * + */ public Optional>> names() { return Optional.ofNullable(this.names); } @@ -55,24 +71,54 @@ public Builder(ZeroTrustAccessPolicyRequireOktaArgs defaults) { $ = new ZeroTrustAccessPolicyRequireOktaArgs(Objects.requireNonNull(defaults)); } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your Okta identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(@Nullable Output> names) { $.names = names; return this; } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(List names) { return names(Output.of(names)); } + /** + * @param names The name of the Okta Group. + * + * @return builder + * + */ public Builder names(String... names) { return names(List.of(names)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireSamlArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireSamlArgs.java index 25ce6e653..cfb2c8c1a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireSamlArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyRequireSamlArgs.java @@ -15,23 +15,47 @@ public final class ZeroTrustAccessPolicyRequireSamlArgs extends com.pulumi.resou public static final ZeroTrustAccessPolicyRequireSamlArgs Empty = new ZeroTrustAccessPolicyRequireSamlArgs(); + /** + * The name of the SAML attribute. + * + */ @Import(name="attributeName") private @Nullable Output attributeName; + /** + * @return The name of the SAML attribute. + * + */ public Optional> attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * The SAML attribute value to look for. + * + */ @Import(name="attributeValue") private @Nullable Output attributeValue; + /** + * @return The SAML attribute value to look for. + * + */ public Optional> attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * The ID of your SAML identity provider. + * + */ @Import(name="identityProviderId") private @Nullable Output identityProviderId; + /** + * @return The ID of your SAML identity provider. + * + */ public Optional> identityProviderId() { return Optional.ofNullable(this.identityProviderId); } @@ -62,29 +86,65 @@ public Builder(ZeroTrustAccessPolicyRequireSamlArgs defaults) { $ = new ZeroTrustAccessPolicyRequireSamlArgs(Objects.requireNonNull(defaults)); } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(@Nullable Output attributeName) { $.attributeName = attributeName; return this; } + /** + * @param attributeName The name of the SAML attribute. + * + * @return builder + * + */ public Builder attributeName(String attributeName) { return attributeName(Output.of(attributeName)); } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(@Nullable Output attributeValue) { $.attributeValue = attributeValue; return this; } + /** + * @param attributeValue The SAML attribute value to look for. + * + * @return builder + * + */ public Builder attributeValue(String attributeValue) { return attributeValue(Output.of(attributeValue)); } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(@Nullable Output identityProviderId) { $.identityProviderId = identityProviderId; return this; } + /** + * @param identityProviderId The ID of your SAML identity provider. + * + * @return builder + * + */ public Builder identityProviderId(String identityProviderId) { return identityProviderId(Output.of(identityProviderId)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyState.java index a1ac40457..1debdbb31 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustAccessPolicyState.java @@ -23,14 +23,14 @@ public final class ZeroTrustAccessPolicyState extends com.pulumi.resources.Resou public static final ZeroTrustAccessPolicyState Empty = new ZeroTrustAccessPolicyState(); /** - * The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zone_id`. * */ @Import(name="accountId") private @Nullable Output accountId; /** - * @return The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @return The account identifier to target for the resource. Conflicts with `zone_id`. * */ public Optional> accountId() { @@ -217,14 +217,14 @@ public Optional> sessionDuration() { } /** - * The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `account_id`. * */ @Import(name="zoneId") private @Nullable Output zoneId; /** - * @return The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @return The zone identifier to target for the resource. Conflicts with `account_id`. * */ public Optional> zoneId() { @@ -270,7 +270,7 @@ public Builder(ZeroTrustAccessPolicyState defaults) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -281,7 +281,7 @@ public Builder accountId(@Nullable Output accountId) { } /** - * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + * @param accountId The account identifier to target for the resource. Conflicts with `zone_id`. * * @return builder * @@ -574,7 +574,7 @@ public Builder sessionDuration(String sessionDuration) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * @@ -585,7 +585,7 @@ public Builder zoneId(@Nullable Output zoneId) { } /** - * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + * @param zoneId The zone identifier to target for the resource. Conflicts with `account_id`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputArgs.java index 7af2c2c0b..c56c66458 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputArgs.java @@ -155,14 +155,14 @@ public Optional> domain() { } /** - * The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. * */ @Import(name="eidLastSeen") private @Nullable Output eidLastSeen; /** - * @return The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * @return The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. * */ public Optional> eidLastSeen() { @@ -200,14 +200,14 @@ public Optional> exists() { } /** - * List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * */ @Import(name="extendedKeyUsages") private @Nullable Output> extendedKeyUsages; /** - * @return List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * @return List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * */ public Optional>> extendedKeyUsages() { @@ -290,14 +290,14 @@ public Optional> lastSeen() { } /** - * List of locations to check for client certificate. + * List of operating system locations to check for a client certificate.. * */ @Import(name="locations") private @Nullable Output> locations; /** - * @return List of locations to check for client certificate. + * @return List of operating system locations to check for a client certificate.. * */ public Optional>> locations() { @@ -560,14 +560,14 @@ public Optional> version() { } /** - * The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ @Import(name="versionOperator") private @Nullable Output versionOperator; /** - * @return The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @return The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ public Optional> versionOperator() { @@ -834,7 +834,7 @@ public Builder domain(String domain) { } /** - * @param eidLastSeen The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * @param eidLastSeen The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. * * @return builder * @@ -845,7 +845,7 @@ public Builder eidLastSeen(@Nullable Output eidLastSeen) { } /** - * @param eidLastSeen The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * @param eidLastSeen The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. * * @return builder * @@ -897,7 +897,7 @@ public Builder exists(Boolean exists) { } /** - * @param extendedKeyUsages List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * @param extendedKeyUsages List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * * @return builder * @@ -908,7 +908,7 @@ public Builder extendedKeyUsages(@Nullable Output> extendedKeyUsage } /** - * @param extendedKeyUsages List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * @param extendedKeyUsages List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * * @return builder * @@ -918,7 +918,7 @@ public Builder extendedKeyUsages(List extendedKeyUsages) { } /** - * @param extendedKeyUsages List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * @param extendedKeyUsages List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * * @return builder * @@ -1033,7 +1033,7 @@ public Builder lastSeen(String lastSeen) { } /** - * @param locations List of locations to check for client certificate. + * @param locations List of operating system locations to check for a client certificate.. * * @return builder * @@ -1044,7 +1044,7 @@ public Builder locations(@Nullable Output locat } /** - * @param locations List of locations to check for client certificate. + * @param locations List of operating system locations to check for a client certificate.. * * @return builder * @@ -1421,7 +1421,7 @@ public Builder version(String version) { } /** - * @param versionOperator The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @param versionOperator The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * * @return builder * @@ -1432,7 +1432,7 @@ public Builder versionOperator(@Nullable Output versionOperator) { } /** - * @param versionOperator The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @param versionOperator The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputLocationArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputLocationArgs.java index 07e93f32d..98e280174 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputLocationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleInputLocationArgs.java @@ -32,14 +32,14 @@ public Optional>> paths() { } /** - * List of trust stores to check for client certificate rule. Available values: `system`, `user` + * List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ @Import(name="trustStores") private @Nullable Output> trustStores; /** - * @return List of trust stores to check for client certificate rule. Available values: `system`, `user` + * @return List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ public Optional>> trustStores() { @@ -103,7 +103,7 @@ public Builder paths(String... paths) { } /** - * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user` + * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user`. * * @return builder * @@ -114,7 +114,7 @@ public Builder trustStores(@Nullable Output> trustStores) { } /** - * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user` + * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user`. * * @return builder * @@ -124,7 +124,7 @@ public Builder trustStores(List trustStores) { } /** - * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user` + * @param trustStores List of trust stores to check for client certificate rule. Available values: `system`, `user`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleState.java index 88f54a80f..b3d4ec6b9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDevicePostureRuleState.java @@ -116,14 +116,14 @@ public Optional> schedule() { } /** - * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ @Import(name="type") private @Nullable Output type; /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ public Optional> type() { @@ -317,7 +317,7 @@ public Builder schedule(String schedule) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * @@ -328,7 +328,7 @@ public Builder type(@Nullable Output type) { } /** - * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @param type The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDeviceProfilesState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDeviceProfilesState.java index d818343f6..26daeda4b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDeviceProfilesState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustDeviceProfilesState.java @@ -288,14 +288,14 @@ public Optional> switchLocked() { } /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ @Import(name="tunnelProtocol") private @Nullable Output tunnelProtocol; /** - * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @return Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * */ public Optional> tunnelProtocol() { @@ -723,7 +723,7 @@ public Builder switchLocked(Boolean switchLocked) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * @@ -734,7 +734,7 @@ public Builder tunnelProtocol(@Nullable Output tunnelProtocol) { } /** - * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * @param tunnelProtocol Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewayCertificateState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewayCertificateState.java new file mode 100644 index 000000000..38ed1ab6a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewayCertificateState.java @@ -0,0 +1,375 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.Integer; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ZeroTrustGatewayCertificateState extends com.pulumi.resources.ResourceArgs { + + public static final ZeroTrustGatewayCertificateState Empty = new ZeroTrustGatewayCertificateState(); + + /** + * The account identifier to target for the resource. + * + */ + @Import(name="accountId") + private @Nullable Output accountId; + + /** + * @return The account identifier to target for the resource. + * + */ + public Optional> accountId() { + return Optional.ofNullable(this.accountId); + } + + /** + * Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + */ + @Import(name="activate") + private @Nullable Output activate; + + /** + * @return Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + */ + public Optional> activate() { + return Optional.ofNullable(this.activate); + } + + /** + * The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + * + */ + @Import(name="bindingStatus") + private @Nullable Output bindingStatus; + + /** + * @return The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + * + */ + public Optional> bindingStatus() { + return Optional.ofNullable(this.bindingStatus); + } + + @Import(name="createdAt") + private @Nullable Output createdAt; + + public Optional> createdAt() { + return Optional.ofNullable(this.createdAt); + } + + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + @Import(name="custom") + private @Nullable Output custom; + + /** + * @return The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + public Optional> custom() { + return Optional.ofNullable(this.custom); + } + + @Import(name="expiresOn") + private @Nullable Output expiresOn; + + public Optional> expiresOn() { + return Optional.ofNullable(this.expiresOn); + } + + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + @Import(name="gatewayManaged") + private @Nullable Output gatewayManaged; + + /** + * @return The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + */ + public Optional> gatewayManaged() { + return Optional.ofNullable(this.gatewayManaged); + } + + /** + * Whether the certificate is in use by Gateway for TLS interception and the block page. + * + */ + @Import(name="inUse") + private @Nullable Output inUse; + + /** + * @return Whether the certificate is in use by Gateway for TLS interception and the block page. + * + */ + public Optional> inUse() { + return Optional.ofNullable(this.inUse); + } + + @Import(name="qsPackId") + private @Nullable Output qsPackId; + + public Optional> qsPackId() { + return Optional.ofNullable(this.qsPackId); + } + + @Import(name="uploadedOn") + private @Nullable Output uploadedOn; + + public Optional> uploadedOn() { + return Optional.ofNullable(this.uploadedOn); + } + + /** + * Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + */ + @Import(name="validityPeriodDays") + private @Nullable Output validityPeriodDays; + + /** + * @return Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + */ + public Optional> validityPeriodDays() { + return Optional.ofNullable(this.validityPeriodDays); + } + + private ZeroTrustGatewayCertificateState() {} + + private ZeroTrustGatewayCertificateState(ZeroTrustGatewayCertificateState $) { + this.accountId = $.accountId; + this.activate = $.activate; + this.bindingStatus = $.bindingStatus; + this.createdAt = $.createdAt; + this.custom = $.custom; + this.expiresOn = $.expiresOn; + this.gatewayManaged = $.gatewayManaged; + this.inUse = $.inUse; + this.qsPackId = $.qsPackId; + this.uploadedOn = $.uploadedOn; + this.validityPeriodDays = $.validityPeriodDays; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ZeroTrustGatewayCertificateState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ZeroTrustGatewayCertificateState $; + + public Builder() { + $ = new ZeroTrustGatewayCertificateState(); + } + + public Builder(ZeroTrustGatewayCertificateState defaults) { + $ = new ZeroTrustGatewayCertificateState(Objects.requireNonNull(defaults)); + } + + /** + * @param accountId The account identifier to target for the resource. + * + * @return builder + * + */ + public Builder accountId(@Nullable Output accountId) { + $.accountId = accountId; + return this; + } + + /** + * @param accountId The account identifier to target for the resource. + * + * @return builder + * + */ + public Builder accountId(String accountId) { + return accountId(Output.of(accountId)); + } + + /** + * @param activate Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + * @return builder + * + */ + public Builder activate(@Nullable Output activate) { + $.activate = activate; + return this; + } + + /** + * @param activate Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + * + * @return builder + * + */ + public Builder activate(Boolean activate) { + return activate(Output.of(activate)); + } + + /** + * @param bindingStatus The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + * + * @return builder + * + */ + public Builder bindingStatus(@Nullable Output bindingStatus) { + $.bindingStatus = bindingStatus; + return this; + } + + /** + * @param bindingStatus The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + * + * @return builder + * + */ + public Builder bindingStatus(String bindingStatus) { + return bindingStatus(Output.of(bindingStatus)); + } + + public Builder createdAt(@Nullable Output createdAt) { + $.createdAt = createdAt; + return this; + } + + public Builder createdAt(String createdAt) { + return createdAt(Output.of(createdAt)); + } + + /** + * @param custom The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder custom(@Nullable Output custom) { + $.custom = custom; + return this; + } + + /** + * @param custom The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder custom(Boolean custom) { + return custom(Output.of(custom)); + } + + public Builder expiresOn(@Nullable Output expiresOn) { + $.expiresOn = expiresOn; + return this; + } + + public Builder expiresOn(String expiresOn) { + return expiresOn(Output.of(expiresOn)); + } + + /** + * @param gatewayManaged The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder gatewayManaged(@Nullable Output gatewayManaged) { + $.gatewayManaged = gatewayManaged; + return this; + } + + /** + * @param gatewayManaged The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + * + * @return builder + * + */ + public Builder gatewayManaged(Boolean gatewayManaged) { + return gatewayManaged(Output.of(gatewayManaged)); + } + + /** + * @param inUse Whether the certificate is in use by Gateway for TLS interception and the block page. + * + * @return builder + * + */ + public Builder inUse(@Nullable Output inUse) { + $.inUse = inUse; + return this; + } + + /** + * @param inUse Whether the certificate is in use by Gateway for TLS interception and the block page. + * + * @return builder + * + */ + public Builder inUse(Boolean inUse) { + return inUse(Output.of(inUse)); + } + + public Builder qsPackId(@Nullable Output qsPackId) { + $.qsPackId = qsPackId; + return this; + } + + public Builder qsPackId(String qsPackId) { + return qsPackId(Output.of(qsPackId)); + } + + public Builder uploadedOn(@Nullable Output uploadedOn) { + $.uploadedOn = uploadedOn; + return this; + } + + public Builder uploadedOn(String uploadedOn) { + return uploadedOn(Output.of(uploadedOn)); + } + + /** + * @param validityPeriodDays Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + * @return builder + * + */ + public Builder validityPeriodDays(@Nullable Output validityPeriodDays) { + $.validityPeriodDays = validityPeriodDays; + return this; + } + + /** + * @param validityPeriodDays Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + * + * @return builder + * + */ + public Builder validityPeriodDays(Integer validityPeriodDays) { + return validityPeriodDays(Output.of(validityPeriodDays)); + } + + public ZeroTrustGatewayCertificateState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsCertificateArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsCertificateArgs.java new file mode 100644 index 000000000..ba4f3eea2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsCertificateArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class ZeroTrustGatewaySettingsCertificateArgs extends com.pulumi.resources.ResourceArgs { + + public static final ZeroTrustGatewaySettingsCertificateArgs Empty = new ZeroTrustGatewaySettingsCertificateArgs(); + + /** + * ID of certificate for TLS interception. + * + */ + @Import(name="id", required=true) + private Output id; + + /** + * @return ID of certificate for TLS interception. + * + */ + public Output id() { + return this.id; + } + + private ZeroTrustGatewaySettingsCertificateArgs() {} + + private ZeroTrustGatewaySettingsCertificateArgs(ZeroTrustGatewaySettingsCertificateArgs $) { + this.id = $.id; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ZeroTrustGatewaySettingsCertificateArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ZeroTrustGatewaySettingsCertificateArgs $; + + public Builder() { + $ = new ZeroTrustGatewaySettingsCertificateArgs(); + } + + public Builder(ZeroTrustGatewaySettingsCertificateArgs defaults) { + $ = new ZeroTrustGatewaySettingsCertificateArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param id ID of certificate for TLS interception. + * + * @return builder + * + */ + public Builder id(Output id) { + $.id = id; + return this; + } + + /** + * @param id ID of certificate for TLS interception. + * + * @return builder + * + */ + public Builder id(String id) { + return id(Output.of(id)); + } + + public ZeroTrustGatewaySettingsCertificateArgs build() { + if ($.id == null) { + throw new MissingRequiredPropertyException("ZeroTrustGatewaySettingsCertificateArgs", "id"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsProxyArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsProxyArgs.java index ba65d2157..c3b20567f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsProxyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsProxyArgs.java @@ -16,14 +16,14 @@ public final class ZeroTrustGatewaySettingsProxyArgs extends com.pulumi.resource public static final ZeroTrustGatewaySettingsProxyArgs Empty = new ZeroTrustGatewaySettingsProxyArgs(); /** - * Sets the time limit in seconds that a user can use an override code to bypass WARP + * Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ @Import(name="disableForTime", required=true) private Output disableForTime; /** - * @return Sets the time limit in seconds that a user can use an override code to bypass WARP + * @return Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ public Output disableForTime() { @@ -119,7 +119,7 @@ public Builder(ZeroTrustGatewaySettingsProxyArgs defaults) { } /** - * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP + * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP. * * @return builder * @@ -130,7 +130,7 @@ public Builder disableForTime(Output disableForTime) { } /** - * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP + * @param disableForTime Sets the time limit in seconds that a user can use an override code to bypass WARP. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsState.java index 639d8ed8b..324f1742c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustGatewaySettingsState.java @@ -6,6 +6,7 @@ import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsAntivirusArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBlockPageArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsBodyScanningArgs; +import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsCertificateArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsCustomCertificateArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsExtendedEmailMatchingArgs; import com.pulumi.cloudflare.inputs.ZeroTrustGatewaySettingsFipsArgs; @@ -102,16 +103,39 @@ public Optional> bodyScanning() } /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. * */ + @Import(name="certificate") + private @Nullable Output certificate; + + /** + * @return Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + */ + public Optional> certificate() { + return Optional.ofNullable(this.certificate); + } + + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * + */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ @Import(name="customCertificate") private @Nullable Output customCertificate; /** - * @return Configuration for custom certificates / BYO-PKI. + * @return Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Optional> customCertificate() { return Optional.ofNullable(this.customCertificate); } @@ -266,6 +290,7 @@ private ZeroTrustGatewaySettingsState(ZeroTrustGatewaySettingsState $) { this.antivirus = $.antivirus; this.blockPage = $.blockPage; this.bodyScanning = $.bodyScanning; + this.certificate = $.certificate; this.customCertificate = $.customCertificate; this.extendedEmailMatching = $.extendedEmailMatching; this.fips = $.fips; @@ -403,22 +428,51 @@ public Builder bodyScanning(ZeroTrustGatewaySettingsBodyScanningArgs bodyScannin } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(@Nullable Output certificate) { + $.certificate = certificate; + return this; + } + + /** + * @param certificate Configuration for TLS interception certificate. This will be required starting Feb 2025. + * + * @return builder + * + */ + public Builder certificate(ZeroTrustGatewaySettingsCertificateArgs certificate) { + return certificate(Output.of(certificate)); + } + + /** + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(@Nullable Output customCertificate) { $.customCertificate = customCertificate; return this; } /** - * @param customCertificate Configuration for custom certificates / BYO-PKI. + * @param customCertificate Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. * * @return builder * + * @deprecated + * Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. + * */ + @Deprecated /* Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration. */ public Builder customCertificate(ZeroTrustGatewaySettingsCustomCertificateArgs customCertificate) { return customCertificate(Output.of(customCertificate)); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustRiskScoreIntegrationState.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustRiskScoreIntegrationState.java index c410dde9b..ec60abd06 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustRiskScoreIntegrationState.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZeroTrustRiskScoreIntegrationState.java @@ -47,16 +47,14 @@ public Optional> active() { } /** - * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * */ @Import(name="integrationType") private @Nullable Output integrationType; /** - * @return The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @return The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * */ public Optional> integrationType() { @@ -64,18 +62,14 @@ public Optional> integrationType() { } /** - * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * */ @Import(name="referenceId") private @Nullable Output referenceId; /** - * @return A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @return A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * */ public Optional> referenceId() { @@ -98,16 +92,14 @@ public Optional> tenantUrl() { } /** - * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 * */ @Import(name="wellKnownUrl") private @Nullable Output wellKnownUrl; /** - * @return The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * @return The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 * */ public Optional> wellKnownUrl() { @@ -186,8 +178,7 @@ public Builder active(Boolean active) { } /** - * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * * @return builder * @@ -198,8 +189,7 @@ public Builder integrationType(@Nullable Output integrationType) { } /** - * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * @param integrationType The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body * * @return builder * @@ -209,9 +199,7 @@ public Builder integrationType(String integrationType) { } /** - * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * * @return builder * @@ -222,9 +210,7 @@ public Builder referenceId(@Nullable Output referenceId) { } /** - * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * @param referenceId A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider * * @return builder * @@ -255,8 +241,7 @@ public Builder tenantUrl(String tenantUrl) { } /** - * @param wellKnownUrl The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * @param wellKnownUrl The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 * * @return builder * @@ -267,8 +252,7 @@ public Builder wellKnownUrl(@Nullable Output wellKnownUrl) { } /** - * @param wellKnownUrl The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * @param wellKnownUrl The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideInitialSettingArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideInitialSettingArgs.java index 467b3927e..fbbe80038 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideInitialSettingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideInitialSettingArgs.java @@ -313,6 +313,13 @@ public Optional> pseudoIpv4() { return Optional.ofNullable(this.pseudoIpv4); } + @Import(name="replaceInsecureJs") + private @Nullable Output replaceInsecureJs; + + public Optional> replaceInsecureJs() { + return Optional.ofNullable(this.replaceInsecureJs); + } + @Import(name="responseBuffering") private @Nullable Output responseBuffering; @@ -487,6 +494,7 @@ private ZoneSettingsOverrideInitialSettingArgs(ZoneSettingsOverrideInitialSettin this.privacyPass = $.privacyPass; this.proxyReadTimeout = $.proxyReadTimeout; this.pseudoIpv4 = $.pseudoIpv4; + this.replaceInsecureJs = $.replaceInsecureJs; this.responseBuffering = $.responseBuffering; this.rocketLoader = $.rocketLoader; this.securityHeader = $.securityHeader; @@ -904,6 +912,15 @@ public Builder pseudoIpv4(String pseudoIpv4) { return pseudoIpv4(Output.of(pseudoIpv4)); } + public Builder replaceInsecureJs(@Nullable Output replaceInsecureJs) { + $.replaceInsecureJs = replaceInsecureJs; + return this; + } + + public Builder replaceInsecureJs(String replaceInsecureJs) { + return replaceInsecureJs(Output.of(replaceInsecureJs)); + } + public Builder responseBuffering(@Nullable Output responseBuffering) { $.responseBuffering = responseBuffering; return this; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideSettingsArgs.java b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideSettingsArgs.java index 3a759c067..91cfb4ddf 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideSettingsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/inputs/ZoneSettingsOverrideSettingsArgs.java @@ -313,6 +313,13 @@ public Optional> pseudoIpv4() { return Optional.ofNullable(this.pseudoIpv4); } + @Import(name="replaceInsecureJs") + private @Nullable Output replaceInsecureJs; + + public Optional> replaceInsecureJs() { + return Optional.ofNullable(this.replaceInsecureJs); + } + @Import(name="responseBuffering") private @Nullable Output responseBuffering; @@ -487,6 +494,7 @@ private ZoneSettingsOverrideSettingsArgs(ZoneSettingsOverrideSettingsArgs $) { this.privacyPass = $.privacyPass; this.proxyReadTimeout = $.proxyReadTimeout; this.pseudoIpv4 = $.pseudoIpv4; + this.replaceInsecureJs = $.replaceInsecureJs; this.responseBuffering = $.responseBuffering; this.rocketLoader = $.rocketLoader; this.securityHeader = $.securityHeader; @@ -904,6 +912,15 @@ public Builder pseudoIpv4(String pseudoIpv4) { return pseudoIpv4(Output.of(pseudoIpv4)); } + public Builder replaceInsecureJs(@Nullable Output replaceInsecureJs) { + $.replaceInsecureJs = replaceInsecureJs; + return this; + } + + public Builder replaceInsecureJs(String replaceInsecureJs) { + return replaceInsecureJs(Output.of(replaceInsecureJs)); + } + public Builder responseBuffering(@Nullable Output responseBuffering) { $.responseBuffering = responseBuffering; return this; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExclude.java index f76124c86..7bbdfd01b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExclude.java @@ -20,29 +20,89 @@ @CustomType public final class AccessGroupExclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable AccessGroupExcludeExternalEvaluation externalEvaluation; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class AccessGroupExclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private AccessGroupExclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAuthContext.java index 2304585c7..2ea18771b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAuthContext.java @@ -21,7 +21,7 @@ public final class AccessGroupExcludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAzure.java index ce5e15836..66026b6bb 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class AccessGroupExcludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class AccessGroupExcludeAzure { private AccessGroupExcludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeExternalEvaluation.java index ffcff990d..b724db15a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class AccessGroupExcludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private AccessGroupExcludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGithub.java index 2d734a437..5aab24208 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class AccessGroupExcludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private AccessGroupExcludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGsuite.java index e72702300..fd7b93c28 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class AccessGroupExcludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private AccessGroupExcludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeOkta.java index 70c67ccef..e44bd3a37 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class AccessGroupExcludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private AccessGroupExcludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeSaml.java index ddf938c55..90315828b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupExcludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class AccessGroupExcludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private AccessGroupExcludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupInclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupInclude.java index c85b0eb4b..e2da1bd23 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupInclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupInclude.java @@ -20,29 +20,89 @@ @CustomType public final class AccessGroupInclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable AccessGroupIncludeExternalEvaluation externalEvaluation; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class AccessGroupInclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private AccessGroupInclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAuthContext.java index 3ce6beeaa..bef4759f9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAuthContext.java @@ -21,7 +21,7 @@ public final class AccessGroupIncludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAzure.java index fecc977d9..2cea3aef0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class AccessGroupIncludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class AccessGroupIncludeAzure { private AccessGroupIncludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeExternalEvaluation.java index f194199b0..dd88f4d8e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class AccessGroupIncludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private AccessGroupIncludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGithub.java index 970d613f5..a711bad4c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class AccessGroupIncludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private AccessGroupIncludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGsuite.java index fccb43e50..32b9b5935 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class AccessGroupIncludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private AccessGroupIncludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeOkta.java index 893ef0cc7..1a55ea2bb 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class AccessGroupIncludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private AccessGroupIncludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeSaml.java index 991ee4b56..a2ae08b66 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupIncludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class AccessGroupIncludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private AccessGroupIncludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequire.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequire.java index cadbcc0c7..d13e39e72 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequire.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequire.java @@ -20,29 +20,89 @@ @CustomType public final class AccessGroupRequire { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable AccessGroupRequireExternalEvaluation externalEvaluation; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class AccessGroupRequire { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private AccessGroupRequire() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAuthContext.java index d283b68b1..9b0d340f0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAuthContext.java @@ -21,7 +21,7 @@ public final class AccessGroupRequireAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAzure.java index 7f1db2871..34cb4c941 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireAzure.java @@ -13,7 +13,7 @@ @CustomType public final class AccessGroupRequireAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class AccessGroupRequireAzure { private AccessGroupRequireAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireExternalEvaluation.java index 5c1bf4fef..2159c9f33 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class AccessGroupRequireExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private AccessGroupRequireExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGithub.java index 447e1028c..5a8a39ffd 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGithub.java @@ -12,17 +12,41 @@ @CustomType public final class AccessGroupRequireGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private AccessGroupRequireGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGsuite.java index ef40674bf..c6ab8b69f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class AccessGroupRequireGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private AccessGroupRequireGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireOkta.java index 57f8f58a5..c7e14edf8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireOkta.java @@ -12,13 +12,29 @@ @CustomType public final class AccessGroupRequireOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private AccessGroupRequireOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireSaml.java index c00e785ee..16125c5fa 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessGroupRequireSaml.java @@ -11,17 +11,41 @@ @CustomType public final class AccessGroupRequireSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private AccessGroupRequireSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExclude.java index 267fe9211..73da434dc 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExclude.java @@ -20,29 +20,89 @@ @CustomType public final class AccessPolicyExclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable AccessPolicyExcludeExternalEvaluation externalEvaluation; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class AccessPolicyExclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private AccessPolicyExclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAuthContext.java index 70e1bd1eb..dbe602312 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAuthContext.java @@ -21,7 +21,7 @@ public final class AccessPolicyExcludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAzure.java index ef125f191..422f35959 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class AccessPolicyExcludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class AccessPolicyExcludeAzure { private AccessPolicyExcludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeExternalEvaluation.java index c425f28e3..228feed60 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class AccessPolicyExcludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private AccessPolicyExcludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGithub.java index c42335341..5e5b934cc 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class AccessPolicyExcludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private AccessPolicyExcludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGsuite.java index b8876781a..c3b7b8bb1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class AccessPolicyExcludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private AccessPolicyExcludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeOkta.java index 6194f2f22..c68d8049e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class AccessPolicyExcludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private AccessPolicyExcludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeSaml.java index 742898c18..7063234b0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyExcludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class AccessPolicyExcludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private AccessPolicyExcludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyInclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyInclude.java index a90f6e4ad..f60eb731d 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyInclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyInclude.java @@ -20,29 +20,89 @@ @CustomType public final class AccessPolicyInclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable AccessPolicyIncludeExternalEvaluation externalEvaluation; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class AccessPolicyInclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private AccessPolicyInclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAuthContext.java index 481b8cedf..157472e24 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAuthContext.java @@ -21,7 +21,7 @@ public final class AccessPolicyIncludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAzure.java index 7724c1064..bbd7ee98a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class AccessPolicyIncludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class AccessPolicyIncludeAzure { private AccessPolicyIncludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeExternalEvaluation.java index a30e69a2c..044983426 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class AccessPolicyIncludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private AccessPolicyIncludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGithub.java index 9c4f5c800..825f19ef0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class AccessPolicyIncludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private AccessPolicyIncludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGsuite.java index 5ca33c326..3e5c8afd8 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class AccessPolicyIncludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private AccessPolicyIncludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeOkta.java index bddef40f5..9b43d81a4 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class AccessPolicyIncludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private AccessPolicyIncludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeSaml.java index 024b5741f..c69534ba6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyIncludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class AccessPolicyIncludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private AccessPolicyIncludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequire.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequire.java index cd09af3ca..722d14b2f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequire.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequire.java @@ -20,29 +20,89 @@ @CustomType public final class AccessPolicyRequire { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable AccessPolicyRequireExternalEvaluation externalEvaluation; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class AccessPolicyRequire { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private AccessPolicyRequire() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public Optional externalEvaluation() { return Optional.ofNullable(this.externalEvaluation); } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAuthContext.java index 7edfa4f3a..728cd0882 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAuthContext.java @@ -21,7 +21,7 @@ public final class AccessPolicyRequireAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAzure.java index 173e51489..ac7dea478 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireAzure.java @@ -13,7 +13,7 @@ @CustomType public final class AccessPolicyRequireAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class AccessPolicyRequireAzure { private AccessPolicyRequireAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireExternalEvaluation.java index d7aff8f55..0e6e10f65 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class AccessPolicyRequireExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private AccessPolicyRequireExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGithub.java index 76024b4ed..efe9876bd 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGithub.java @@ -12,17 +12,41 @@ @CustomType public final class AccessPolicyRequireGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private AccessPolicyRequireGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGsuite.java index 474b7337e..27b79ece1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class AccessPolicyRequireGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private AccessPolicyRequireGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireOkta.java index e52f81cf4..51a7c5fc0 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireOkta.java @@ -12,13 +12,29 @@ @CustomType public final class AccessPolicyRequireOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private AccessPolicyRequireOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireSaml.java index c5e4765af..6568cd702 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/AccessPolicyRequireSaml.java @@ -11,17 +11,41 @@ @CustomType public final class AccessPolicyRequireSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private AccessPolicyRequireSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInput.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInput.java index 303b856a6..dd46e482e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInput.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInput.java @@ -106,7 +106,7 @@ public final class DevicePostureRuleInput { */ private @Nullable String lastSeen; /** - * @return List of locations to check for client certificate posture check. + * @return List of operating system locations to check for a client certificate.. * */ private @Nullable List locations; @@ -196,7 +196,7 @@ public final class DevicePostureRuleInput { */ private @Nullable String version; /** - * @return The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @return The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ private @Nullable String versionOperator; @@ -329,7 +329,7 @@ public Optional lastSeen() { return Optional.ofNullable(this.lastSeen); } /** - * @return List of locations to check for client certificate posture check. + * @return List of operating system locations to check for a client certificate.. * */ public List locations() { @@ -455,7 +455,7 @@ public Optional version() { return Optional.ofNullable(this.version); } /** - * @return The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @return The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ public Optional versionOperator() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInputLocation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInputLocation.java index 03af2fed3..22af21bd9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInputLocation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/DevicePostureRuleInputLocation.java @@ -12,26 +12,26 @@ @CustomType public final class DevicePostureRuleInputLocation { /** - * @return List of paths to check for client certificate. + * @return List of paths to check for client certificate rule. * */ private @Nullable List paths; /** - * @return List of trust stores to check for client certificate. Available values: `system`, `user`. + * @return List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ private @Nullable List trustStores; private DevicePostureRuleInputLocation() {} /** - * @return List of paths to check for client certificate. + * @return List of paths to check for client certificate rule. * */ public List paths() { return this.paths == null ? List.of() : this.paths; } /** - * @return List of trust stores to check for client certificate. Available values: `system`, `user`. + * @return List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ public List trustStores() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetDevicePostureRulesResult.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetDevicePostureRulesResult.java index 697fab7f4..5ef281d12 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetDevicePostureRulesResult.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetDevicePostureRulesResult.java @@ -35,7 +35,7 @@ public final class GetDevicePostureRulesResult { */ private List rules; /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ private @Nullable String type; @@ -70,7 +70,7 @@ public List rules() { return this.rules; } /** - * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + * @return The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. * */ public Optional type() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParameters.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParameters.java index 6269607e5..b43f5bba2 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParameters.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParameters.java @@ -6,6 +6,7 @@ import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersAutominify; import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersBrowserTtl; import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersCacheKey; +import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersCacheReserve; import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersEdgeTtl; import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersFromList; import com.pulumi.cloudflare.outputs.GetRulesetsRulesetRuleActionParametersFromValue; @@ -65,6 +66,11 @@ public final class GetRulesetsRulesetRuleActionParameters { * */ private @Nullable GetRulesetsRulesetRuleActionParametersCacheKey cacheKey; + /** + * @return List of cache reserve parameters to apply to the request. + * + */ + private @Nullable GetRulesetsRulesetRuleActionParametersCacheReserve cacheReserve; /** * @return Content of the custom error response * @@ -327,6 +333,13 @@ public Optional cache() { public Optional cacheKey() { return Optional.ofNullable(this.cacheKey); } + /** + * @return List of cache reserve parameters to apply to the request. + * + */ + public Optional cacheReserve() { + return Optional.ofNullable(this.cacheReserve); + } /** * @return Content of the custom error response * @@ -641,6 +654,7 @@ public static final class Builder { private @Nullable GetRulesetsRulesetRuleActionParametersBrowserTtl browserTtl; private @Nullable Boolean cache; private @Nullable GetRulesetsRulesetRuleActionParametersCacheKey cacheKey; + private @Nullable GetRulesetsRulesetRuleActionParametersCacheReserve cacheReserve; private @Nullable String content; private @Nullable String contentType; private @Nullable List cookieFields; @@ -694,6 +708,7 @@ public Builder(GetRulesetsRulesetRuleActionParameters defaults) { this.browserTtl = defaults.browserTtl; this.cache = defaults.cache; this.cacheKey = defaults.cacheKey; + this.cacheReserve = defaults.cacheReserve; this.content = defaults.content; this.contentType = defaults.contentType; this.cookieFields = defaults.cookieFields; @@ -788,6 +803,12 @@ public Builder cacheKey(@Nullable GetRulesetsRulesetRuleActionParametersCacheKey return this; } @CustomType.Setter + public Builder cacheReserve(@Nullable GetRulesetsRulesetRuleActionParametersCacheReserve cacheReserve) { + + this.cacheReserve = cacheReserve; + return this; + } + @CustomType.Setter public Builder content(@Nullable String content) { this.content = content; @@ -1080,6 +1101,7 @@ public GetRulesetsRulesetRuleActionParameters build() { _resultValue.browserTtl = browserTtl; _resultValue.cache = cache; _resultValue.cacheKey = cacheKey; + _resultValue.cacheReserve = cacheReserve; _resultValue.content = content; _resultValue.contentType = contentType; _resultValue.cookieFields = cookieFields; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParametersCacheReserve.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParametersCacheReserve.java new file mode 100644 index 000000000..b57d31a7c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/GetRulesetsRulesetRuleActionParametersCacheReserve.java @@ -0,0 +1,82 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetRulesetsRulesetRuleActionParametersCacheReserve { + /** + * @return Determines whether Cloudflare will write the eligible resource to cache reserve. + * + */ + private Boolean eligible; + /** + * @return The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + */ + private @Nullable Integer minimumFileSize; + + private GetRulesetsRulesetRuleActionParametersCacheReserve() {} + /** + * @return Determines whether Cloudflare will write the eligible resource to cache reserve. + * + */ + public Boolean eligible() { + return this.eligible; + } + /** + * @return The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + */ + public Optional minimumFileSize() { + return Optional.ofNullable(this.minimumFileSize); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRulesetsRulesetRuleActionParametersCacheReserve defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean eligible; + private @Nullable Integer minimumFileSize; + public Builder() {} + public Builder(GetRulesetsRulesetRuleActionParametersCacheReserve defaults) { + Objects.requireNonNull(defaults); + this.eligible = defaults.eligible; + this.minimumFileSize = defaults.minimumFileSize; + } + + @CustomType.Setter + public Builder eligible(Boolean eligible) { + if (eligible == null) { + throw new MissingRequiredPropertyException("GetRulesetsRulesetRuleActionParametersCacheReserve", "eligible"); + } + this.eligible = eligible; + return this; + } + @CustomType.Setter + public Builder minimumFileSize(@Nullable Integer minimumFileSize) { + + this.minimumFileSize = minimumFileSize; + return this; + } + public GetRulesetsRulesetRuleActionParametersCacheReserve build() { + final var _resultValue = new GetRulesetsRulesetRuleActionParametersCacheReserve(); + _resultValue.eligible = eligible; + _resultValue.minimumFileSize = minimumFileSize; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParameters.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParameters.java index 105588b00..2ccba6ca1 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParameters.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParameters.java @@ -7,6 +7,7 @@ import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersAutominify; import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersBrowserTtl; import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersCacheKey; +import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersCacheReserve; import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersEdgeTtl; import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersFromList; import com.pulumi.cloudflare.outputs.RulesetRuleActionParametersFromValue; @@ -70,6 +71,11 @@ public final class RulesetRuleActionParameters { * */ private @Nullable RulesetRuleActionParametersCacheKey cacheKey; + /** + * @return List of cache reserve parameters to apply to the request. + * + */ + private @Nullable RulesetRuleActionParametersCacheReserve cacheReserve; /** * @return Content of the custom error response. * @@ -349,6 +355,13 @@ public Optional cache() { public Optional cacheKey() { return Optional.ofNullable(this.cacheKey); } + /** + * @return List of cache reserve parameters to apply to the request. + * + */ + public Optional cacheReserve() { + return Optional.ofNullable(this.cacheReserve); + } /** * @return Content of the custom error response. * @@ -678,6 +691,7 @@ public static final class Builder { private @Nullable RulesetRuleActionParametersBrowserTtl browserTtl; private @Nullable Boolean cache; private @Nullable RulesetRuleActionParametersCacheKey cacheKey; + private @Nullable RulesetRuleActionParametersCacheReserve cacheReserve; private @Nullable String content; private @Nullable String contentType; private @Nullable List cookieFields; @@ -734,6 +748,7 @@ public Builder(RulesetRuleActionParameters defaults) { this.browserTtl = defaults.browserTtl; this.cache = defaults.cache; this.cacheKey = defaults.cacheKey; + this.cacheReserve = defaults.cacheReserve; this.content = defaults.content; this.contentType = defaults.contentType; this.cookieFields = defaults.cookieFields; @@ -839,6 +854,12 @@ public Builder cacheKey(@Nullable RulesetRuleActionParametersCacheKey cacheKey) return this; } @CustomType.Setter + public Builder cacheReserve(@Nullable RulesetRuleActionParametersCacheReserve cacheReserve) { + + this.cacheReserve = cacheReserve; + return this; + } + @CustomType.Setter public Builder content(@Nullable String content) { this.content = content; @@ -1142,6 +1163,7 @@ public RulesetRuleActionParameters build() { _resultValue.browserTtl = browserTtl; _resultValue.cache = cache; _resultValue.cacheKey = cacheKey; + _resultValue.cacheReserve = cacheReserve; _resultValue.content = content; _resultValue.contentType = contentType; _resultValue.cookieFields = cookieFields; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParametersCacheReserve.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParametersCacheReserve.java new file mode 100644 index 000000000..c32b20ee9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/RulesetRuleActionParametersCacheReserve.java @@ -0,0 +1,82 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.Integer; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class RulesetRuleActionParametersCacheReserve { + /** + * @return Determines whether Cloudflare will write the eligible resource to cache reserve. + * + */ + private Boolean eligible; + /** + * @return The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + */ + private @Nullable Integer minimumFileSize; + + private RulesetRuleActionParametersCacheReserve() {} + /** + * @return Determines whether Cloudflare will write the eligible resource to cache reserve. + * + */ + public Boolean eligible() { + return this.eligible; + } + /** + * @return The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + * + */ + public Optional minimumFileSize() { + return Optional.ofNullable(this.minimumFileSize); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RulesetRuleActionParametersCacheReserve defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean eligible; + private @Nullable Integer minimumFileSize; + public Builder() {} + public Builder(RulesetRuleActionParametersCacheReserve defaults) { + Objects.requireNonNull(defaults); + this.eligible = defaults.eligible; + this.minimumFileSize = defaults.minimumFileSize; + } + + @CustomType.Setter + public Builder eligible(Boolean eligible) { + if (eligible == null) { + throw new MissingRequiredPropertyException("RulesetRuleActionParametersCacheReserve", "eligible"); + } + this.eligible = eligible; + return this; + } + @CustomType.Setter + public Builder minimumFileSize(@Nullable Integer minimumFileSize) { + + this.minimumFileSize = minimumFileSize; + return this; + } + public RulesetRuleActionParametersCacheReserve build() { + final var _resultValue = new RulesetRuleActionParametersCacheReserve(); + _resultValue.eligible = eligible; + _resultValue.minimumFileSize = minimumFileSize; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountCertificate.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountCertificate.java new file mode 100644 index 000000000..078949a4d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountCertificate.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class TeamsAccountCertificate { + /** + * @return ID of certificate for TLS interception. + * + */ + private String id; + + private TeamsAccountCertificate() {} + /** + * @return ID of certificate for TLS interception. + * + */ + public String id() { + return this.id; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(TeamsAccountCertificate defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String id; + public Builder() {} + public Builder(TeamsAccountCertificate defaults) { + Objects.requireNonNull(defaults); + this.id = defaults.id; + } + + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("TeamsAccountCertificate", "id"); + } + this.id = id; + return this; + } + public TeamsAccountCertificate build() { + final var _resultValue = new TeamsAccountCertificate(); + _resultValue.id = id; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountProxy.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountProxy.java index 3f01010e9..07d992c6b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountProxy.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/TeamsAccountProxy.java @@ -12,7 +12,7 @@ @CustomType public final class TeamsAccountProxy { /** - * @return Sets the time limit in seconds that a user can use an override code to bypass WARP + * @return Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ private Integer disableForTime; @@ -39,7 +39,7 @@ public final class TeamsAccountProxy { private TeamsAccountProxy() {} /** - * @return Sets the time limit in seconds that a user can use an override code to bypass WARP + * @return Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ public Integer disableForTime() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkerScriptHyperdriveConfigBinding.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkerScriptHyperdriveConfigBinding.java new file mode 100644 index 000000000..083e83188 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkerScriptHyperdriveConfigBinding.java @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class WorkerScriptHyperdriveConfigBinding { + /** + * @return The global variable for the binding in your Worker code. + * + */ + private String binding; + /** + * @return The ID of the Hyperdrive config to use. + * + */ + private String id; + + private WorkerScriptHyperdriveConfigBinding() {} + /** + * @return The global variable for the binding in your Worker code. + * + */ + public String binding() { + return this.binding; + } + /** + * @return The ID of the Hyperdrive config to use. + * + */ + public String id() { + return this.id; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(WorkerScriptHyperdriveConfigBinding defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String binding; + private String id; + public Builder() {} + public Builder(WorkerScriptHyperdriveConfigBinding defaults) { + Objects.requireNonNull(defaults); + this.binding = defaults.binding; + this.id = defaults.id; + } + + @CustomType.Setter + public Builder binding(String binding) { + if (binding == null) { + throw new MissingRequiredPropertyException("WorkerScriptHyperdriveConfigBinding", "binding"); + } + this.binding = binding; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("WorkerScriptHyperdriveConfigBinding", "id"); + } + this.id = id; + return this; + } + public WorkerScriptHyperdriveConfigBinding build() { + final var _resultValue = new WorkerScriptHyperdriveConfigBinding(); + _resultValue.binding = binding; + _resultValue.id = id; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkersScriptHyperdriveConfigBinding.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkersScriptHyperdriveConfigBinding.java new file mode 100644 index 000000000..b5621e7bd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/WorkersScriptHyperdriveConfigBinding.java @@ -0,0 +1,81 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class WorkersScriptHyperdriveConfigBinding { + /** + * @return The global variable for the binding in your Worker code. + * + */ + private String binding; + /** + * @return The ID of the Hyperdrive config to use. + * + */ + private String id; + + private WorkersScriptHyperdriveConfigBinding() {} + /** + * @return The global variable for the binding in your Worker code. + * + */ + public String binding() { + return this.binding; + } + /** + * @return The ID of the Hyperdrive config to use. + * + */ + public String id() { + return this.id; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(WorkersScriptHyperdriveConfigBinding defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String binding; + private String id; + public Builder() {} + public Builder(WorkersScriptHyperdriveConfigBinding defaults) { + Objects.requireNonNull(defaults); + this.binding = defaults.binding; + this.id = defaults.id; + } + + @CustomType.Setter + public Builder binding(String binding) { + if (binding == null) { + throw new MissingRequiredPropertyException("WorkersScriptHyperdriveConfigBinding", "binding"); + } + this.binding = binding; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("WorkersScriptHyperdriveConfigBinding", "id"); + } + this.id = id; + return this; + } + public WorkersScriptHyperdriveConfigBinding build() { + final var _resultValue = new WorkersScriptHyperdriveConfigBinding(); + _resultValue.binding = binding; + _resultValue.id = id; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExclude.java index 07bd3f717..faae13e64 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExclude.java @@ -20,29 +20,89 @@ @CustomType public final class ZeroTrustAccessGroupExclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable List externalEvaluations; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class ZeroTrustAccessGroupExclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private ZeroTrustAccessGroupExclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public List externalEvaluations() { return this.externalEvaluations == null ? List.of() : this.externalEvaluations; } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAuthContext.java index 42241e50a..f3991682d 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAuthContext.java @@ -21,7 +21,7 @@ public final class ZeroTrustAccessGroupExcludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAzure.java index 94ce0d5a9..7bc47cbe9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class ZeroTrustAccessGroupExcludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class ZeroTrustAccessGroupExcludeAzure { private ZeroTrustAccessGroupExcludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.java index a85a888bf..a63c35ed9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class ZeroTrustAccessGroupExcludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private ZeroTrustAccessGroupExcludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGithub.java index ec87afa40..822cd11f9 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class ZeroTrustAccessGroupExcludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private ZeroTrustAccessGroupExcludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGsuite.java index 88e6c0a1c..fd1c97078 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessGroupExcludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessGroupExcludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeOkta.java index a434ca55d..40c6bad52 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessGroupExcludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private ZeroTrustAccessGroupExcludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeSaml.java index 6f173e4f5..927010c4a 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupExcludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class ZeroTrustAccessGroupExcludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessGroupExcludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupInclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupInclude.java index dd37ef6f8..1b9d5beb6 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupInclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupInclude.java @@ -20,29 +20,89 @@ @CustomType public final class ZeroTrustAccessGroupInclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable List externalEvaluations; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class ZeroTrustAccessGroupInclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private ZeroTrustAccessGroupInclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public List externalEvaluations() { return this.externalEvaluations == null ? List.of() : this.externalEvaluations; } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAuthContext.java index c8cabe6e2..4af0b2696 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAuthContext.java @@ -21,7 +21,7 @@ public final class ZeroTrustAccessGroupIncludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAzure.java index e672e533b..e7a46c583 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class ZeroTrustAccessGroupIncludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class ZeroTrustAccessGroupIncludeAzure { private ZeroTrustAccessGroupIncludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.java index 143f92569..c15410c1e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class ZeroTrustAccessGroupIncludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private ZeroTrustAccessGroupIncludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGithub.java index eb892b379..6210d3467 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class ZeroTrustAccessGroupIncludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private ZeroTrustAccessGroupIncludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGsuite.java index a41c27209..6c5fb1796 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessGroupIncludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessGroupIncludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeOkta.java index fb6443627..4ef6cb4e2 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessGroupIncludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private ZeroTrustAccessGroupIncludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeSaml.java index f63b26183..d3f392e76 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupIncludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class ZeroTrustAccessGroupIncludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessGroupIncludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequire.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequire.java index 1b673e853..0dc4d72e5 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequire.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequire.java @@ -20,29 +20,89 @@ @CustomType public final class ZeroTrustAccessGroupRequire { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable List externalEvaluations; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class ZeroTrustAccessGroupRequire { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private ZeroTrustAccessGroupRequire() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public List externalEvaluations() { return this.externalEvaluations == null ? List.of() : this.externalEvaluations; } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAuthContext.java index 9b9b8d9d6..744825ebd 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAuthContext.java @@ -21,7 +21,7 @@ public final class ZeroTrustAccessGroupRequireAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAzure.java index c5315d080..f74acd562 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireAzure.java @@ -13,7 +13,7 @@ @CustomType public final class ZeroTrustAccessGroupRequireAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class ZeroTrustAccessGroupRequireAzure { private ZeroTrustAccessGroupRequireAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireExternalEvaluation.java index c18a73e5e..33f4b8d3f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class ZeroTrustAccessGroupRequireExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private ZeroTrustAccessGroupRequireExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGithub.java index 8307d38a2..5317c8680 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGithub.java @@ -12,17 +12,41 @@ @CustomType public final class ZeroTrustAccessGroupRequireGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private ZeroTrustAccessGroupRequireGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGsuite.java index 8fbd310ff..ce8f01378 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessGroupRequireGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessGroupRequireGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireOkta.java index f6d44a2c4..ff5af8cc3 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireOkta.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessGroupRequireOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private ZeroTrustAccessGroupRequireOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireSaml.java index 46cd88350..35eba410b 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessGroupRequireSaml.java @@ -11,17 +11,41 @@ @CustomType public final class ZeroTrustAccessGroupRequireSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessGroupRequireSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExclude.java index 35f9095d3..1841db173 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExclude.java @@ -20,29 +20,89 @@ @CustomType public final class ZeroTrustAccessPolicyExclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable List externalEvaluations; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class ZeroTrustAccessPolicyExclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private ZeroTrustAccessPolicyExclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public List externalEvaluations() { return this.externalEvaluations == null ? List.of() : this.externalEvaluations; } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAuthContext.java index 721193f14..2d73902f3 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAuthContext.java @@ -21,7 +21,7 @@ public final class ZeroTrustAccessPolicyExcludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAzure.java index e6d7c3284..c2224435d 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class ZeroTrustAccessPolicyExcludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class ZeroTrustAccessPolicyExcludeAzure { private ZeroTrustAccessPolicyExcludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.java index 11a7b8b56..86441a219 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class ZeroTrustAccessPolicyExcludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private ZeroTrustAccessPolicyExcludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGithub.java index cc94a32bc..ab16a0713 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class ZeroTrustAccessPolicyExcludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private ZeroTrustAccessPolicyExcludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGsuite.java index a509bcd12..73f07e585 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessPolicyExcludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessPolicyExcludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeOkta.java index 526e509a3..d2de05193 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessPolicyExcludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private ZeroTrustAccessPolicyExcludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeSaml.java index 6184922f8..0c55bb482 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyExcludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class ZeroTrustAccessPolicyExcludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessPolicyExcludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyInclude.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyInclude.java index 8bf2df8d8..a543b8efc 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyInclude.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyInclude.java @@ -20,29 +20,89 @@ @CustomType public final class ZeroTrustAccessPolicyInclude { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable List externalEvaluations; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class ZeroTrustAccessPolicyInclude { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private ZeroTrustAccessPolicyInclude() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public List externalEvaluations() { return this.externalEvaluations == null ? List.of() : this.externalEvaluations; } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAuthContext.java index 815236130..5802479a3 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAuthContext.java @@ -21,7 +21,7 @@ public final class ZeroTrustAccessPolicyIncludeAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAzure.java index 15cd592c4..dd7cb3040 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeAzure.java @@ -13,7 +13,7 @@ @CustomType public final class ZeroTrustAccessPolicyIncludeAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class ZeroTrustAccessPolicyIncludeAzure { private ZeroTrustAccessPolicyIncludeAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.java index bf129ea0b..3e45b8330 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class ZeroTrustAccessPolicyIncludeExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private ZeroTrustAccessPolicyIncludeExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGithub.java index b82bffe65..74f6d5815 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGithub.java @@ -12,17 +12,41 @@ @CustomType public final class ZeroTrustAccessPolicyIncludeGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private ZeroTrustAccessPolicyIncludeGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGsuite.java index 3f71c9a5e..e1319614f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessPolicyIncludeGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessPolicyIncludeGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeOkta.java index 857c5dcc8..c55d6f626 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeOkta.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessPolicyIncludeOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private ZeroTrustAccessPolicyIncludeOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeSaml.java index 736072212..1d6e93092 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyIncludeSaml.java @@ -11,17 +11,41 @@ @CustomType public final class ZeroTrustAccessPolicyIncludeSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessPolicyIncludeSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequire.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequire.java index 067e810e7..4fdb0fb86 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequire.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequire.java @@ -20,29 +20,89 @@ @CustomType public final class ZeroTrustAccessPolicyRequire { + /** + * @return Matches any valid Access service token. + * + */ private @Nullable Boolean anyValidServiceToken; private @Nullable List authContexts; + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ private @Nullable String authMethod; + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ private @Nullable List azures; + /** + * @return Matches any valid client certificate. + * + */ private @Nullable Boolean certificate; + /** + * @return Matches a valid client certificate common name. + * + */ private @Nullable String commonName; /** * @return Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. * */ private @Nullable List commonNames; + /** + * @return The ID of a device posture integration. + * + */ private @Nullable List devicePostures; + /** + * @return The email domain to match. + * + */ private @Nullable List emailDomains; + /** + * @return The ID of a previously created email list. + * + */ private @Nullable List emailLists; + /** + * @return The email of the user. + * + */ private @Nullable List emails; + /** + * @return Matches everyone. + * + */ private @Nullable Boolean everyone; + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ private @Nullable List externalEvaluations; + /** + * @return Matches a specific country. + * + */ private @Nullable List geos; + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ private @Nullable List githubs; + /** + * @return The ID of a previously created Access group. + * + */ private @Nullable List groups; + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ private @Nullable List gsuites; /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ private @Nullable List ipLists; @@ -51,27 +111,63 @@ public final class ZeroTrustAccessPolicyRequire { * */ private @Nullable List ips; + /** + * @return The ID of a configured identity provider. + * + */ private @Nullable List loginMethods; + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ private @Nullable List oktas; + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ private @Nullable List samls; + /** + * @return The ID of an Access service token. + * + */ private @Nullable List serviceTokens; private ZeroTrustAccessPolicyRequire() {} + /** + * @return Matches any valid Access service token. + * + */ public Optional anyValidServiceToken() { return Optional.ofNullable(this.anyValidServiceToken); } public List authContexts() { return this.authContexts == null ? List.of() : this.authContexts; } + /** + * @return The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + * + */ public Optional authMethod() { return Optional.ofNullable(this.authMethod); } + /** + * @return Matches an Azure group. Requires an Azure identity provider. + * + */ public List azures() { return this.azures == null ? List.of() : this.azures; } + /** + * @return Matches any valid client certificate. + * + */ public Optional certificate() { return Optional.ofNullable(this.certificate); } + /** + * @return Matches a valid client certificate common name. + * + */ public Optional commonName() { return Optional.ofNullable(this.commonName); } @@ -82,38 +178,78 @@ public Optional commonName() { public List commonNames() { return this.commonNames == null ? List.of() : this.commonNames; } + /** + * @return The ID of a device posture integration. + * + */ public List devicePostures() { return this.devicePostures == null ? List.of() : this.devicePostures; } + /** + * @return The email domain to match. + * + */ public List emailDomains() { return this.emailDomains == null ? List.of() : this.emailDomains; } + /** + * @return The ID of a previously created email list. + * + */ public List emailLists() { return this.emailLists == null ? List.of() : this.emailLists; } + /** + * @return The email of the user. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return Matches everyone. + * + */ public Optional everyone() { return Optional.ofNullable(this.everyone); } + /** + * @return Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + * + */ public List externalEvaluations() { return this.externalEvaluations == null ? List.of() : this.externalEvaluations; } + /** + * @return Matches a specific country. + * + */ public List geos() { return this.geos == null ? List.of() : this.geos; } + /** + * @return Matches a Github organization. Requires a Github identity provider. + * + */ public List githubs() { return this.githubs == null ? List.of() : this.githubs; } + /** + * @return The ID of a previously created Access group. + * + */ public List groups() { return this.groups == null ? List.of() : this.groups; } + /** + * @return Matches a group in Google Workspace. Requires a Google Workspace identity provider. + * + */ public List gsuites() { return this.gsuites == null ? List.of() : this.gsuites; } /** - * @return The ID of an existing IP list to reference. + * @return The ID of a previously created IP list. * */ public List ipLists() { @@ -126,15 +262,31 @@ public List ipLists() { public List ips() { return this.ips == null ? List.of() : this.ips; } + /** + * @return The ID of a configured identity provider. + * + */ public List loginMethods() { return this.loginMethods == null ? List.of() : this.loginMethods; } + /** + * @return Matches an Okta group. Requires an Okta identity provider. + * + */ public List oktas() { return this.oktas == null ? List.of() : this.oktas; } + /** + * @return Matches a SAML group. Requires a SAML identity provider. + * + */ public List samls() { return this.samls == null ? List.of() : this.samls; } + /** + * @return The ID of an Access service token. + * + */ public List serviceTokens() { return this.serviceTokens == null ? List.of() : this.serviceTokens; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAuthContext.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAuthContext.java index 01b223bd4..54ed3f532 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAuthContext.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAuthContext.java @@ -21,7 +21,7 @@ public final class ZeroTrustAccessPolicyRequireAuthContext { */ private String id; /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private String identityProviderId; @@ -42,7 +42,7 @@ public String id() { return this.id; } /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public String identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAzure.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAzure.java index 9d3b4d673..36e8f7f98 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAzure.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireAzure.java @@ -13,7 +13,7 @@ @CustomType public final class ZeroTrustAccessPolicyRequireAzure { /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ private @Nullable String identityProviderId; @@ -25,7 +25,7 @@ public final class ZeroTrustAccessPolicyRequireAzure { private ZeroTrustAccessPolicyRequireAzure() {} /** - * @return The ID of the Azure Identity provider. + * @return The ID of the Azure identity provider. * */ public Optional identityProviderId() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.java index a30712675..c87d4415f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireExternalEvaluation.java @@ -11,13 +11,29 @@ @CustomType public final class ZeroTrustAccessPolicyRequireExternalEvaluation { + /** + * @return The API endpoint containing your business logic. + * + */ private @Nullable String evaluateUrl; + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ private @Nullable String keysUrl; private ZeroTrustAccessPolicyRequireExternalEvaluation() {} + /** + * @return The API endpoint containing your business logic. + * + */ public Optional evaluateUrl() { return Optional.ofNullable(this.evaluateUrl); } + /** + * @return The API endpoint containing the key that Access uses to verify that the response came from your API. + * + */ public Optional keysUrl() { return Optional.ofNullable(this.keysUrl); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGithub.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGithub.java index 81108bc9f..2208f68da 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGithub.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGithub.java @@ -12,17 +12,41 @@ @CustomType public final class ZeroTrustAccessPolicyRequireGithub { + /** + * @return The ID of your Github identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the organization. + * + */ private @Nullable String name; + /** + * @return The teams that should be matched. + * + */ private @Nullable List teams; private ZeroTrustAccessPolicyRequireGithub() {} + /** + * @return The ID of your Github identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the organization. + * + */ public Optional name() { return Optional.ofNullable(this.name); } + /** + * @return The teams that should be matched. + * + */ public List teams() { return this.teams == null ? List.of() : this.teams; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGsuite.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGsuite.java index 5e8bdbc70..624978f16 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGsuite.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireGsuite.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessPolicyRequireGsuite { + /** + * @return The email of the Google Workspace group. + * + */ private @Nullable List emails; + /** + * @return The ID of your Google Workspace identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessPolicyRequireGsuite() {} + /** + * @return The email of the Google Workspace group. + * + */ public List emails() { return this.emails == null ? List.of() : this.emails; } + /** + * @return The ID of your Google Workspace identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireOkta.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireOkta.java index 92220a946..7a75b6aad 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireOkta.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireOkta.java @@ -12,13 +12,29 @@ @CustomType public final class ZeroTrustAccessPolicyRequireOkta { + /** + * @return The ID of your Okta identity provider. + * + */ private @Nullable String identityProviderId; + /** + * @return The name of the Okta Group. + * + */ private @Nullable List names; private ZeroTrustAccessPolicyRequireOkta() {} + /** + * @return The ID of your Okta identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } + /** + * @return The name of the Okta Group. + * + */ public List names() { return this.names == null ? List.of() : this.names; } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireSaml.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireSaml.java index f63cc1ed3..e3c7dcd4e 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireSaml.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustAccessPolicyRequireSaml.java @@ -11,17 +11,41 @@ @CustomType public final class ZeroTrustAccessPolicyRequireSaml { + /** + * @return The name of the SAML attribute. + * + */ private @Nullable String attributeName; + /** + * @return The SAML attribute value to look for. + * + */ private @Nullable String attributeValue; + /** + * @return The ID of your SAML identity provider. + * + */ private @Nullable String identityProviderId; private ZeroTrustAccessPolicyRequireSaml() {} + /** + * @return The name of the SAML attribute. + * + */ public Optional attributeName() { return Optional.ofNullable(this.attributeName); } + /** + * @return The SAML attribute value to look for. + * + */ public Optional attributeValue() { return Optional.ofNullable(this.attributeValue); } + /** + * @return The ID of your SAML identity provider. + * + */ public Optional identityProviderId() { return Optional.ofNullable(this.identityProviderId); } diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInput.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInput.java index 471c5bde7..e7f86a71c 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInput.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInput.java @@ -61,7 +61,7 @@ public final class ZeroTrustDevicePostureRuleInput { */ private @Nullable String domain; /** - * @return The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * @return The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. * */ private @Nullable String eidLastSeen; @@ -76,7 +76,7 @@ public final class ZeroTrustDevicePostureRuleInput { */ private @Nullable Boolean exists; /** - * @return List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * @return List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * */ private @Nullable List extendedKeyUsages; @@ -106,7 +106,7 @@ public final class ZeroTrustDevicePostureRuleInput { */ private @Nullable String lastSeen; /** - * @return List of locations to check for client certificate. + * @return List of operating system locations to check for a client certificate.. * */ private @Nullable List locations; @@ -196,7 +196,7 @@ public final class ZeroTrustDevicePostureRuleInput { */ private @Nullable String version; /** - * @return The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @return The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ private @Nullable String versionOperator; @@ -266,7 +266,7 @@ public Optional domain() { return Optional.ofNullable(this.domain); } /** - * @return The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * @return The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. * */ public Optional eidLastSeen() { @@ -287,7 +287,7 @@ public Optional exists() { return Optional.ofNullable(this.exists); } /** - * @return List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * @return List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. * */ public List extendedKeyUsages() { @@ -329,7 +329,7 @@ public Optional lastSeen() { return Optional.ofNullable(this.lastSeen); } /** - * @return List of locations to check for client certificate. + * @return List of operating system locations to check for a client certificate.. * */ public List locations() { @@ -455,7 +455,7 @@ public Optional version() { return Optional.ofNullable(this.version); } /** - * @return The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * @return The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. * */ public Optional versionOperator() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInputLocation.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInputLocation.java index 2186a203e..fc56fbcff 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInputLocation.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustDevicePostureRuleInputLocation.java @@ -17,7 +17,7 @@ public final class ZeroTrustDevicePostureRuleInputLocation { */ private @Nullable List paths; /** - * @return List of trust stores to check for client certificate rule. Available values: `system`, `user` + * @return List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ private @Nullable List trustStores; @@ -31,7 +31,7 @@ public List paths() { return this.paths == null ? List.of() : this.paths; } /** - * @return List of trust stores to check for client certificate rule. Available values: `system`, `user` + * @return List of trust stores to check for client certificate rule. Available values: `system`, `user`. * */ public List trustStores() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsCertificate.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsCertificate.java new file mode 100644 index 000000000..bc8dfc985 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsCertificate.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.cloudflare.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class ZeroTrustGatewaySettingsCertificate { + /** + * @return ID of certificate for TLS interception. + * + */ + private String id; + + private ZeroTrustGatewaySettingsCertificate() {} + /** + * @return ID of certificate for TLS interception. + * + */ + public String id() { + return this.id; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ZeroTrustGatewaySettingsCertificate defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String id; + public Builder() {} + public Builder(ZeroTrustGatewaySettingsCertificate defaults) { + Objects.requireNonNull(defaults); + this.id = defaults.id; + } + + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("ZeroTrustGatewaySettingsCertificate", "id"); + } + this.id = id; + return this; + } + public ZeroTrustGatewaySettingsCertificate build() { + final var _resultValue = new ZeroTrustGatewaySettingsCertificate(); + _resultValue.id = id; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsProxy.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsProxy.java index 29f453298..11dbe592f 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsProxy.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZeroTrustGatewaySettingsProxy.java @@ -12,7 +12,7 @@ @CustomType public final class ZeroTrustGatewaySettingsProxy { /** - * @return Sets the time limit in seconds that a user can use an override code to bypass WARP + * @return Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ private Integer disableForTime; @@ -39,7 +39,7 @@ public final class ZeroTrustGatewaySettingsProxy { private ZeroTrustGatewaySettingsProxy() {} /** - * @return Sets the time limit in seconds that a user can use an override code to bypass WARP + * @return Sets the time limit in seconds that a user can use an override code to bypass WARP. * */ public Integer disableForTime() { diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideInitialSetting.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideInitialSetting.java index 90a49ebb5..e74cd292d 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideInitialSetting.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideInitialSetting.java @@ -63,6 +63,7 @@ public final class ZoneSettingsOverrideInitialSetting { private @Nullable String privacyPass; private @Nullable String proxyReadTimeout; private @Nullable String pseudoIpv4; + private @Nullable String replaceInsecureJs; private @Nullable String responseBuffering; private @Nullable String rocketLoader; private @Nullable ZoneSettingsOverrideInitialSettingSecurityHeader securityHeader; @@ -214,6 +215,9 @@ public Optional proxyReadTimeout() { public Optional pseudoIpv4() { return Optional.ofNullable(this.pseudoIpv4); } + public Optional replaceInsecureJs() { + return Optional.ofNullable(this.replaceInsecureJs); + } public Optional responseBuffering() { return Optional.ofNullable(this.responseBuffering); } @@ -321,6 +325,7 @@ public static final class Builder { private @Nullable String privacyPass; private @Nullable String proxyReadTimeout; private @Nullable String pseudoIpv4; + private @Nullable String replaceInsecureJs; private @Nullable String responseBuffering; private @Nullable String rocketLoader; private @Nullable ZoneSettingsOverrideInitialSettingSecurityHeader securityHeader; @@ -381,6 +386,7 @@ public Builder(ZoneSettingsOverrideInitialSetting defaults) { this.privacyPass = defaults.privacyPass; this.proxyReadTimeout = defaults.proxyReadTimeout; this.pseudoIpv4 = defaults.pseudoIpv4; + this.replaceInsecureJs = defaults.replaceInsecureJs; this.responseBuffering = defaults.responseBuffering; this.rocketLoader = defaults.rocketLoader; this.securityHeader = defaults.securityHeader; @@ -644,6 +650,12 @@ public Builder pseudoIpv4(@Nullable String pseudoIpv4) { return this; } @CustomType.Setter + public Builder replaceInsecureJs(@Nullable String replaceInsecureJs) { + + this.replaceInsecureJs = replaceInsecureJs; + return this; + } + @CustomType.Setter public Builder responseBuffering(@Nullable String responseBuffering) { this.responseBuffering = responseBuffering; @@ -787,6 +799,7 @@ public ZoneSettingsOverrideInitialSetting build() { _resultValue.privacyPass = privacyPass; _resultValue.proxyReadTimeout = proxyReadTimeout; _resultValue.pseudoIpv4 = pseudoIpv4; + _resultValue.replaceInsecureJs = replaceInsecureJs; _resultValue.responseBuffering = responseBuffering; _resultValue.rocketLoader = rocketLoader; _resultValue.securityHeader = securityHeader; diff --git a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideSettings.java b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideSettings.java index ce576b4e2..d9e973b89 100644 --- a/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideSettings.java +++ b/sdk/java/src/main/java/com/pulumi/cloudflare/outputs/ZoneSettingsOverrideSettings.java @@ -63,6 +63,7 @@ public final class ZoneSettingsOverrideSettings { private @Nullable String privacyPass; private @Nullable String proxyReadTimeout; private @Nullable String pseudoIpv4; + private @Nullable String replaceInsecureJs; private @Nullable String responseBuffering; private @Nullable String rocketLoader; private @Nullable ZoneSettingsOverrideSettingsSecurityHeader securityHeader; @@ -214,6 +215,9 @@ public Optional proxyReadTimeout() { public Optional pseudoIpv4() { return Optional.ofNullable(this.pseudoIpv4); } + public Optional replaceInsecureJs() { + return Optional.ofNullable(this.replaceInsecureJs); + } public Optional responseBuffering() { return Optional.ofNullable(this.responseBuffering); } @@ -321,6 +325,7 @@ public static final class Builder { private @Nullable String privacyPass; private @Nullable String proxyReadTimeout; private @Nullable String pseudoIpv4; + private @Nullable String replaceInsecureJs; private @Nullable String responseBuffering; private @Nullable String rocketLoader; private @Nullable ZoneSettingsOverrideSettingsSecurityHeader securityHeader; @@ -381,6 +386,7 @@ public Builder(ZoneSettingsOverrideSettings defaults) { this.privacyPass = defaults.privacyPass; this.proxyReadTimeout = defaults.proxyReadTimeout; this.pseudoIpv4 = defaults.pseudoIpv4; + this.replaceInsecureJs = defaults.replaceInsecureJs; this.responseBuffering = defaults.responseBuffering; this.rocketLoader = defaults.rocketLoader; this.securityHeader = defaults.securityHeader; @@ -644,6 +650,12 @@ public Builder pseudoIpv4(@Nullable String pseudoIpv4) { return this; } @CustomType.Setter + public Builder replaceInsecureJs(@Nullable String replaceInsecureJs) { + + this.replaceInsecureJs = replaceInsecureJs; + return this; + } + @CustomType.Setter public Builder responseBuffering(@Nullable String responseBuffering) { this.responseBuffering = responseBuffering; @@ -787,6 +799,7 @@ public ZoneSettingsOverrideSettings build() { _resultValue.privacyPass = privacyPass; _resultValue.proxyReadTimeout = proxyReadTimeout; _resultValue.pseudoIpv4 = pseudoIpv4; + _resultValue.replaceInsecureJs = replaceInsecureJs; _resultValue.responseBuffering = responseBuffering; _resultValue.rocketLoader = rocketLoader; _resultValue.securityHeader = securityHeader; diff --git a/sdk/nodejs/accessPolicy.ts b/sdk/nodejs/accessPolicy.ts index da897ec74..31135651a 100644 --- a/sdk/nodejs/accessPolicy.ts +++ b/sdk/nodejs/accessPolicy.ts @@ -54,7 +54,7 @@ export class AccessPolicy extends pulumi.CustomResource { } /** - * The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zoneId`. */ public readonly accountId!: pulumi.Output; /** @@ -104,7 +104,7 @@ export class AccessPolicy extends pulumi.CustomResource { */ public readonly sessionDuration!: pulumi.Output; /** - * The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `accountId`. */ public readonly zoneId!: pulumi.Output; @@ -173,7 +173,7 @@ export class AccessPolicy extends pulumi.CustomResource { */ export interface AccessPolicyState { /** - * The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zoneId`. */ accountId?: pulumi.Input; /** @@ -223,7 +223,7 @@ export interface AccessPolicyState { */ sessionDuration?: pulumi.Input; /** - * The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `accountId`. */ zoneId?: pulumi.Input; } @@ -233,7 +233,7 @@ export interface AccessPolicyState { */ export interface AccessPolicyArgs { /** - * The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zoneId`. */ accountId?: pulumi.Input; /** @@ -283,7 +283,7 @@ export interface AccessPolicyArgs { */ sessionDuration?: pulumi.Input; /** - * The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `accountId`. */ zoneId?: pulumi.Input; } diff --git a/sdk/nodejs/botManagement.ts b/sdk/nodejs/botManagement.ts index 59e07b05a..6eefd7378 100644 --- a/sdk/nodejs/botManagement.ts +++ b/sdk/nodejs/botManagement.ts @@ -64,6 +64,10 @@ export class BotManagement extends pulumi.CustomResource { return obj['__pulumiType'] === BotManagement.__pulumiType; } + /** + * Enable rule to block AI Scrapers and Crawlers. + */ + public readonly aiBotsProtection!: pulumi.Output; /** * Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). */ @@ -122,6 +126,7 @@ export class BotManagement extends pulumi.CustomResource { opts = opts || {}; if (opts.id) { const state = argsOrState as BotManagementState | undefined; + resourceInputs["aiBotsProtection"] = state ? state.aiBotsProtection : undefined; resourceInputs["autoUpdateModel"] = state ? state.autoUpdateModel : undefined; resourceInputs["enableJs"] = state ? state.enableJs : undefined; resourceInputs["fightMode"] = state ? state.fightMode : undefined; @@ -138,6 +143,7 @@ export class BotManagement extends pulumi.CustomResource { if ((!args || args.zoneId === undefined) && !opts.urn) { throw new Error("Missing required property 'zoneId'"); } + resourceInputs["aiBotsProtection"] = args ? args.aiBotsProtection : undefined; resourceInputs["autoUpdateModel"] = args ? args.autoUpdateModel : undefined; resourceInputs["enableJs"] = args ? args.enableJs : undefined; resourceInputs["fightMode"] = args ? args.fightMode : undefined; @@ -159,6 +165,10 @@ export class BotManagement extends pulumi.CustomResource { * Input properties used for looking up and filtering BotManagement resources. */ export interface BotManagementState { + /** + * Enable rule to block AI Scrapers and Crawlers. + */ + aiBotsProtection?: pulumi.Input; /** * Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). */ @@ -209,6 +219,10 @@ export interface BotManagementState { * The set of arguments for constructing a BotManagement resource. */ export interface BotManagementArgs { + /** + * Enable rule to block AI Scrapers and Crawlers. + */ + aiBotsProtection?: pulumi.Input; /** * Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). */ diff --git a/sdk/nodejs/deviceSettingsPolicy.ts b/sdk/nodejs/deviceSettingsPolicy.ts index 850b003fa..7202e0b60 100644 --- a/sdk/nodejs/deviceSettingsPolicy.ts +++ b/sdk/nodejs/deviceSettingsPolicy.ts @@ -145,7 +145,7 @@ export class DeviceSettingsPolicy extends pulumi.CustomResource { */ public readonly switchLocked!: pulumi.Output; /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. */ public readonly tunnelProtocol!: pulumi.Output; @@ -294,7 +294,7 @@ export interface DeviceSettingsPolicyState { */ switchLocked?: pulumi.Input; /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. */ tunnelProtocol?: pulumi.Input; } @@ -376,7 +376,7 @@ export interface DeviceSettingsPolicyArgs { */ switchLocked?: pulumi.Input; /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. */ tunnelProtocol?: pulumi.Input; } diff --git a/sdk/nodejs/getDevicePostureRules.ts b/sdk/nodejs/getDevicePostureRules.ts index 9d22ff99e..124235a3f 100644 --- a/sdk/nodejs/getDevicePostureRules.ts +++ b/sdk/nodejs/getDevicePostureRules.ts @@ -45,7 +45,7 @@ export interface GetDevicePostureRulesArgs { */ name?: string; /** - * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. */ type?: string; } @@ -71,7 +71,7 @@ export interface GetDevicePostureRulesResult { */ readonly rules: outputs.GetDevicePostureRulesRule[]; /** - * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. */ readonly type?: string; } @@ -108,7 +108,7 @@ export interface GetDevicePostureRulesOutputArgs { */ name?: pulumi.Input; /** - * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. */ type?: pulumi.Input; } diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index 47ecc6e0e..9263d6ce3 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -865,6 +865,11 @@ export type ZeroTrustDnsLocation = import("./zeroTrustDnsLocation").ZeroTrustDns export const ZeroTrustDnsLocation: typeof import("./zeroTrustDnsLocation").ZeroTrustDnsLocation = null as any; utilities.lazyLoad(exports, ["ZeroTrustDnsLocation"], () => require("./zeroTrustDnsLocation")); +export { ZeroTrustGatewayCertificateArgs, ZeroTrustGatewayCertificateState } from "./zeroTrustGatewayCertificate"; +export type ZeroTrustGatewayCertificate = import("./zeroTrustGatewayCertificate").ZeroTrustGatewayCertificate; +export const ZeroTrustGatewayCertificate: typeof import("./zeroTrustGatewayCertificate").ZeroTrustGatewayCertificate = null as any; +utilities.lazyLoad(exports, ["ZeroTrustGatewayCertificate"], () => require("./zeroTrustGatewayCertificate")); + export { ZeroTrustGatewayPolicyArgs, ZeroTrustGatewayPolicyState } from "./zeroTrustGatewayPolicy"; export type ZeroTrustGatewayPolicy = import("./zeroTrustGatewayPolicy").ZeroTrustGatewayPolicy; export const ZeroTrustGatewayPolicy: typeof import("./zeroTrustGatewayPolicy").ZeroTrustGatewayPolicy = null as any; @@ -1261,6 +1266,8 @@ const _module = { return new ZeroTrustDlpProfile(name, undefined, { urn }) case "cloudflare:index/zeroTrustDnsLocation:ZeroTrustDnsLocation": return new ZeroTrustDnsLocation(name, undefined, { urn }) + case "cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate": + return new ZeroTrustGatewayCertificate(name, undefined, { urn }) case "cloudflare:index/zeroTrustGatewayPolicy:ZeroTrustGatewayPolicy": return new ZeroTrustGatewayPolicy(name, undefined, { urn }) case "cloudflare:index/zeroTrustGatewayProxyEndpoint:ZeroTrustGatewayProxyEndpoint": @@ -1447,6 +1454,7 @@ pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustDeviceProfil pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustDexTest", _module) pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustDlpProfile", _module) pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustDnsLocation", _module) +pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustGatewayCertificate", _module) pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustGatewayPolicy", _module) pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustGatewayProxyEndpoint", _module) pulumi.runtime.registerResourceModule("cloudflare", "index/zeroTrustGatewaySettings", _module) diff --git a/sdk/nodejs/notificationPolicy.ts b/sdk/nodejs/notificationPolicy.ts index e712d5376..95452aa7b 100644 --- a/sdk/nodejs/notificationPolicy.ts +++ b/sdk/nodejs/notificationPolicy.ts @@ -50,7 +50,7 @@ export class NotificationPolicy extends pulumi.CustomResource { */ public readonly accountId!: pulumi.Output; /** - * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. */ public readonly alertType!: pulumi.Output; /** @@ -154,7 +154,7 @@ export interface NotificationPolicyState { */ accountId?: pulumi.Input; /** - * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. */ alertType?: pulumi.Input; /** @@ -204,7 +204,7 @@ export interface NotificationPolicyArgs { */ accountId: pulumi.Input; /** - * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. + * The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advancedHttpAlertError`, `accessCustomCertificateExpirationType`, `advancedDdosAttackL4Alert`, `advancedDdosAttackL7Alert`, `bgpHijackNotification`, `billingUsageAlert`, `blockNotificationBlockRemoved`, `blockNotificationNewBlock`, `blockNotificationReviewRejected`, `brandProtectionAlert`, `brandProtectionDigest`, `clickhouseAlertFwAnomaly`, `clickhouseAlertFwEntAnomaly`, `customSslCertificateEventType`, `dedicatedSslCertificateEventType`, `dosAttackL4`, `dosAttackL7`, `expiringServiceTokenAlert`, `failingLogpushJobDisabledAlert`, `fbmAutoAdvertisement`, `fbmDosdAttack`, `fbmVolumetricAttack`, `healthCheckStatusNotification`, `hostnameAopCustomCertificateExpirationType`, `httpAlertEdgeError`, `httpAlertOriginError`, `imageNotification`, `incidentAlert`, `loadBalancingHealthAlert`, `loadBalancingPoolEnablementAlert`, `logoMatchAlert`, `magicTunnelHealthCheckEvent`, `maintenanceEventNotification`, `mtlsCertificateStoreCertificateExpirationType`, `pagesEventAlert`, `radarNotification`, `realOriginMonitoring`, `scriptmonitorAlertNewCodeChangeDetections`, `scriptmonitorAlertNewHosts`, `scriptmonitorAlertNewMaliciousHosts`, `scriptmonitorAlertNewMaliciousScripts`, `scriptmonitorAlertNewMaliciousUrl`, `scriptmonitorAlertNewMaxLengthResourceUrl`, `scriptmonitorAlertNewResources`, `secondaryDnsAllPrimariesFailing`, `secondaryDnsPrimariesFailing`, `secondaryDnsZoneSuccessfullyUpdated`, `secondaryDnsZoneValidationWarning`, `sentinelAlert`, `streamLiveNotifications`, `trafficAnomaliesAlert`, `tunnelHealthEvent`, `tunnelUpdateEvent`, `universalSslEventType`, `webAnalyticsMetricsUpdate`, `weeklyAccountOverview`, `workersAlert`, `zoneAopCustomCertificateExpirationType`. */ alertType: pulumi.Input; /** diff --git a/sdk/nodejs/teamsAccount.ts b/sdk/nodejs/teamsAccount.ts index 6cb27851a..52b808f91 100644 --- a/sdk/nodejs/teamsAccount.ts +++ b/sdk/nodejs/teamsAccount.ts @@ -47,6 +47,7 @@ import * as utilities from "./utilities"; * udp: true, * rootCa: true, * virtualIp: false, + * disableForTime: 3600, * }, * urlBrowserIsolationEnabled: true, * logging: { @@ -127,7 +128,13 @@ export class TeamsAccount extends pulumi.CustomResource { */ public readonly bodyScanning!: pulumi.Output; /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. + */ + public readonly certificate!: pulumi.Output; + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. */ public readonly customCertificate!: pulumi.Output; /** @@ -186,6 +193,7 @@ export class TeamsAccount extends pulumi.CustomResource { resourceInputs["antivirus"] = state ? state.antivirus : undefined; resourceInputs["blockPage"] = state ? state.blockPage : undefined; resourceInputs["bodyScanning"] = state ? state.bodyScanning : undefined; + resourceInputs["certificate"] = state ? state.certificate : undefined; resourceInputs["customCertificate"] = state ? state.customCertificate : undefined; resourceInputs["extendedEmailMatching"] = state ? state.extendedEmailMatching : undefined; resourceInputs["fips"] = state ? state.fips : undefined; @@ -207,6 +215,7 @@ export class TeamsAccount extends pulumi.CustomResource { resourceInputs["antivirus"] = args ? args.antivirus : undefined; resourceInputs["blockPage"] = args ? args.blockPage : undefined; resourceInputs["bodyScanning"] = args ? args.bodyScanning : undefined; + resourceInputs["certificate"] = args ? args.certificate : undefined; resourceInputs["customCertificate"] = args ? args.customCertificate : undefined; resourceInputs["extendedEmailMatching"] = args ? args.extendedEmailMatching : undefined; resourceInputs["fips"] = args ? args.fips : undefined; @@ -249,7 +258,13 @@ export interface TeamsAccountState { */ bodyScanning?: pulumi.Input; /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. + */ + certificate?: pulumi.Input; + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. */ customCertificate?: pulumi.Input; /** @@ -316,7 +331,13 @@ export interface TeamsAccountArgs { */ bodyScanning?: pulumi.Input; /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. + */ + certificate?: pulumi.Input; + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. */ customCertificate?: pulumi.Input; /** diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index a52882ca2..2373239f3 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -192,6 +192,7 @@ "zeroTrustDexTest.ts", "zeroTrustDlpProfile.ts", "zeroTrustDnsLocation.ts", + "zeroTrustGatewayCertificate.ts", "zeroTrustGatewayPolicy.ts", "zeroTrustGatewayProxyEndpoint.ts", "zeroTrustGatewaySettings.ts", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index e828ca3a8..34fdb1261 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -350,37 +350,94 @@ export interface AccessApplicationScimConfigMappingOperations { } export interface AccessGroupExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: pulumi.Input; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -394,14 +451,14 @@ export interface AccessGroupExcludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface AccessGroupExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -411,64 +468,157 @@ export interface AccessGroupExcludeAzure { } export interface AccessGroupExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface AccessGroupExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface AccessGroupExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessGroupExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface AccessGroupExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessGroupInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: pulumi.Input; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -482,14 +632,14 @@ export interface AccessGroupIncludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface AccessGroupIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -499,64 +649,157 @@ export interface AccessGroupIncludeAzure { } export interface AccessGroupIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface AccessGroupIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface AccessGroupIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessGroupIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface AccessGroupIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessGroupRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: pulumi.Input; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -570,14 +813,14 @@ export interface AccessGroupRequireAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface AccessGroupRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -587,29 +830,65 @@ export interface AccessGroupRequireAzure { } export interface AccessGroupRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface AccessGroupRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface AccessGroupRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessGroupRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface AccessGroupRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } @@ -713,37 +992,94 @@ export interface AccessPolicyApprovalGroup { } export interface AccessPolicyExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: pulumi.Input; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -757,14 +1093,14 @@ export interface AccessPolicyExcludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface AccessPolicyExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -774,64 +1110,157 @@ export interface AccessPolicyExcludeAzure { } export interface AccessPolicyExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface AccessPolicyExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface AccessPolicyExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessPolicyExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface AccessPolicyExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessPolicyInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: pulumi.Input; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -845,14 +1274,14 @@ export interface AccessPolicyIncludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface AccessPolicyIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -862,64 +1291,157 @@ export interface AccessPolicyIncludeAzure { } export interface AccessPolicyIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface AccessPolicyIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface AccessPolicyIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessPolicyIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface AccessPolicyIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessPolicyRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: pulumi.Input; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -933,14 +1455,14 @@ export interface AccessPolicyRequireAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface AccessPolicyRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -950,29 +1472,65 @@ export interface AccessPolicyRequireAzure { } export interface AccessPolicyRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface AccessPolicyRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface AccessPolicyRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface AccessPolicyRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface AccessPolicyRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } @@ -1335,7 +1893,7 @@ export interface DevicePostureRuleInput { */ lastSeen?: pulumi.Input; /** - * List of locations to check for client certificate posture check. + * List of operating system locations to check for a client certificate.. */ locations?: pulumi.Input[]>; /** @@ -1407,18 +1965,18 @@ export interface DevicePostureRuleInput { */ version?: pulumi.Input; /** - * The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. */ versionOperator?: pulumi.Input; } export interface DevicePostureRuleInputLocation { /** - * List of paths to check for client certificate. + * List of paths to check for client certificate rule. */ paths?: pulumi.Input[]>; /** - * List of trust stores to check for client certificate. Available values: `system`, `user`. + * List of trust stores to check for client certificate rule. Available values: `system`, `user`. */ trustStores?: pulumi.Input[]>; } @@ -3392,6 +3950,10 @@ export interface RulesetRuleActionParameters { * List of cache key parameters to apply to the request. */ cacheKey?: pulumi.Input; + /** + * List of cache reserve parameters to apply to the request. + */ + cacheReserve?: pulumi.Input; /** * Content of the custom error response. */ @@ -3709,6 +4271,17 @@ export interface RulesetRuleActionParametersCacheKeyCustomKeyUser { lang?: pulumi.Input; } +export interface RulesetRuleActionParametersCacheReserve { + /** + * Determines whether Cloudflare will write the eligible resource to cache reserve. + */ + eligible: pulumi.Input; + /** + * The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + */ + minimumFileSize?: pulumi.Input; +} + export interface RulesetRuleActionParametersEdgeTtl { /** * Default edge TTL. @@ -4136,6 +4709,13 @@ export interface TeamsAccountBodyScanning { inspectionMode: pulumi.Input; } +export interface TeamsAccountCertificate { + /** + * ID of certificate for TLS interception. + */ + id: pulumi.Input; +} + export interface TeamsAccountCustomCertificate { /** * Whether TLS encryption should use a custom certificate. @@ -4221,7 +4801,7 @@ export interface TeamsAccountPayloadLog { export interface TeamsAccountProxy { /** - * Sets the time limit in seconds that a user can use an override code to bypass WARP + * Sets the time limit in seconds that a user can use an override code to bypass WARP. */ disableForTime: pulumi.Input; /** @@ -4813,6 +5393,17 @@ export interface WorkerScriptD1DatabaseBinding { name: pulumi.Input; } +export interface WorkerScriptHyperdriveConfigBinding { + /** + * The global variable for the binding in your Worker code. + */ + binding: pulumi.Input; + /** + * The ID of the Hyperdrive config to use. + */ + id: pulumi.Input; +} + export interface WorkerScriptKvNamespaceBinding { /** * The global variable for the binding in your Worker code. @@ -4923,6 +5514,17 @@ export interface WorkersScriptD1DatabaseBinding { name: pulumi.Input; } +export interface WorkersScriptHyperdriveConfigBinding { + /** + * The global variable for the binding in your Worker code. + */ + binding: pulumi.Input; + /** + * The ID of the Hyperdrive config to use. + */ + id: pulumi.Input; +} + export interface WorkersScriptKvNamespaceBinding { /** * The global variable for the binding in your Worker code. @@ -5356,37 +5958,94 @@ export interface ZeroTrustAccessApplicationScimConfigMappingOperations { } export interface ZeroTrustAccessGroupExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: pulumi.Input[]>; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -5400,14 +6059,14 @@ export interface ZeroTrustAccessGroupExcludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface ZeroTrustAccessGroupExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -5417,64 +6076,157 @@ export interface ZeroTrustAccessGroupExcludeAzure { } export interface ZeroTrustAccessGroupExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface ZeroTrustAccessGroupExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface ZeroTrustAccessGroupExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessGroupExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface ZeroTrustAccessGroupExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessGroupInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: pulumi.Input[]>; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -5488,14 +6240,14 @@ export interface ZeroTrustAccessGroupIncludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface ZeroTrustAccessGroupIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -5505,64 +6257,157 @@ export interface ZeroTrustAccessGroupIncludeAzure { } export interface ZeroTrustAccessGroupIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface ZeroTrustAccessGroupIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface ZeroTrustAccessGroupIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessGroupIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface ZeroTrustAccessGroupIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessGroupRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: pulumi.Input[]>; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -5576,14 +6421,14 @@ export interface ZeroTrustAccessGroupRequireAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface ZeroTrustAccessGroupRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -5593,29 +6438,65 @@ export interface ZeroTrustAccessGroupRequireAzure { } export interface ZeroTrustAccessGroupRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface ZeroTrustAccessGroupRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface ZeroTrustAccessGroupRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessGroupRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface ZeroTrustAccessGroupRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } @@ -5719,37 +6600,94 @@ export interface ZeroTrustAccessPolicyApprovalGroup { } export interface ZeroTrustAccessPolicyExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: pulumi.Input[]>; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -5763,14 +6701,14 @@ export interface ZeroTrustAccessPolicyExcludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface ZeroTrustAccessPolicyExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -5780,64 +6718,157 @@ export interface ZeroTrustAccessPolicyExcludeAzure { } export interface ZeroTrustAccessPolicyExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface ZeroTrustAccessPolicyExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface ZeroTrustAccessPolicyExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessPolicyExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface ZeroTrustAccessPolicyExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessPolicyInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: pulumi.Input[]>; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -5851,14 +6882,14 @@ export interface ZeroTrustAccessPolicyIncludeAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface ZeroTrustAccessPolicyIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -5868,64 +6899,157 @@ export interface ZeroTrustAccessPolicyIncludeAzure { } export interface ZeroTrustAccessPolicyIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface ZeroTrustAccessPolicyIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface ZeroTrustAccessPolicyIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessPolicyIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface ZeroTrustAccessPolicyIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessPolicyRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: pulumi.Input; authContexts?: pulumi.Input[]>; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: pulumi.Input; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: pulumi.Input[]>; + /** + * Matches any valid client certificate. + */ certificate?: pulumi.Input; + /** + * Matches a valid client certificate common name. + */ commonName?: pulumi.Input; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: pulumi.Input[]>; + /** + * The ID of a device posture integration. + */ devicePostures?: pulumi.Input[]>; + /** + * The email domain to match. + */ emailDomains?: pulumi.Input[]>; + /** + * The ID of a previously created email list. + */ emailLists?: pulumi.Input[]>; + /** + * The email of the user. + */ emails?: pulumi.Input[]>; + /** + * Matches everyone. + */ everyone?: pulumi.Input; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: pulumi.Input[]>; + /** + * Matches a specific country. + */ geos?: pulumi.Input[]>; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: pulumi.Input[]>; + /** + * The ID of a previously created Access group. + */ groups?: pulumi.Input[]>; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: pulumi.Input[]>; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: pulumi.Input[]>; /** * An IPv4 or IPv6 CIDR block. */ ips?: pulumi.Input[]>; + /** + * The ID of a configured identity provider. + */ loginMethods?: pulumi.Input[]>; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: pulumi.Input[]>; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: pulumi.Input[]>; + /** + * The ID of an Access service token. + */ serviceTokens?: pulumi.Input[]>; } @@ -5939,14 +7063,14 @@ export interface ZeroTrustAccessPolicyRequireAuthContext { */ id: pulumi.Input; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: pulumi.Input; } export interface ZeroTrustAccessPolicyRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: pulumi.Input; /** @@ -5956,29 +7080,65 @@ export interface ZeroTrustAccessPolicyRequireAzure { } export interface ZeroTrustAccessPolicyRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: pulumi.Input; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: pulumi.Input; } export interface ZeroTrustAccessPolicyRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the organization. + */ name?: pulumi.Input; + /** + * The teams that should be matched. + */ teams?: pulumi.Input[]>; } export interface ZeroTrustAccessPolicyRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: pulumi.Input[]>; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: pulumi.Input; } export interface ZeroTrustAccessPolicyRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: pulumi.Input; + /** + * The name of the Okta Group. + */ names?: pulumi.Input[]>; } export interface ZeroTrustAccessPolicyRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: pulumi.Input; + /** + * The SAML attribute value to look for. + */ attributeValue?: pulumi.Input; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: pulumi.Input; } @@ -6066,7 +7226,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ domain?: pulumi.Input; /** - * The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. */ eidLastSeen?: pulumi.Input; /** @@ -6078,7 +7238,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ exists?: pulumi.Input; /** - * List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. */ extendedKeyUsages?: pulumi.Input[]>; /** @@ -6102,7 +7262,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ lastSeen?: pulumi.Input; /** - * List of locations to check for client certificate. + * List of operating system locations to check for a client certificate.. */ locations?: pulumi.Input[]>; /** @@ -6174,7 +7334,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ version?: pulumi.Input; /** - * The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. */ versionOperator?: pulumi.Input; } @@ -6185,7 +7345,7 @@ export interface ZeroTrustDevicePostureRuleInputLocation { */ paths?: pulumi.Input[]>; /** - * List of trust stores to check for client certificate rule. Available values: `system`, `user` + * List of trust stores to check for client certificate rule. Available values: `system`, `user`. */ trustStores?: pulumi.Input[]>; } @@ -6576,6 +7736,13 @@ export interface ZeroTrustGatewaySettingsBodyScanning { inspectionMode: pulumi.Input; } +export interface ZeroTrustGatewaySettingsCertificate { + /** + * ID of certificate for TLS interception. + */ + id: pulumi.Input; +} + export interface ZeroTrustGatewaySettingsCustomCertificate { /** * Whether TLS encryption should use a custom certificate. @@ -6661,7 +7828,7 @@ export interface ZeroTrustGatewaySettingsPayloadLog { export interface ZeroTrustGatewaySettingsProxy { /** - * Sets the time limit in seconds that a user can use an override code to bypass WARP + * Sets the time limit in seconds that a user can use an override code to bypass WARP. */ disableForTime: pulumi.Input; /** @@ -7039,6 +8206,7 @@ export interface ZoneSettingsOverrideInitialSetting { privacyPass?: pulumi.Input; proxyReadTimeout?: pulumi.Input; pseudoIpv4?: pulumi.Input; + replaceInsecureJs?: pulumi.Input; responseBuffering?: pulumi.Input; rocketLoader?: pulumi.Input; securityHeader?: pulumi.Input; @@ -7129,6 +8297,7 @@ export interface ZoneSettingsOverrideSettings { privacyPass?: pulumi.Input; proxyReadTimeout?: pulumi.Input; pseudoIpv4?: pulumi.Input; + replaceInsecureJs?: pulumi.Input; responseBuffering?: pulumi.Input; rocketLoader?: pulumi.Input; securityHeader?: pulumi.Input; diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index db323fcb6..d2520a52b 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -350,37 +350,94 @@ export interface AccessApplicationScimConfigMappingOperations { } export interface AccessGroupExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.AccessGroupExcludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.AccessGroupExcludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: outputs.AccessGroupExcludeExternalEvaluation; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.AccessGroupExcludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.AccessGroupExcludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.AccessGroupExcludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.AccessGroupExcludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -394,14 +451,14 @@ export interface AccessGroupExcludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface AccessGroupExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -411,64 +468,157 @@ export interface AccessGroupExcludeAzure { } export interface AccessGroupExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface AccessGroupExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface AccessGroupExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface AccessGroupExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface AccessGroupExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface AccessGroupInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.AccessGroupIncludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.AccessGroupIncludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: outputs.AccessGroupIncludeExternalEvaluation; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.AccessGroupIncludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.AccessGroupIncludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.AccessGroupIncludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.AccessGroupIncludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -482,14 +632,14 @@ export interface AccessGroupIncludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface AccessGroupIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -499,64 +649,157 @@ export interface AccessGroupIncludeAzure { } export interface AccessGroupIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface AccessGroupIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface AccessGroupIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface AccessGroupIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface AccessGroupIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface AccessGroupRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.AccessGroupRequireAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.AccessGroupRequireAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: outputs.AccessGroupRequireExternalEvaluation; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.AccessGroupRequireGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.AccessGroupRequireGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.AccessGroupRequireOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.AccessGroupRequireSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -570,14 +813,14 @@ export interface AccessGroupRequireAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface AccessGroupRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -587,29 +830,65 @@ export interface AccessGroupRequireAzure { } export interface AccessGroupRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface AccessGroupRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface AccessGroupRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface AccessGroupRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface AccessGroupRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } @@ -713,37 +992,94 @@ export interface AccessPolicyApprovalGroup { } export interface AccessPolicyExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.AccessPolicyExcludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.AccessPolicyExcludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: outputs.AccessPolicyExcludeExternalEvaluation; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.AccessPolicyExcludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.AccessPolicyExcludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.AccessPolicyExcludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.AccessPolicyExcludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -757,14 +1093,14 @@ export interface AccessPolicyExcludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface AccessPolicyExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -774,64 +1110,157 @@ export interface AccessPolicyExcludeAzure { } export interface AccessPolicyExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface AccessPolicyExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface AccessPolicyExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface AccessPolicyExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface AccessPolicyExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface AccessPolicyInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.AccessPolicyIncludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.AccessPolicyIncludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: outputs.AccessPolicyIncludeExternalEvaluation; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.AccessPolicyIncludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.AccessPolicyIncludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ - ips?: string[]; + ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.AccessPolicyIncludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.AccessPolicyIncludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -845,14 +1274,14 @@ export interface AccessPolicyIncludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface AccessPolicyIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -862,64 +1291,157 @@ export interface AccessPolicyIncludeAzure { } export interface AccessPolicyIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface AccessPolicyIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface AccessPolicyIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface AccessPolicyIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface AccessPolicyIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface AccessPolicyRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.AccessPolicyRequireAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.AccessPolicyRequireAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluation?: outputs.AccessPolicyRequireExternalEvaluation; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.AccessPolicyRequireGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.AccessPolicyRequireGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.AccessPolicyRequireOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.AccessPolicyRequireSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -933,14 +1455,14 @@ export interface AccessPolicyRequireAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface AccessPolicyRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -950,29 +1472,65 @@ export interface AccessPolicyRequireAzure { } export interface AccessPolicyRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface AccessPolicyRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface AccessPolicyRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface AccessPolicyRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface AccessPolicyRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } @@ -1335,7 +1893,7 @@ export interface DevicePostureRuleInput { */ lastSeen?: string; /** - * List of locations to check for client certificate posture check. + * List of operating system locations to check for a client certificate.. */ locations?: outputs.DevicePostureRuleInputLocation[]; /** @@ -1407,18 +1965,18 @@ export interface DevicePostureRuleInput { */ version?: string; /** - * The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. */ versionOperator?: string; } export interface DevicePostureRuleInputLocation { /** - * List of paths to check for client certificate. + * List of paths to check for client certificate rule. */ paths?: string[]; /** - * List of trust stores to check for client certificate. Available values: `system`, `user`. + * List of trust stores to check for client certificate rule. Available values: `system`, `user`. */ trustStores?: string[]; } @@ -2040,6 +2598,10 @@ export interface GetRulesetsRulesetRuleActionParameters { * List of cache key parameters to apply to the request. */ cacheKey?: outputs.GetRulesetsRulesetRuleActionParametersCacheKey; + /** + * List of cache reserve parameters to apply to the request. + */ + cacheReserve?: outputs.GetRulesetsRulesetRuleActionParametersCacheReserve; /** * Content of the custom error response */ @@ -2342,6 +2904,17 @@ export interface GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUser { lang?: boolean; } +export interface GetRulesetsRulesetRuleActionParametersCacheReserve { + /** + * Determines whether Cloudflare will write the eligible resource to cache reserve. + */ + eligible: boolean; + /** + * The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + */ + minimumFileSize?: number; +} + export interface GetRulesetsRulesetRuleActionParametersEdgeTtl { /** * Default edge TTL @@ -4208,6 +4781,10 @@ export interface RulesetRuleActionParameters { * List of cache key parameters to apply to the request. */ cacheKey?: outputs.RulesetRuleActionParametersCacheKey; + /** + * List of cache reserve parameters to apply to the request. + */ + cacheReserve?: outputs.RulesetRuleActionParametersCacheReserve; /** * Content of the custom error response. */ @@ -4525,6 +5102,17 @@ export interface RulesetRuleActionParametersCacheKeyCustomKeyUser { lang?: boolean; } +export interface RulesetRuleActionParametersCacheReserve { + /** + * Determines whether Cloudflare will write the eligible resource to cache reserve. + */ + eligible: boolean; + /** + * The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + */ + minimumFileSize?: number; +} + export interface RulesetRuleActionParametersEdgeTtl { /** * Default edge TTL. @@ -4952,6 +5540,13 @@ export interface TeamsAccountBodyScanning { inspectionMode: string; } +export interface TeamsAccountCertificate { + /** + * ID of certificate for TLS interception. + */ + id: string; +} + export interface TeamsAccountCustomCertificate { /** * Whether TLS encryption should use a custom certificate. @@ -5037,7 +5632,7 @@ export interface TeamsAccountPayloadLog { export interface TeamsAccountProxy { /** - * Sets the time limit in seconds that a user can use an override code to bypass WARP + * Sets the time limit in seconds that a user can use an override code to bypass WARP. */ disableForTime: number; /** @@ -5629,6 +6224,17 @@ export interface WorkerScriptD1DatabaseBinding { name: string; } +export interface WorkerScriptHyperdriveConfigBinding { + /** + * The global variable for the binding in your Worker code. + */ + binding: string; + /** + * The ID of the Hyperdrive config to use. + */ + id: string; +} + export interface WorkerScriptKvNamespaceBinding { /** * The global variable for the binding in your Worker code. @@ -5739,6 +6345,17 @@ export interface WorkersScriptD1DatabaseBinding { name: string; } +export interface WorkersScriptHyperdriveConfigBinding { + /** + * The global variable for the binding in your Worker code. + */ + binding: string; + /** + * The ID of the Hyperdrive config to use. + */ + id: string; +} + export interface WorkersScriptKvNamespaceBinding { /** * The global variable for the binding in your Worker code. @@ -6172,37 +6789,94 @@ export interface ZeroTrustAccessApplicationScimConfigMappingOperations { } export interface ZeroTrustAccessGroupExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.ZeroTrustAccessGroupExcludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.ZeroTrustAccessGroupExcludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: outputs.ZeroTrustAccessGroupExcludeExternalEvaluation[]; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.ZeroTrustAccessGroupExcludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.ZeroTrustAccessGroupExcludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.ZeroTrustAccessGroupExcludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.ZeroTrustAccessGroupExcludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -6216,14 +6890,14 @@ export interface ZeroTrustAccessGroupExcludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface ZeroTrustAccessGroupExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -6233,64 +6907,157 @@ export interface ZeroTrustAccessGroupExcludeAzure { } export interface ZeroTrustAccessGroupExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface ZeroTrustAccessGroupExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface ZeroTrustAccessGroupExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessGroupExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface ZeroTrustAccessGroupExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessGroupInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.ZeroTrustAccessGroupIncludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.ZeroTrustAccessGroupIncludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: outputs.ZeroTrustAccessGroupIncludeExternalEvaluation[]; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.ZeroTrustAccessGroupIncludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.ZeroTrustAccessGroupIncludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.ZeroTrustAccessGroupIncludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.ZeroTrustAccessGroupIncludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -6304,14 +7071,14 @@ export interface ZeroTrustAccessGroupIncludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface ZeroTrustAccessGroupIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -6321,64 +7088,157 @@ export interface ZeroTrustAccessGroupIncludeAzure { } export interface ZeroTrustAccessGroupIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface ZeroTrustAccessGroupIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface ZeroTrustAccessGroupIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessGroupIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface ZeroTrustAccessGroupIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessGroupRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.ZeroTrustAccessGroupRequireAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.ZeroTrustAccessGroupRequireAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: outputs.ZeroTrustAccessGroupRequireExternalEvaluation[]; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.ZeroTrustAccessGroupRequireGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.ZeroTrustAccessGroupRequireGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.ZeroTrustAccessGroupRequireOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.ZeroTrustAccessGroupRequireSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -6392,14 +7252,14 @@ export interface ZeroTrustAccessGroupRequireAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface ZeroTrustAccessGroupRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -6409,29 +7269,65 @@ export interface ZeroTrustAccessGroupRequireAzure { } export interface ZeroTrustAccessGroupRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface ZeroTrustAccessGroupRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface ZeroTrustAccessGroupRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessGroupRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface ZeroTrustAccessGroupRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } @@ -6535,37 +7431,94 @@ export interface ZeroTrustAccessPolicyApprovalGroup { } export interface ZeroTrustAccessPolicyExclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.ZeroTrustAccessPolicyExcludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.ZeroTrustAccessPolicyExcludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: outputs.ZeroTrustAccessPolicyExcludeExternalEvaluation[]; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.ZeroTrustAccessPolicyExcludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.ZeroTrustAccessPolicyExcludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.ZeroTrustAccessPolicyExcludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.ZeroTrustAccessPolicyExcludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -6579,14 +7532,14 @@ export interface ZeroTrustAccessPolicyExcludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface ZeroTrustAccessPolicyExcludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -6596,64 +7549,157 @@ export interface ZeroTrustAccessPolicyExcludeAzure { } export interface ZeroTrustAccessPolicyExcludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface ZeroTrustAccessPolicyExcludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface ZeroTrustAccessPolicyExcludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessPolicyExcludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface ZeroTrustAccessPolicyExcludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessPolicyInclude { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.ZeroTrustAccessPolicyIncludeAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.ZeroTrustAccessPolicyIncludeAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: outputs.ZeroTrustAccessPolicyIncludeExternalEvaluation[]; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.ZeroTrustAccessPolicyIncludeGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.ZeroTrustAccessPolicyIncludeGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.ZeroTrustAccessPolicyIncludeOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.ZeroTrustAccessPolicyIncludeSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -6667,14 +7713,14 @@ export interface ZeroTrustAccessPolicyIncludeAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface ZeroTrustAccessPolicyIncludeAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -6684,64 +7730,157 @@ export interface ZeroTrustAccessPolicyIncludeAzure { } export interface ZeroTrustAccessPolicyIncludeExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface ZeroTrustAccessPolicyIncludeGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface ZeroTrustAccessPolicyIncludeGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessPolicyIncludeOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface ZeroTrustAccessPolicyIncludeSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessPolicyRequire { + /** + * Matches any valid Access service token. + */ anyValidServiceToken?: boolean; authContexts?: outputs.ZeroTrustAccessPolicyRequireAuthContext[]; + /** + * The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + */ authMethod?: string; + /** + * Matches an Azure group. Requires an Azure identity provider. + */ azures?: outputs.ZeroTrustAccessPolicyRequireAzure[]; + /** + * Matches any valid client certificate. + */ certificate?: boolean; + /** + * Matches a valid client certificate common name. + */ commonName?: string; /** * Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. */ commonNames?: string[]; + /** + * The ID of a device posture integration. + */ devicePostures?: string[]; + /** + * The email domain to match. + */ emailDomains?: string[]; + /** + * The ID of a previously created email list. + */ emailLists?: string[]; + /** + * The email of the user. + */ emails?: string[]; + /** + * Matches everyone. + */ everyone?: boolean; + /** + * Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + */ externalEvaluations?: outputs.ZeroTrustAccessPolicyRequireExternalEvaluation[]; + /** + * Matches a specific country. + */ geos?: string[]; + /** + * Matches a Github organization. Requires a Github identity provider. + */ githubs?: outputs.ZeroTrustAccessPolicyRequireGithub[]; + /** + * The ID of a previously created Access group. + */ groups?: string[]; + /** + * Matches a group in Google Workspace. Requires a Google Workspace identity provider. + */ gsuites?: outputs.ZeroTrustAccessPolicyRequireGsuite[]; /** - * The ID of an existing IP list to reference. + * The ID of a previously created IP list. */ ipLists?: string[]; /** * An IPv4 or IPv6 CIDR block. */ ips?: string[]; + /** + * The ID of a configured identity provider. + */ loginMethods?: string[]; + /** + * Matches an Okta group. Requires an Okta identity provider. + */ oktas?: outputs.ZeroTrustAccessPolicyRequireOkta[]; + /** + * Matches a SAML group. Requires a SAML identity provider. + */ samls?: outputs.ZeroTrustAccessPolicyRequireSaml[]; + /** + * The ID of an Access service token. + */ serviceTokens?: string[]; } @@ -6755,14 +7894,14 @@ export interface ZeroTrustAccessPolicyRequireAuthContext { */ id: string; /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId: string; } export interface ZeroTrustAccessPolicyRequireAzure { /** - * The ID of the Azure Identity provider. + * The ID of the Azure identity provider. */ identityProviderId?: string; /** @@ -6772,29 +7911,65 @@ export interface ZeroTrustAccessPolicyRequireAzure { } export interface ZeroTrustAccessPolicyRequireExternalEvaluation { + /** + * The API endpoint containing your business logic. + */ evaluateUrl?: string; + /** + * The API endpoint containing the key that Access uses to verify that the response came from your API. + */ keysUrl?: string; } export interface ZeroTrustAccessPolicyRequireGithub { + /** + * The ID of your Github identity provider. + */ identityProviderId?: string; + /** + * The name of the organization. + */ name?: string; + /** + * The teams that should be matched. + */ teams?: string[]; } export interface ZeroTrustAccessPolicyRequireGsuite { + /** + * The email of the Google Workspace group. + */ emails?: string[]; + /** + * The ID of your Google Workspace identity provider. + */ identityProviderId?: string; } export interface ZeroTrustAccessPolicyRequireOkta { + /** + * The ID of your Okta identity provider. + */ identityProviderId?: string; + /** + * The name of the Okta Group. + */ names?: string[]; } export interface ZeroTrustAccessPolicyRequireSaml { + /** + * The name of the SAML attribute. + */ attributeName?: string; + /** + * The SAML attribute value to look for. + */ attributeValue?: string; + /** + * The ID of your SAML identity provider. + */ identityProviderId?: string; } @@ -6882,7 +8057,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ domain?: string; /** - * The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + * The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. */ eidLastSeen?: string; /** @@ -6894,7 +8069,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ exists: boolean; /** - * List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + * List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. */ extendedKeyUsages?: string[]; /** @@ -6918,7 +8093,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ lastSeen?: string; /** - * List of locations to check for client certificate. + * List of operating system locations to check for a client certificate.. */ locations?: outputs.ZeroTrustDevicePostureRuleInputLocation[]; /** @@ -6990,7 +8165,7 @@ export interface ZeroTrustDevicePostureRuleInput { */ version?: string; /** - * The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + * The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. */ versionOperator?: string; } @@ -7001,7 +8176,7 @@ export interface ZeroTrustDevicePostureRuleInputLocation { */ paths?: string[]; /** - * List of trust stores to check for client certificate rule. Available values: `system`, `user` + * List of trust stores to check for client certificate rule. Available values: `system`, `user`. */ trustStores?: string[]; } @@ -7392,6 +8567,13 @@ export interface ZeroTrustGatewaySettingsBodyScanning { inspectionMode: string; } +export interface ZeroTrustGatewaySettingsCertificate { + /** + * ID of certificate for TLS interception. + */ + id: string; +} + export interface ZeroTrustGatewaySettingsCustomCertificate { /** * Whether TLS encryption should use a custom certificate. @@ -7477,7 +8659,7 @@ export interface ZeroTrustGatewaySettingsPayloadLog { export interface ZeroTrustGatewaySettingsProxy { /** - * Sets the time limit in seconds that a user can use an override code to bypass WARP + * Sets the time limit in seconds that a user can use an override code to bypass WARP. */ disableForTime: number; /** @@ -7855,6 +9037,7 @@ export interface ZoneSettingsOverrideInitialSetting { privacyPass: string; proxyReadTimeout: string; pseudoIpv4: string; + replaceInsecureJs: string; responseBuffering: string; rocketLoader: string; securityHeader: outputs.ZoneSettingsOverrideInitialSettingSecurityHeader; @@ -7945,6 +9128,7 @@ export interface ZoneSettingsOverrideSettings { privacyPass: string; proxyReadTimeout: string; pseudoIpv4: string; + replaceInsecureJs: string; responseBuffering: string; rocketLoader: string; securityHeader: outputs.ZoneSettingsOverrideSettingsSecurityHeader; diff --git a/sdk/nodejs/waitingRoom.ts b/sdk/nodejs/waitingRoom.ts index 3508f5dc5..db7c6c2ec 100644 --- a/sdk/nodejs/waitingRoom.ts +++ b/sdk/nodejs/waitingRoom.ts @@ -34,6 +34,7 @@ import * as utilities from "./utilities"; * }, * ], * queueingStatusCode: 200, + * enabledOriginCommands: ["revoke"], * }); * ``` * @@ -98,7 +99,7 @@ export class WaitingRoom extends pulumi.CustomResource { */ public readonly disableSessionRenewal!: pulumi.Output; /** - * The list of enabled origin commands for the waiting room. Available values: `revoke` + * The list of enabled origin commands for the waiting room. Available values: `revoke`. */ public readonly enabledOriginCommands!: pulumi.Output; /** @@ -253,7 +254,7 @@ export interface WaitingRoomState { */ disableSessionRenewal?: pulumi.Input; /** - * The list of enabled origin commands for the waiting room. Available values: `revoke` + * The list of enabled origin commands for the waiting room. Available values: `revoke`. */ enabledOriginCommands?: pulumi.Input[]>; /** @@ -335,7 +336,7 @@ export interface WaitingRoomArgs { */ disableSessionRenewal?: pulumi.Input; /** - * The list of enabled origin commands for the waiting room. Available values: `revoke` + * The list of enabled origin commands for the waiting room. Available values: `revoke`. */ enabledOriginCommands?: pulumi.Input[]>; /** diff --git a/sdk/nodejs/workerScript.ts b/sdk/nodejs/workerScript.ts index 023f9224f..3daa94595 100644 --- a/sdk/nodejs/workerScript.ts +++ b/sdk/nodejs/workerScript.ts @@ -117,6 +117,7 @@ export class WorkerScript extends pulumi.CustomResource { * Name of the Workers for Platforms dispatch namespace. */ public readonly dispatchNamespace!: pulumi.Output; + public readonly hyperdriveConfigBindings!: pulumi.Output; public readonly kvNamespaceBindings!: pulumi.Output; /** * Enabling allows Worker events to be sent to a defined Logpush destination. @@ -159,6 +160,7 @@ export class WorkerScript extends pulumi.CustomResource { resourceInputs["content"] = state ? state.content : undefined; resourceInputs["d1DatabaseBindings"] = state ? state.d1DatabaseBindings : undefined; resourceInputs["dispatchNamespace"] = state ? state.dispatchNamespace : undefined; + resourceInputs["hyperdriveConfigBindings"] = state ? state.hyperdriveConfigBindings : undefined; resourceInputs["kvNamespaceBindings"] = state ? state.kvNamespaceBindings : undefined; resourceInputs["logpush"] = state ? state.logpush : undefined; resourceInputs["module"] = state ? state.module : undefined; @@ -189,6 +191,7 @@ export class WorkerScript extends pulumi.CustomResource { resourceInputs["content"] = args ? args.content : undefined; resourceInputs["d1DatabaseBindings"] = args ? args.d1DatabaseBindings : undefined; resourceInputs["dispatchNamespace"] = args ? args.dispatchNamespace : undefined; + resourceInputs["hyperdriveConfigBindings"] = args ? args.hyperdriveConfigBindings : undefined; resourceInputs["kvNamespaceBindings"] = args ? args.kvNamespaceBindings : undefined; resourceInputs["logpush"] = args ? args.logpush : undefined; resourceInputs["module"] = args ? args.module : undefined; @@ -233,6 +236,7 @@ export interface WorkerScriptState { * Name of the Workers for Platforms dispatch namespace. */ dispatchNamespace?: pulumi.Input; + hyperdriveConfigBindings?: pulumi.Input[]>; kvNamespaceBindings?: pulumi.Input[]>; /** * Enabling allows Worker events to be sent to a defined Logpush destination. @@ -282,6 +286,7 @@ export interface WorkerScriptArgs { * Name of the Workers for Platforms dispatch namespace. */ dispatchNamespace?: pulumi.Input; + hyperdriveConfigBindings?: pulumi.Input[]>; kvNamespaceBindings?: pulumi.Input[]>; /** * Enabling allows Worker events to be sent to a defined Logpush destination. diff --git a/sdk/nodejs/workersScript.ts b/sdk/nodejs/workersScript.ts index ea89d7371..876750e1f 100644 --- a/sdk/nodejs/workersScript.ts +++ b/sdk/nodejs/workersScript.ts @@ -117,6 +117,7 @@ export class WorkersScript extends pulumi.CustomResource { * Name of the Workers for Platforms dispatch namespace. */ public readonly dispatchNamespace!: pulumi.Output; + public readonly hyperdriveConfigBindings!: pulumi.Output; public readonly kvNamespaceBindings!: pulumi.Output; /** * Enabling allows Worker events to be sent to a defined Logpush destination. @@ -159,6 +160,7 @@ export class WorkersScript extends pulumi.CustomResource { resourceInputs["content"] = state ? state.content : undefined; resourceInputs["d1DatabaseBindings"] = state ? state.d1DatabaseBindings : undefined; resourceInputs["dispatchNamespace"] = state ? state.dispatchNamespace : undefined; + resourceInputs["hyperdriveConfigBindings"] = state ? state.hyperdriveConfigBindings : undefined; resourceInputs["kvNamespaceBindings"] = state ? state.kvNamespaceBindings : undefined; resourceInputs["logpush"] = state ? state.logpush : undefined; resourceInputs["module"] = state ? state.module : undefined; @@ -189,6 +191,7 @@ export class WorkersScript extends pulumi.CustomResource { resourceInputs["content"] = args ? args.content : undefined; resourceInputs["d1DatabaseBindings"] = args ? args.d1DatabaseBindings : undefined; resourceInputs["dispatchNamespace"] = args ? args.dispatchNamespace : undefined; + resourceInputs["hyperdriveConfigBindings"] = args ? args.hyperdriveConfigBindings : undefined; resourceInputs["kvNamespaceBindings"] = args ? args.kvNamespaceBindings : undefined; resourceInputs["logpush"] = args ? args.logpush : undefined; resourceInputs["module"] = args ? args.module : undefined; @@ -233,6 +236,7 @@ export interface WorkersScriptState { * Name of the Workers for Platforms dispatch namespace. */ dispatchNamespace?: pulumi.Input; + hyperdriveConfigBindings?: pulumi.Input[]>; kvNamespaceBindings?: pulumi.Input[]>; /** * Enabling allows Worker events to be sent to a defined Logpush destination. @@ -282,6 +286,7 @@ export interface WorkersScriptArgs { * Name of the Workers for Platforms dispatch namespace. */ dispatchNamespace?: pulumi.Input; + hyperdriveConfigBindings?: pulumi.Input[]>; kvNamespaceBindings?: pulumi.Input[]>; /** * Enabling allows Worker events to be sent to a defined Logpush destination. diff --git a/sdk/nodejs/zeroTrustAccessPolicy.ts b/sdk/nodejs/zeroTrustAccessPolicy.ts index a13b555f9..77ddcc50c 100644 --- a/sdk/nodejs/zeroTrustAccessPolicy.ts +++ b/sdk/nodejs/zeroTrustAccessPolicy.ts @@ -54,7 +54,7 @@ export class ZeroTrustAccessPolicy extends pulumi.CustomResource { } /** - * The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zoneId`. */ public readonly accountId!: pulumi.Output; /** @@ -104,7 +104,7 @@ export class ZeroTrustAccessPolicy extends pulumi.CustomResource { */ public readonly sessionDuration!: pulumi.Output; /** - * The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `accountId`. */ public readonly zoneId!: pulumi.Output; @@ -173,7 +173,7 @@ export class ZeroTrustAccessPolicy extends pulumi.CustomResource { */ export interface ZeroTrustAccessPolicyState { /** - * The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zoneId`. */ accountId?: pulumi.Input; /** @@ -223,7 +223,7 @@ export interface ZeroTrustAccessPolicyState { */ sessionDuration?: pulumi.Input; /** - * The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `accountId`. */ zoneId?: pulumi.Input; } @@ -233,7 +233,7 @@ export interface ZeroTrustAccessPolicyState { */ export interface ZeroTrustAccessPolicyArgs { /** - * The account identifier to target for the resource. Conflicts with `zoneId`. **Modifying this attribute will force creation of a new resource.** + * The account identifier to target for the resource. Conflicts with `zoneId`. */ accountId?: pulumi.Input; /** @@ -283,7 +283,7 @@ export interface ZeroTrustAccessPolicyArgs { */ sessionDuration?: pulumi.Input; /** - * The zone identifier to target for the resource. Conflicts with `accountId`. **Modifying this attribute will force creation of a new resource.** + * The zone identifier to target for the resource. Conflicts with `accountId`. */ zoneId?: pulumi.Input; } diff --git a/sdk/nodejs/zeroTrustDevicePostureRule.ts b/sdk/nodejs/zeroTrustDevicePostureRule.ts index 1e0c2c0ac..f77498189 100644 --- a/sdk/nodejs/zeroTrustDevicePostureRule.ts +++ b/sdk/nodejs/zeroTrustDevicePostureRule.ts @@ -96,7 +96,7 @@ export class ZeroTrustDevicePostureRule extends pulumi.CustomResource { */ public readonly schedule!: pulumi.Output; /** - * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. */ public readonly type!: pulumi.Output; @@ -173,7 +173,7 @@ export interface ZeroTrustDevicePostureRuleState { */ schedule?: pulumi.Input; /** - * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. */ type?: pulumi.Input; } @@ -208,7 +208,7 @@ export interface ZeroTrustDevicePostureRuleArgs { */ schedule?: pulumi.Input; /** - * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. + * The device posture rule type. Available values: `serialNumber`, `file`, `application`, `gateway`, `warp`, `domainJoined`, `osVersion`, `diskEncryption`, `firewall`, `clientCertificate`, `clientCertificateV2`, `workspaceOne`, `uniqueClientId`, `crowdstrikeS2s`, `sentinelone`, `kolide`, `taniumS2s`, `intune`, `sentineloneS2s`. */ type: pulumi.Input; } diff --git a/sdk/nodejs/zeroTrustDeviceProfiles.ts b/sdk/nodejs/zeroTrustDeviceProfiles.ts index 2f4eaab17..13467a2ec 100644 --- a/sdk/nodejs/zeroTrustDeviceProfiles.ts +++ b/sdk/nodejs/zeroTrustDeviceProfiles.ts @@ -144,7 +144,7 @@ export class ZeroTrustDeviceProfiles extends pulumi.CustomResource { */ public readonly switchLocked!: pulumi.Output; /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. */ public readonly tunnelProtocol!: pulumi.Output; @@ -293,7 +293,7 @@ export interface ZeroTrustDeviceProfilesState { */ switchLocked?: pulumi.Input; /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. */ tunnelProtocol?: pulumi.Input; } @@ -375,7 +375,7 @@ export interface ZeroTrustDeviceProfilesArgs { */ switchLocked?: pulumi.Input; /** - * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + * Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. */ tunnelProtocol?: pulumi.Input; } diff --git a/sdk/nodejs/zeroTrustGatewayCertificate.ts b/sdk/nodejs/zeroTrustGatewayCertificate.ts new file mode 100644 index 000000000..e5524c3ea --- /dev/null +++ b/sdk/nodejs/zeroTrustGatewayCertificate.ts @@ -0,0 +1,180 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can + * be specified for Gateway TLS interception and block pages. + */ +export class ZeroTrustGatewayCertificate extends pulumi.CustomResource { + /** + * Get an existing ZeroTrustGatewayCertificate resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: ZeroTrustGatewayCertificateState, opts?: pulumi.CustomResourceOptions): ZeroTrustGatewayCertificate { + return new ZeroTrustGatewayCertificate(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate'; + + /** + * Returns true if the given object is an instance of ZeroTrustGatewayCertificate. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ZeroTrustGatewayCertificate { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ZeroTrustGatewayCertificate.__pulumiType; + } + + /** + * The account identifier to target for the resource. + */ + public readonly accountId!: pulumi.Output; + /** + * Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + */ + public readonly activate!: pulumi.Output; + /** + * The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + */ + public /*out*/ readonly bindingStatus!: pulumi.Output; + public /*out*/ readonly createdAt!: pulumi.Output; + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + */ + public readonly custom!: pulumi.Output; + public /*out*/ readonly expiresOn!: pulumi.Output; + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + */ + public readonly gatewayManaged!: pulumi.Output; + /** + * Whether the certificate is in use by Gateway for TLS interception and the block page. + */ + public /*out*/ readonly inUse!: pulumi.Output; + public /*out*/ readonly qsPackId!: pulumi.Output; + public /*out*/ readonly uploadedOn!: pulumi.Output; + /** + * Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + */ + public readonly validityPeriodDays!: pulumi.Output; + + /** + * Create a ZeroTrustGatewayCertificate resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ZeroTrustGatewayCertificateArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: ZeroTrustGatewayCertificateArgs | ZeroTrustGatewayCertificateState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as ZeroTrustGatewayCertificateState | undefined; + resourceInputs["accountId"] = state ? state.accountId : undefined; + resourceInputs["activate"] = state ? state.activate : undefined; + resourceInputs["bindingStatus"] = state ? state.bindingStatus : undefined; + resourceInputs["createdAt"] = state ? state.createdAt : undefined; + resourceInputs["custom"] = state ? state.custom : undefined; + resourceInputs["expiresOn"] = state ? state.expiresOn : undefined; + resourceInputs["gatewayManaged"] = state ? state.gatewayManaged : undefined; + resourceInputs["inUse"] = state ? state.inUse : undefined; + resourceInputs["qsPackId"] = state ? state.qsPackId : undefined; + resourceInputs["uploadedOn"] = state ? state.uploadedOn : undefined; + resourceInputs["validityPeriodDays"] = state ? state.validityPeriodDays : undefined; + } else { + const args = argsOrState as ZeroTrustGatewayCertificateArgs | undefined; + if ((!args || args.accountId === undefined) && !opts.urn) { + throw new Error("Missing required property 'accountId'"); + } + resourceInputs["accountId"] = args ? args.accountId : undefined; + resourceInputs["activate"] = args ? args.activate : undefined; + resourceInputs["custom"] = args ? args.custom : undefined; + resourceInputs["gatewayManaged"] = args ? args.gatewayManaged : undefined; + resourceInputs["validityPeriodDays"] = args ? args.validityPeriodDays : undefined; + resourceInputs["bindingStatus"] = undefined /*out*/; + resourceInputs["createdAt"] = undefined /*out*/; + resourceInputs["expiresOn"] = undefined /*out*/; + resourceInputs["inUse"] = undefined /*out*/; + resourceInputs["qsPackId"] = undefined /*out*/; + resourceInputs["uploadedOn"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(ZeroTrustGatewayCertificate.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering ZeroTrustGatewayCertificate resources. + */ +export interface ZeroTrustGatewayCertificateState { + /** + * The account identifier to target for the resource. + */ + accountId?: pulumi.Input; + /** + * Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + */ + activate?: pulumi.Input; + /** + * The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + */ + bindingStatus?: pulumi.Input; + createdAt?: pulumi.Input; + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + */ + custom?: pulumi.Input; + expiresOn?: pulumi.Input; + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + */ + gatewayManaged?: pulumi.Input; + /** + * Whether the certificate is in use by Gateway for TLS interception and the block page. + */ + inUse?: pulumi.Input; + qsPackId?: pulumi.Input; + uploadedOn?: pulumi.Input; + /** + * Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + */ + validityPeriodDays?: pulumi.Input; +} + +/** + * The set of arguments for constructing a ZeroTrustGatewayCertificate resource. + */ +export interface ZeroTrustGatewayCertificateArgs { + /** + * The account identifier to target for the resource. + */ + accountId: pulumi.Input; + /** + * Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + */ + activate?: pulumi.Input; + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + */ + custom?: pulumi.Input; + /** + * The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gatewayManaged`. + */ + gatewayManaged?: pulumi.Input; + /** + * Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gatewayManaged`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + */ + validityPeriodDays?: pulumi.Input; +} diff --git a/sdk/nodejs/zeroTrustGatewaySettings.ts b/sdk/nodejs/zeroTrustGatewaySettings.ts index e447e9896..bff151dd6 100644 --- a/sdk/nodejs/zeroTrustGatewaySettings.ts +++ b/sdk/nodejs/zeroTrustGatewaySettings.ts @@ -47,6 +47,7 @@ import * as utilities from "./utilities"; * udp: true, * rootCa: true, * virtualIp: false, + * disableForTime: 3600, * }, * urlBrowserIsolationEnabled: true, * logging: { @@ -127,7 +128,13 @@ export class ZeroTrustGatewaySettings extends pulumi.CustomResource { */ public readonly bodyScanning!: pulumi.Output; /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. + */ + public readonly certificate!: pulumi.Output; + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. */ public readonly customCertificate!: pulumi.Output; /** @@ -186,6 +193,7 @@ export class ZeroTrustGatewaySettings extends pulumi.CustomResource { resourceInputs["antivirus"] = state ? state.antivirus : undefined; resourceInputs["blockPage"] = state ? state.blockPage : undefined; resourceInputs["bodyScanning"] = state ? state.bodyScanning : undefined; + resourceInputs["certificate"] = state ? state.certificate : undefined; resourceInputs["customCertificate"] = state ? state.customCertificate : undefined; resourceInputs["extendedEmailMatching"] = state ? state.extendedEmailMatching : undefined; resourceInputs["fips"] = state ? state.fips : undefined; @@ -207,6 +215,7 @@ export class ZeroTrustGatewaySettings extends pulumi.CustomResource { resourceInputs["antivirus"] = args ? args.antivirus : undefined; resourceInputs["blockPage"] = args ? args.blockPage : undefined; resourceInputs["bodyScanning"] = args ? args.bodyScanning : undefined; + resourceInputs["certificate"] = args ? args.certificate : undefined; resourceInputs["customCertificate"] = args ? args.customCertificate : undefined; resourceInputs["extendedEmailMatching"] = args ? args.extendedEmailMatching : undefined; resourceInputs["fips"] = args ? args.fips : undefined; @@ -249,7 +258,13 @@ export interface ZeroTrustGatewaySettingsState { */ bodyScanning?: pulumi.Input; /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. + */ + certificate?: pulumi.Input; + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. */ customCertificate?: pulumi.Input; /** @@ -316,7 +331,13 @@ export interface ZeroTrustGatewaySettingsArgs { */ bodyScanning?: pulumi.Input; /** - * Configuration for custom certificates / BYO-PKI. + * Configuration for TLS interception certificate. This will be required starting Feb 2025. + */ + certificate?: pulumi.Input; + /** + * Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. + * + * @deprecated Use `certificate` instead. Continuing to use customCertificate may result in inconsistent configuration. */ customCertificate?: pulumi.Input; /** diff --git a/sdk/nodejs/zeroTrustRiskScoreIntegration.ts b/sdk/nodejs/zeroTrustRiskScoreIntegration.ts index 22b02af49..f6143601e 100644 --- a/sdk/nodejs/zeroTrustRiskScoreIntegration.ts +++ b/sdk/nodejs/zeroTrustRiskScoreIntegration.ts @@ -4,6 +4,9 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "./utilities"; +/** + * The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta. + */ export class ZeroTrustRiskScoreIntegration extends pulumi.CustomResource { /** * Get an existing ZeroTrustRiskScoreIntegration resource's state with the given name, ID, and optional extra @@ -41,14 +44,11 @@ export class ZeroTrustRiskScoreIntegration extends pulumi.CustomResource { */ public readonly active!: pulumi.Output; /** - * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body */ public readonly integrationType!: pulumi.Output; /** - * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider */ public readonly referenceId!: pulumi.Output; /** @@ -56,8 +56,7 @@ export class ZeroTrustRiskScoreIntegration extends pulumi.CustomResource { */ public readonly tenantUrl!: pulumi.Output; /** - * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 */ public /*out*/ readonly wellKnownUrl!: pulumi.Output; @@ -116,14 +115,11 @@ export interface ZeroTrustRiskScoreIntegrationState { */ active?: pulumi.Input; /** - * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body */ integrationType?: pulumi.Input; /** - * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider */ referenceId?: pulumi.Input; /** @@ -131,8 +127,7 @@ export interface ZeroTrustRiskScoreIntegrationState { */ tenantUrl?: pulumi.Input; /** - * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - * https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + * The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 */ wellKnownUrl?: pulumi.Input; } @@ -150,14 +145,11 @@ export interface ZeroTrustRiskScoreIntegrationArgs { */ active?: pulumi.Input; /** - * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - * https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + * The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body */ integrationType: pulumi.Input; /** - * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - * omitted, a random UUIDv4 is used. - * https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + * A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider */ referenceId?: pulumi.Input; /** diff --git a/sdk/python/pulumi_cloudflare/__init__.py b/sdk/python/pulumi_cloudflare/__init__.py index a8bb711af..e7f3d9b94 100644 --- a/sdk/python/pulumi_cloudflare/__init__.py +++ b/sdk/python/pulumi_cloudflare/__init__.py @@ -177,6 +177,7 @@ from .zero_trust_dex_test import * from .zero_trust_dlp_profile import * from .zero_trust_dns_location import * +from .zero_trust_gateway_certificate import * from .zero_trust_gateway_policy import * from .zero_trust_gateway_proxy_endpoint import * from .zero_trust_gateway_settings import * @@ -1338,6 +1339,14 @@ "cloudflare:index/zeroTrustDnsLocation:ZeroTrustDnsLocation": "ZeroTrustDnsLocation" } }, + { + "pkg": "cloudflare", + "mod": "index/zeroTrustGatewayCertificate", + "fqn": "pulumi_cloudflare", + "classes": { + "cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate": "ZeroTrustGatewayCertificate" + } + }, { "pkg": "cloudflare", "mod": "index/zeroTrustGatewayPolicy", diff --git a/sdk/python/pulumi_cloudflare/_inputs.py b/sdk/python/pulumi_cloudflare/_inputs.py index 71486d019..f7008713f 100644 --- a/sdk/python/pulumi_cloudflare/_inputs.py +++ b/sdk/python/pulumi_cloudflare/_inputs.py @@ -188,6 +188,7 @@ 'RulesetRuleActionParametersCacheKeyCustomKeyHostArgs', 'RulesetRuleActionParametersCacheKeyCustomKeyQueryStringArgs', 'RulesetRuleActionParametersCacheKeyCustomKeyUserArgs', + 'RulesetRuleActionParametersCacheReserveArgs', 'RulesetRuleActionParametersEdgeTtlArgs', 'RulesetRuleActionParametersEdgeTtlStatusCodeTtlArgs', 'RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeArgs', @@ -218,6 +219,7 @@ 'TeamsAccountAntivirusNotificationSettingsArgs', 'TeamsAccountBlockPageArgs', 'TeamsAccountBodyScanningArgs', + 'TeamsAccountCertificateArgs', 'TeamsAccountCustomCertificateArgs', 'TeamsAccountExtendedEmailMatchingArgs', 'TeamsAccountFipsArgs', @@ -257,6 +259,7 @@ 'WaitingRoomRulesRuleArgs', 'WorkerScriptAnalyticsEngineBindingArgs', 'WorkerScriptD1DatabaseBindingArgs', + 'WorkerScriptHyperdriveConfigBindingArgs', 'WorkerScriptKvNamespaceBindingArgs', 'WorkerScriptPlacementArgs', 'WorkerScriptPlainTextBindingArgs', @@ -267,6 +270,7 @@ 'WorkerScriptWebassemblyBindingArgs', 'WorkersScriptAnalyticsEngineBindingArgs', 'WorkersScriptD1DatabaseBindingArgs', + 'WorkersScriptHyperdriveConfigBindingArgs', 'WorkersScriptKvNamespaceBindingArgs', 'WorkersScriptPlacementArgs', 'WorkersScriptPlainTextBindingArgs', @@ -370,6 +374,7 @@ 'ZeroTrustGatewaySettingsAntivirusNotificationSettingsArgs', 'ZeroTrustGatewaySettingsBlockPageArgs', 'ZeroTrustGatewaySettingsBodyScanningArgs', + 'ZeroTrustGatewaySettingsCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsExtendedEmailMatchingArgs', 'ZeroTrustGatewaySettingsFipsArgs', @@ -1755,9 +1760,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input['AccessGroupExcludeExternalEvaluationArgs'] external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -1809,6 +1833,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -1827,6 +1854,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Acce @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -1836,6 +1866,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -1845,6 +1878,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroup @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -1854,6 +1890,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -1875,6 +1914,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -1884,6 +1926,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -1893,6 +1938,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -1902,6 +1950,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -1911,6 +1962,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -1920,6 +1974,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional[pulumi.Input['AccessGroupExcludeExternalEvaluationArgs']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @external_evaluation.setter @@ -1929,6 +1986,9 @@ def external_evaluation(self, value: Optional[pulumi.Input['AccessGroupExcludeEx @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -1938,6 +1998,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -1947,6 +2010,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGrou @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -1956,6 +2022,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -1966,7 +2035,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGrou @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -1989,6 +2058,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -1998,6 +2070,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -2007,6 +2082,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupE @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupExcludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -2016,6 +2094,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupE @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -2032,7 +2113,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -2066,7 +2147,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2081,7 +2162,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -2093,7 +2174,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2119,6 +2200,10 @@ class AccessGroupExcludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -2127,6 +2212,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -2136,6 +2224,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -2149,6 +2240,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -2159,6 +2255,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2168,6 +2267,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -2177,6 +2279,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -2189,6 +2294,10 @@ class AccessGroupExcludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -2197,6 +2306,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -2206,6 +2318,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2218,6 +2333,10 @@ class AccessGroupExcludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -2226,6 +2345,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2235,6 +2357,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -2248,6 +2373,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -2258,6 +2388,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -2267,6 +2400,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -2276,6 +2412,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2310,9 +2449,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input['AccessGroupIncludeExternalEvaluationArgs'] external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -2364,6 +2522,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -2382,6 +2543,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Acce @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -2391,6 +2555,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -2400,6 +2567,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroup @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -2409,6 +2579,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -2430,6 +2603,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -2439,6 +2615,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -2448,6 +2627,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -2457,6 +2639,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -2466,6 +2651,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -2475,6 +2663,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional[pulumi.Input['AccessGroupIncludeExternalEvaluationArgs']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @external_evaluation.setter @@ -2484,6 +2675,9 @@ def external_evaluation(self, value: Optional[pulumi.Input['AccessGroupIncludeEx @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -2493,6 +2687,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -2502,6 +2699,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGrou @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -2511,6 +2711,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -2521,7 +2724,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGrou @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -2544,6 +2747,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -2553,6 +2759,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -2562,6 +2771,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupI @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupIncludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -2571,6 +2783,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupI @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -2587,7 +2802,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -2621,7 +2836,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2636,7 +2851,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -2648,7 +2863,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2674,6 +2889,10 @@ class AccessGroupIncludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -2682,6 +2901,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -2691,6 +2913,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -2704,6 +2929,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -2714,6 +2944,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2723,6 +2956,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -2732,6 +2968,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -2744,6 +2983,10 @@ class AccessGroupIncludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -2752,6 +2995,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -2761,6 +3007,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2773,6 +3022,10 @@ class AccessGroupIncludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -2781,6 +3034,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2790,6 +3046,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -2803,6 +3062,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -2813,6 +3077,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -2822,6 +3089,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -2831,6 +3101,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -2865,9 +3138,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input['AccessGroupRequireExternalEvaluationArgs'] external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -2919,6 +3211,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -2937,6 +3232,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Acce @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -2946,6 +3244,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -2955,6 +3256,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroup @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -2964,6 +3268,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -2985,6 +3292,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -2994,6 +3304,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -3003,6 +3316,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -3012,6 +3328,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -3021,6 +3340,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -3030,6 +3352,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional[pulumi.Input['AccessGroupRequireExternalEvaluationArgs']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @external_evaluation.setter @@ -3039,6 +3364,9 @@ def external_evaluation(self, value: Optional[pulumi.Input['AccessGroupRequireEx @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -3048,6 +3376,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -3057,6 +3388,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGrou @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -3066,6 +3400,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -3076,7 +3413,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGrou @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -3099,6 +3436,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -3108,6 +3448,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -3117,6 +3460,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupR @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupRequireSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -3126,6 +3472,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessGroupR @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -3142,7 +3491,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -3176,7 +3525,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -3191,7 +3540,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -3203,7 +3552,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -3229,6 +3578,10 @@ class AccessGroupRequireExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -3237,6 +3590,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -3246,6 +3602,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -3259,6 +3618,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -3269,6 +3633,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -3278,6 +3645,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -3287,6 +3657,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -3299,6 +3672,10 @@ class AccessGroupRequireGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -3307,6 +3684,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -3316,6 +3696,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -3328,6 +3711,10 @@ class AccessGroupRequireOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -3336,6 +3723,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -3345,6 +3735,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -3358,6 +3751,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -3368,6 +3766,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -3377,6 +3778,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -3386,6 +3790,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -4044,9 +4451,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input['AccessPolicyExcludeExternalEvaluationArgs'] external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -4098,6 +4524,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -4116,6 +4545,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Acce @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -4125,6 +4557,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -4134,6 +4569,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolic @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -4143,6 +4581,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -4164,6 +4605,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -4173,6 +4617,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -4182,6 +4629,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -4191,6 +4641,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -4200,6 +4653,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -4209,6 +4665,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional[pulumi.Input['AccessPolicyExcludeExternalEvaluationArgs']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @external_evaluation.setter @@ -4218,6 +4677,9 @@ def external_evaluation(self, value: Optional[pulumi.Input['AccessPolicyExcludeE @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -4227,6 +4689,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -4236,6 +4701,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPoli @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -4245,6 +4713,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -4255,7 +4726,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPoli @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -4278,6 +4749,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -4287,6 +4761,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -4296,6 +4773,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicy @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -4305,6 +4785,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicy @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -4321,7 +4804,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -4355,7 +4838,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4370,7 +4853,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -4382,7 +4865,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4408,6 +4891,10 @@ class AccessPolicyExcludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -4416,6 +4903,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -4425,6 +4915,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -4438,6 +4931,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -4448,6 +4946,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -4457,6 +4958,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -4466,6 +4970,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -4478,6 +4985,10 @@ class AccessPolicyExcludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -4486,6 +4997,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -4495,6 +5009,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -4507,6 +5024,10 @@ class AccessPolicyExcludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -4515,6 +5036,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -4524,6 +5048,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -4537,6 +5064,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -4547,6 +5079,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -4556,6 +5091,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -4565,6 +5103,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -4599,9 +5140,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input['AccessPolicyIncludeExternalEvaluationArgs'] external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -4653,6 +5213,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -4671,6 +5234,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Acce @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -4680,6 +5246,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -4689,6 +5258,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolic @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -4698,6 +5270,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -4719,6 +5294,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -4728,6 +5306,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -4737,6 +5318,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -4746,6 +5330,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -4755,6 +5342,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -4764,6 +5354,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional[pulumi.Input['AccessPolicyIncludeExternalEvaluationArgs']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @external_evaluation.setter @@ -4773,6 +5366,9 @@ def external_evaluation(self, value: Optional[pulumi.Input['AccessPolicyIncludeE @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -4782,6 +5378,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -4791,6 +5390,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPoli @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -4800,6 +5402,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -4810,7 +5415,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPoli @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -4833,6 +5438,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -4842,6 +5450,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -4851,6 +5462,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicy @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -4860,6 +5474,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicy @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -4876,7 +5493,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -4910,7 +5527,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4925,7 +5542,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -4937,7 +5554,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4963,6 +5580,10 @@ class AccessPolicyIncludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -4971,6 +5592,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -4980,6 +5604,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -4993,6 +5620,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -5003,6 +5635,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5012,6 +5647,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -5021,6 +5659,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -5033,6 +5674,10 @@ class AccessPolicyIncludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -5041,6 +5686,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -5050,6 +5698,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5062,6 +5713,10 @@ class AccessPolicyIncludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -5070,6 +5725,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5079,6 +5737,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -5092,6 +5753,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -5102,6 +5768,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -5111,6 +5780,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -5120,6 +5792,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5154,9 +5829,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input['AccessPolicyRequireExternalEvaluationArgs'] external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -5208,6 +5902,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -5226,6 +5923,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Acce @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -5235,6 +5935,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -5244,6 +5947,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolic @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -5253,6 +5959,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -5274,6 +5983,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -5283,6 +5995,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -5292,6 +6007,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -5301,6 +6019,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -5310,6 +6031,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -5319,6 +6043,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional[pulumi.Input['AccessPolicyRequireExternalEvaluationArgs']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @external_evaluation.setter @@ -5328,6 +6055,9 @@ def external_evaluation(self, value: Optional[pulumi.Input['AccessPolicyRequireE @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -5337,6 +6067,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -5346,6 +6079,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPoli @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -5355,6 +6091,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -5365,7 +6104,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPoli @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -5388,6 +6127,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -5397,6 +6139,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -5406,6 +6151,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicy @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -5415,6 +6163,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicy @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -5431,7 +6182,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -5465,7 +6216,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -5480,7 +6231,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -5492,7 +6243,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -5518,6 +6269,10 @@ class AccessPolicyRequireExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -5526,6 +6281,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -5535,6 +6293,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -5548,6 +6309,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -5558,6 +6324,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5567,6 +6336,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -5576,6 +6348,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -5588,6 +6363,10 @@ class AccessPolicyRequireGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -5596,6 +6375,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -5605,6 +6387,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5617,6 +6402,10 @@ class AccessPolicyRequireOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -5625,6 +6414,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -5634,6 +6426,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -5647,6 +6442,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -5657,6 +6457,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -5666,6 +6469,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -5675,6 +6481,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -6927,7 +7736,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] is_active: True if SentinelOne device is active. :param pulumi.Input[str] issue_count: The number of issues for kolide. :param pulumi.Input[str] last_seen: The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. - :param pulumi.Input[Sequence[pulumi.Input['DevicePostureRuleInputLocationArgs']]] locations: List of locations to check for client certificate posture check. + :param pulumi.Input[Sequence[pulumi.Input['DevicePostureRuleInputLocationArgs']]] locations: List of operating system locations to check for a client certificate.. :param pulumi.Input[str] network_status: The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. :param pulumi.Input[str] operator: The version comparison operator. Available values: `>`, `>=`, `<`, `<=`, `==`. :param pulumi.Input[str] os: OS signal score from Crowdstrike. Value must be between 1 and 100. @@ -6945,7 +7754,7 @@ def __init__(__self__, *, :param pulumi.Input[str] thumbprint: The thumbprint of the file certificate. :param pulumi.Input[int] total_score: The total score from Tanium. :param pulumi.Input[str] version: The operating system semantic version. - :param pulumi.Input[str] version_operator: The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + :param pulumi.Input[str] version_operator: The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ if active_threats is not None: pulumi.set(__self__, "active_threats", active_threats) @@ -7242,7 +8051,7 @@ def last_seen(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def locations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['DevicePostureRuleInputLocationArgs']]]]: """ - List of locations to check for client certificate posture check. + List of operating system locations to check for a client certificate.. """ return pulumi.get(self, "locations") @@ -7458,7 +8267,7 @@ def version(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="versionOperator") def version_operator(self) -> Optional[pulumi.Input[str]]: """ - The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ return pulumi.get(self, "version_operator") @@ -7473,8 +8282,8 @@ def __init__(__self__, *, paths: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, trust_stores: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[Sequence[pulumi.Input[str]]] paths: List of paths to check for client certificate. - :param pulumi.Input[Sequence[pulumi.Input[str]]] trust_stores: List of trust stores to check for client certificate. Available values: `system`, `user`. + :param pulumi.Input[Sequence[pulumi.Input[str]]] paths: List of paths to check for client certificate rule. + :param pulumi.Input[Sequence[pulumi.Input[str]]] trust_stores: List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ if paths is not None: pulumi.set(__self__, "paths", paths) @@ -7485,7 +8294,7 @@ def __init__(__self__, *, @pulumi.getter def paths(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - List of paths to check for client certificate. + List of paths to check for client certificate rule. """ return pulumi.get(self, "paths") @@ -7497,7 +8306,7 @@ def paths(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @pulumi.getter(name="trustStores") def trust_stores(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - List of trust stores to check for client certificate. Available values: `system`, `user`. + List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ return pulumi.get(self, "trust_stores") @@ -13722,6 +14531,7 @@ def __init__(__self__, *, browser_ttl: Optional[pulumi.Input['RulesetRuleActionParametersBrowserTtlArgs']] = None, cache: Optional[pulumi.Input[bool]] = None, cache_key: Optional[pulumi.Input['RulesetRuleActionParametersCacheKeyArgs']] = None, + cache_reserve: Optional[pulumi.Input['RulesetRuleActionParametersCacheReserveArgs']] = None, content: Optional[pulumi.Input[str]] = None, content_type: Optional[pulumi.Input[str]] = None, cookie_fields: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, @@ -13776,6 +14586,7 @@ def __init__(__self__, *, :param pulumi.Input['RulesetRuleActionParametersBrowserTtlArgs'] browser_ttl: List of browser TTL parameters to apply to the request. :param pulumi.Input[bool] cache: Whether to cache if expression matches. :param pulumi.Input['RulesetRuleActionParametersCacheKeyArgs'] cache_key: List of cache key parameters to apply to the request. + :param pulumi.Input['RulesetRuleActionParametersCacheReserveArgs'] cache_reserve: List of cache reserve parameters to apply to the request. :param pulumi.Input[str] content: Content of the custom error response. :param pulumi.Input[str] content_type: Content-Type of the custom error response. :param pulumi.Input[Sequence[pulumi.Input[str]]] cookie_fields: List of cookie values to include as part of custom fields logging. @@ -13837,6 +14648,8 @@ def __init__(__self__, *, pulumi.set(__self__, "cache", cache) if cache_key is not None: pulumi.set(__self__, "cache_key", cache_key) + if cache_reserve is not None: + pulumi.set(__self__, "cache_reserve", cache_reserve) if content is not None: pulumi.set(__self__, "content", content) if content_type is not None: @@ -14024,6 +14837,18 @@ def cache_key(self) -> Optional[pulumi.Input['RulesetRuleActionParametersCacheKe def cache_key(self, value: Optional[pulumi.Input['RulesetRuleActionParametersCacheKeyArgs']]): pulumi.set(self, "cache_key", value) + @property + @pulumi.getter(name="cacheReserve") + def cache_reserve(self) -> Optional[pulumi.Input['RulesetRuleActionParametersCacheReserveArgs']]: + """ + List of cache reserve parameters to apply to the request. + """ + return pulumi.get(self, "cache_reserve") + + @cache_reserve.setter + def cache_reserve(self, value: Optional[pulumi.Input['RulesetRuleActionParametersCacheReserveArgs']]): + pulumi.set(self, "cache_reserve", value) + @property @pulumi.getter def content(self) -> Optional[pulumi.Input[str]]: @@ -15062,6 +15887,44 @@ def lang(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "lang", value) +@pulumi.input_type +class RulesetRuleActionParametersCacheReserveArgs: + def __init__(__self__, *, + eligible: pulumi.Input[bool], + minimum_file_size: Optional[pulumi.Input[int]] = None): + """ + :param pulumi.Input[bool] eligible: Determines whether Cloudflare will write the eligible resource to cache reserve. + :param pulumi.Input[int] minimum_file_size: The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + """ + pulumi.set(__self__, "eligible", eligible) + if minimum_file_size is not None: + pulumi.set(__self__, "minimum_file_size", minimum_file_size) + + @property + @pulumi.getter + def eligible(self) -> pulumi.Input[bool]: + """ + Determines whether Cloudflare will write the eligible resource to cache reserve. + """ + return pulumi.get(self, "eligible") + + @eligible.setter + def eligible(self, value: pulumi.Input[bool]): + pulumi.set(self, "eligible", value) + + @property + @pulumi.getter(name="minimumFileSize") + def minimum_file_size(self) -> Optional[pulumi.Input[int]]: + """ + The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + """ + return pulumi.get(self, "minimum_file_size") + + @minimum_file_size.setter + def minimum_file_size(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "minimum_file_size", value) + + @pulumi.input_type class RulesetRuleActionParametersEdgeTtlArgs: def __init__(__self__, *, @@ -16617,6 +17480,28 @@ def inspection_mode(self, value: pulumi.Input[str]): pulumi.set(self, "inspection_mode", value) +@pulumi.input_type +class TeamsAccountCertificateArgs: + def __init__(__self__, *, + id: pulumi.Input[str]): + """ + :param pulumi.Input[str] id: ID of certificate for TLS interception. + """ + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def id(self) -> pulumi.Input[str]: + """ + ID of certificate for TLS interception. + """ + return pulumi.get(self, "id") + + @id.setter + def id(self, value: pulumi.Input[str]): + pulumi.set(self, "id", value) + + @pulumi.input_type class TeamsAccountCustomCertificateArgs: def __init__(__self__, *, @@ -16931,7 +17816,7 @@ def __init__(__self__, *, udp: pulumi.Input[bool], virtual_ip: pulumi.Input[bool]): """ - :param pulumi.Input[int] disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP + :param pulumi.Input[int] disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP. :param pulumi.Input[bool] root_ca: Whether root ca is enabled account wide for ZT clients. :param pulumi.Input[bool] tcp: Whether gateway proxy is enabled on gateway devices for TCP traffic. :param pulumi.Input[bool] udp: Whether gateway proxy is enabled on gateway devices for UDP traffic. @@ -16947,7 +17832,7 @@ def __init__(__self__, *, @pulumi.getter(name="disableForTime") def disable_for_time(self) -> pulumi.Input[int]: """ - Sets the time limit in seconds that a user can use an override code to bypass WARP + Sets the time limit in seconds that a user can use an override code to bypass WARP. """ return pulumi.get(self, "disable_for_time") @@ -19131,21 +20016,58 @@ def database_id(self) -> pulumi.Input[str]: """ return pulumi.get(self, "database_id") - @database_id.setter - def database_id(self, value: pulumi.Input[str]): - pulumi.set(self, "database_id", value) + @database_id.setter + def database_id(self, value: pulumi.Input[str]): + pulumi.set(self, "database_id", value) + + @property + @pulumi.getter + def name(self) -> pulumi.Input[str]: + """ + The global variable for the binding in your Worker code. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: pulumi.Input[str]): + pulumi.set(self, "name", value) + + +@pulumi.input_type +class WorkerScriptHyperdriveConfigBindingArgs: + def __init__(__self__, *, + binding: pulumi.Input[str], + id: pulumi.Input[str]): + """ + :param pulumi.Input[str] binding: The global variable for the binding in your Worker code. + :param pulumi.Input[str] id: The ID of the Hyperdrive config to use. + """ + pulumi.set(__self__, "binding", binding) + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def binding(self) -> pulumi.Input[str]: + """ + The global variable for the binding in your Worker code. + """ + return pulumi.get(self, "binding") + + @binding.setter + def binding(self, value: pulumi.Input[str]): + pulumi.set(self, "binding", value) @property @pulumi.getter - def name(self) -> pulumi.Input[str]: + def id(self) -> pulumi.Input[str]: """ - The global variable for the binding in your Worker code. + The ID of the Hyperdrive config to use. """ - return pulumi.get(self, "name") + return pulumi.get(self, "id") - @name.setter - def name(self, value: pulumi.Input[str]): - pulumi.set(self, "name", value) + @id.setter + def id(self, value: pulumi.Input[str]): + pulumi.set(self, "id", value) @pulumi.input_type @@ -19519,6 +20441,43 @@ def name(self, value: pulumi.Input[str]): pulumi.set(self, "name", value) +@pulumi.input_type +class WorkersScriptHyperdriveConfigBindingArgs: + def __init__(__self__, *, + binding: pulumi.Input[str], + id: pulumi.Input[str]): + """ + :param pulumi.Input[str] binding: The global variable for the binding in your Worker code. + :param pulumi.Input[str] id: The ID of the Hyperdrive config to use. + """ + pulumi.set(__self__, "binding", binding) + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def binding(self) -> pulumi.Input[str]: + """ + The global variable for the binding in your Worker code. + """ + return pulumi.get(self, "binding") + + @binding.setter + def binding(self, value: pulumi.Input[str]): + pulumi.set(self, "binding", value) + + @property + @pulumi.getter + def id(self) -> pulumi.Input[str]: + """ + The ID of the Hyperdrive config to use. + """ + return pulumi.get(self, "id") + + @id.setter + def id(self, value: pulumi.Input[str]): + pulumi.set(self, "id", value) + + @pulumi.input_type class WorkersScriptKvNamespaceBindingArgs: def __init__(__self__, *, @@ -21157,9 +22116,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeExternalEvaluationArgs']]] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -21211,6 +22189,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -21229,6 +22210,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Zero @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -21238,6 +22222,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -21247,6 +22234,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAc @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -21256,6 +22246,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -21277,6 +22270,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -21286,6 +22282,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -21295,6 +22294,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -21304,6 +22306,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -21313,6 +22318,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -21322,6 +22330,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeExternalEvaluationArgs']]]]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @external_evaluations.setter @@ -21331,6 +22342,9 @@ def external_evaluations(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -21340,6 +22354,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -21349,6 +22366,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -21358,6 +22378,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -21368,7 +22391,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -21391,6 +22414,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -21400,6 +22426,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -21409,6 +22438,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupExcludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -21418,6 +22450,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -21434,7 +22469,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -21468,7 +22503,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -21483,7 +22518,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -21495,7 +22530,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -21521,6 +22556,10 @@ class ZeroTrustAccessGroupExcludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -21529,6 +22568,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -21538,6 +22580,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -21551,6 +22596,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -21561,6 +22611,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -21570,6 +22623,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -21579,6 +22635,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -21591,6 +22650,10 @@ class ZeroTrustAccessGroupExcludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -21599,6 +22662,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -21608,6 +22674,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -21620,6 +22689,10 @@ class ZeroTrustAccessGroupExcludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -21628,6 +22701,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -21637,6 +22713,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -21650,6 +22729,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -21660,6 +22744,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -21669,6 +22756,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -21678,6 +22768,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -21712,9 +22805,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeExternalEvaluationArgs']]] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -21766,6 +22878,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -21784,6 +22899,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Zero @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -21793,6 +22911,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -21802,6 +22923,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAc @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -21811,6 +22935,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -21832,6 +22959,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -21841,6 +22971,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -21850,6 +22983,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -21859,6 +22995,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -21868,6 +23007,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -21877,6 +23019,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeExternalEvaluationArgs']]]]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @external_evaluations.setter @@ -21886,6 +23031,9 @@ def external_evaluations(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -21895,6 +23043,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -21904,6 +23055,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -21913,6 +23067,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -21923,7 +23080,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -21946,6 +23103,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -21955,6 +23115,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -21964,6 +23127,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupIncludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -21973,6 +23139,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -21989,7 +23158,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -22023,7 +23192,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -22038,7 +23207,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -22050,7 +23219,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -22076,6 +23245,10 @@ class ZeroTrustAccessGroupIncludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -22084,6 +23257,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -22093,6 +23269,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -22106,6 +23285,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -22116,6 +23300,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22125,6 +23312,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -22134,6 +23324,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -22146,6 +23339,10 @@ class ZeroTrustAccessGroupIncludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -22154,6 +23351,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -22163,6 +23363,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22175,6 +23378,10 @@ class ZeroTrustAccessGroupIncludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -22183,6 +23390,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22192,6 +23402,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -22205,6 +23418,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -22215,6 +23433,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -22224,6 +23445,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -22233,6 +23457,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22267,9 +23494,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireExternalEvaluationArgs']]] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -22321,6 +23567,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -22339,6 +23588,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Zero @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -22348,6 +23600,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -22357,6 +23612,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAc @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -22366,6 +23624,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -22387,6 +23648,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -22396,6 +23660,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -22405,6 +23672,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -22414,6 +23684,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -22423,6 +23696,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -22432,6 +23708,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireExternalEvaluationArgs']]]]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @external_evaluations.setter @@ -22441,6 +23720,9 @@ def external_evaluations(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -22450,6 +23732,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -22459,6 +23744,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -22468,6 +23756,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -22478,7 +23769,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -22501,6 +23792,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -22510,6 +23804,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -22519,6 +23816,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessGroupRequireSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -22528,6 +23828,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -22544,7 +23847,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -22578,7 +23881,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -22593,7 +23896,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -22605,7 +23908,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -22631,6 +23934,10 @@ class ZeroTrustAccessGroupRequireExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -22639,6 +23946,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -22648,6 +23958,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -22661,6 +23974,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -22671,6 +23989,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22680,6 +24001,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -22689,6 +24013,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -22701,6 +24028,10 @@ class ZeroTrustAccessGroupRequireGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -22709,6 +24040,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -22718,6 +24052,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22730,6 +24067,10 @@ class ZeroTrustAccessGroupRequireOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -22738,6 +24079,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -22747,6 +24091,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -22760,6 +24107,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -22770,6 +24122,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -22779,6 +24134,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -22788,6 +24146,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -23446,9 +24807,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeExternalEvaluationArgs']]] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -23500,6 +24880,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -23518,6 +24901,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Zero @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -23527,6 +24913,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -23536,6 +24925,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAc @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -23545,6 +24937,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -23566,6 +24961,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -23575,6 +24973,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -23584,6 +24985,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -23593,6 +24997,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -23602,6 +25009,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -23611,6 +25021,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeExternalEvaluationArgs']]]]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @external_evaluations.setter @@ -23620,6 +25033,9 @@ def external_evaluations(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -23629,6 +25045,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -23638,6 +25057,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -23647,6 +25069,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -23657,7 +25082,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -23680,6 +25105,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -23689,6 +25117,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -23698,6 +25129,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -23707,6 +25141,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -23723,7 +25160,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -23757,7 +25194,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -23772,7 +25209,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -23784,7 +25221,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -23810,6 +25247,10 @@ class ZeroTrustAccessPolicyExcludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -23818,6 +25259,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -23827,6 +25271,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -23840,6 +25287,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -23850,6 +25302,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -23859,6 +25314,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -23868,6 +25326,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -23880,6 +25341,10 @@ class ZeroTrustAccessPolicyExcludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -23888,6 +25353,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -23897,6 +25365,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -23909,6 +25380,10 @@ class ZeroTrustAccessPolicyExcludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -23917,6 +25392,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -23926,6 +25404,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -23939,6 +25420,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -23949,6 +25435,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -23958,6 +25447,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -23967,6 +25459,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -24001,9 +25496,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeExternalEvaluationArgs']]] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -24055,6 +25569,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -24073,6 +25590,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Zero @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -24082,6 +25602,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -24091,6 +25614,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAc @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -24100,6 +25626,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -24121,6 +25650,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -24130,6 +25662,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -24139,6 +25674,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -24148,6 +25686,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -24157,6 +25698,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -24166,6 +25710,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeExternalEvaluationArgs']]]]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @external_evaluations.setter @@ -24175,6 +25722,9 @@ def external_evaluations(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -24184,6 +25734,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -24193,6 +25746,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -24202,6 +25758,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -24212,7 +25771,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -24235,6 +25794,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -24244,6 +25806,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -24253,6 +25818,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -24262,6 +25830,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -24278,7 +25849,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -24312,7 +25883,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -24327,7 +25898,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -24339,7 +25910,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -24365,6 +25936,10 @@ class ZeroTrustAccessPolicyIncludeExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -24373,6 +25948,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -24382,6 +25960,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -24395,6 +25976,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -24405,6 +25991,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -24414,6 +26003,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -24423,6 +26015,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -24435,6 +26030,10 @@ class ZeroTrustAccessPolicyIncludeGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -24443,6 +26042,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -24452,6 +26054,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -24464,6 +26069,10 @@ class ZeroTrustAccessPolicyIncludeOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -24472,6 +26081,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -24481,6 +26093,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -24494,6 +26109,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -24504,6 +26124,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -24513,6 +26136,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -24522,6 +26148,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -24556,9 +26185,28 @@ def __init__(__self__, *, samls: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireSamlArgs']]]] = None, service_tokens: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ + :param pulumi.Input[bool] any_valid_service_token: Matches any valid Access service token. + :param pulumi.Input[str] auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireAzureArgs']]] azures: Matches an Azure group. Requires an Azure identity provider. + :param pulumi.Input[bool] certificate: Matches any valid client certificate. + :param pulumi.Input[str] common_name: Matches a valid client certificate common name. :param pulumi.Input[Sequence[pulumi.Input[str]]] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of an existing IP list to reference. + :param pulumi.Input[Sequence[pulumi.Input[str]]] device_postures: The ID of a device posture integration. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_domains: The email domain to match. + :param pulumi.Input[Sequence[pulumi.Input[str]]] email_lists: The ID of a previously created email list. + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the user. + :param pulumi.Input[bool] everyone: Matches everyone. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireExternalEvaluationArgs']]] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param pulumi.Input[Sequence[pulumi.Input[str]]] geos: Matches a specific country. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireGithubArgs']]] githubs: Matches a Github organization. Requires a Github identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] groups: The ID of a previously created Access group. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireGsuiteArgs']]] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] ip_lists: The ID of a previously created IP list. :param pulumi.Input[Sequence[pulumi.Input[str]]] ips: An IPv4 or IPv6 CIDR block. + :param pulumi.Input[Sequence[pulumi.Input[str]]] login_methods: The ID of a configured identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireOktaArgs']]] oktas: Matches an Okta group. Requires an Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireSamlArgs']]] samls: Matches a SAML group. Requires a SAML identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -24610,6 +26258,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @any_valid_service_token.setter @@ -24628,6 +26279,9 @@ def auth_contexts(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Zero @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[pulumi.Input[str]]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @auth_method.setter @@ -24637,6 +26291,9 @@ def auth_method(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def azures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireAzureArgs']]]]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @azures.setter @@ -24646,6 +26303,9 @@ def azures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAc @property @pulumi.getter def certificate(self) -> Optional[pulumi.Input[bool]]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @certificate.setter @@ -24655,6 +26315,9 @@ def certificate(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[pulumi.Input[str]]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @common_name.setter @@ -24676,6 +26339,9 @@ def common_names(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]] @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @device_postures.setter @@ -24685,6 +26351,9 @@ def device_postures(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @email_domains.setter @@ -24694,6 +26363,9 @@ def email_domains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @email_lists.setter @@ -24703,6 +26375,9 @@ def email_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @emails.setter @@ -24712,6 +26387,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def everyone(self) -> Optional[pulumi.Input[bool]]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @everyone.setter @@ -24721,6 +26399,9 @@ def everyone(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireExternalEvaluationArgs']]]]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @external_evaluations.setter @@ -24730,6 +26411,9 @@ def external_evaluations(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter def geos(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @geos.setter @@ -24739,6 +26423,9 @@ def geos(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def githubs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireGithubArgs']]]]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @githubs.setter @@ -24748,6 +26435,9 @@ def githubs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @property @pulumi.getter def groups(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @groups.setter @@ -24757,6 +26447,9 @@ def groups(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter def gsuites(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireGsuiteArgs']]]]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @gsuites.setter @@ -24767,7 +26460,7 @@ def gsuites(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustA @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -24790,6 +26483,9 @@ def ips(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @login_methods.setter @@ -24799,6 +26495,9 @@ def login_methods(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]] @property @pulumi.getter def oktas(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireOktaArgs']]]]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @oktas.setter @@ -24808,6 +26507,9 @@ def oktas(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter def samls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireSamlArgs']]]]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @samls.setter @@ -24817,6 +26519,9 @@ def samls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustAcc @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @service_tokens.setter @@ -24833,7 +26538,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] ac_id: The ACID of the Authentication Context. :param pulumi.Input[str] id: The ID of the Authentication Context. - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -24867,7 +26572,7 @@ def id(self, value: pulumi.Input[str]): @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> pulumi.Input[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -24882,7 +26587,7 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ - :param pulumi.Input[str] identity_provider_id: The ID of the Azure Identity provider. + :param pulumi.Input[str] identity_provider_id: The ID of the Azure identity provider. :param pulumi.Input[Sequence[pulumi.Input[str]]] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -24894,7 +26599,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -24920,6 +26625,10 @@ class ZeroTrustAccessPolicyRequireExternalEvaluationArgs: def __init__(__self__, *, evaluate_url: Optional[pulumi.Input[str]] = None, keys_url: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] evaluate_url: The API endpoint containing your business logic. + :param pulumi.Input[str] keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -24928,6 +26637,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @evaluate_url.setter @@ -24937,6 +26649,9 @@ def evaluate_url(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[pulumi.Input[str]]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @keys_url.setter @@ -24950,6 +26665,11 @@ def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, teams: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Github identity provider. + :param pulumi.Input[str] name: The name of the organization. + :param pulumi.Input[Sequence[pulumi.Input[str]]] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -24960,6 +26680,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -24969,6 +26692,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @name.setter @@ -24978,6 +26704,9 @@ def name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def teams(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @teams.setter @@ -24990,6 +26719,10 @@ class ZeroTrustAccessPolicyRequireGsuiteArgs: def __init__(__self__, *, emails: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] emails: The email of the Google Workspace group. + :param pulumi.Input[str] identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -24998,6 +26731,9 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @emails.setter @@ -25007,6 +26743,9 @@ def emails(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -25019,6 +26758,10 @@ class ZeroTrustAccessPolicyRequireOktaArgs: def __init__(__self__, *, identity_provider_id: Optional[pulumi.Input[str]] = None, names: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + :param pulumi.Input[str] identity_provider_id: The ID of your Okta identity provider. + :param pulumi.Input[Sequence[pulumi.Input[str]]] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -25027,6 +26770,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -25036,6 +26782,9 @@ def identity_provider_id(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter def names(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @names.setter @@ -25049,6 +26798,11 @@ def __init__(__self__, *, attribute_name: Optional[pulumi.Input[str]] = None, attribute_value: Optional[pulumi.Input[str]] = None, identity_provider_id: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] attribute_name: The name of the SAML attribute. + :param pulumi.Input[str] attribute_value: The SAML attribute value to look for. + :param pulumi.Input[str] identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -25059,6 +26813,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @attribute_name.setter @@ -25068,6 +26825,9 @@ def attribute_name(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[pulumi.Input[str]]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @attribute_value.setter @@ -25077,6 +26837,9 @@ def attribute_value(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @identity_provider_id.setter @@ -25306,16 +27069,16 @@ def __init__(__self__, *, :param pulumi.Input[str] connection_id: The workspace one or intune connection id. :param pulumi.Input[str] count_operator: The count comparison operator for kolide. Available values: `>`, `>=`, `<`, `<=`, `==`. :param pulumi.Input[str] domain: The domain that the client must join. - :param pulumi.Input[str] eid_last_seen: The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + :param pulumi.Input[str] eid_last_seen: The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. :param pulumi.Input[bool] enabled: True if the firewall must be enabled. :param pulumi.Input[bool] exists: Checks if the file should exist. - :param pulumi.Input[Sequence[pulumi.Input[str]]] extended_key_usages: List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + :param pulumi.Input[Sequence[pulumi.Input[str]]] extended_key_usages: List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. :param pulumi.Input[str] id: The Teams List id. Required for `serial_number` and `unique_client_id` rule types. :param pulumi.Input[bool] infected: True if SentinelOne device is infected. :param pulumi.Input[bool] is_active: True if SentinelOne device is active. :param pulumi.Input[str] issue_count: The number of issues for kolide. :param pulumi.Input[str] last_seen: The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. - :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustDevicePostureRuleInputLocationArgs']]] locations: List of locations to check for client certificate. + :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustDevicePostureRuleInputLocationArgs']]] locations: List of operating system locations to check for a client certificate.. :param pulumi.Input[str] network_status: The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. :param pulumi.Input[str] operator: The version comparison operator. Available values: `>`, `>=`, `<`, `<=`, `==`. :param pulumi.Input[str] os: OS signal score from Crowdstrike. Value must be between 1 and 100. @@ -25333,7 +27096,7 @@ def __init__(__self__, *, :param pulumi.Input[str] thumbprint: The thumbprint of the file certificate. :param pulumi.Input[int] total_score: The total score from Tanium. :param pulumi.Input[str] version: The operating system semantic version. - :param pulumi.Input[str] version_operator: The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + :param pulumi.Input[str] version_operator: The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ if active_threats is not None: pulumi.set(__self__, "active_threats", active_threats) @@ -25522,7 +27285,7 @@ def domain(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="eidLastSeen") def eid_last_seen(self) -> Optional[pulumi.Input[str]]: """ - The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. """ return pulumi.get(self, "eid_last_seen") @@ -25558,7 +27321,7 @@ def exists(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="extendedKeyUsages") def extended_key_usages(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. """ return pulumi.get(self, "extended_key_usages") @@ -25630,7 +27393,7 @@ def last_seen(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def locations(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ZeroTrustDevicePostureRuleInputLocationArgs']]]]: """ - List of locations to check for client certificate. + List of operating system locations to check for a client certificate.. """ return pulumi.get(self, "locations") @@ -25846,7 +27609,7 @@ def version(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="versionOperator") def version_operator(self) -> Optional[pulumi.Input[str]]: """ - The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ return pulumi.get(self, "version_operator") @@ -25862,7 +27625,7 @@ def __init__(__self__, *, trust_stores: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): """ :param pulumi.Input[Sequence[pulumi.Input[str]]] paths: List of paths to check for client certificate rule. - :param pulumi.Input[Sequence[pulumi.Input[str]]] trust_stores: List of trust stores to check for client certificate rule. Available values: `system`, `user` + :param pulumi.Input[Sequence[pulumi.Input[str]]] trust_stores: List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ if paths is not None: pulumi.set(__self__, "paths", paths) @@ -25885,7 +27648,7 @@ def paths(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @pulumi.getter(name="trustStores") def trust_stores(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - List of trust stores to check for client certificate rule. Available values: `system`, `user` + List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ return pulumi.get(self, "trust_stores") @@ -27309,6 +29072,28 @@ def inspection_mode(self, value: pulumi.Input[str]): pulumi.set(self, "inspection_mode", value) +@pulumi.input_type +class ZeroTrustGatewaySettingsCertificateArgs: + def __init__(__self__, *, + id: pulumi.Input[str]): + """ + :param pulumi.Input[str] id: ID of certificate for TLS interception. + """ + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def id(self) -> pulumi.Input[str]: + """ + ID of certificate for TLS interception. + """ + return pulumi.get(self, "id") + + @id.setter + def id(self, value: pulumi.Input[str]): + pulumi.set(self, "id", value) + + @pulumi.input_type class ZeroTrustGatewaySettingsCustomCertificateArgs: def __init__(__self__, *, @@ -27623,7 +29408,7 @@ def __init__(__self__, *, udp: pulumi.Input[bool], virtual_ip: pulumi.Input[bool]): """ - :param pulumi.Input[int] disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP + :param pulumi.Input[int] disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP. :param pulumi.Input[bool] root_ca: Whether root ca is enabled account wide for ZT clients. :param pulumi.Input[bool] tcp: Whether gateway proxy is enabled on gateway devices for TCP traffic. :param pulumi.Input[bool] udp: Whether gateway proxy is enabled on gateway devices for UDP traffic. @@ -27639,7 +29424,7 @@ def __init__(__self__, *, @pulumi.getter(name="disableForTime") def disable_for_time(self) -> pulumi.Input[int]: """ - Sets the time limit in seconds that a user can use an override code to bypass WARP + Sets the time limit in seconds that a user can use an override code to bypass WARP. """ return pulumi.get(self, "disable_for_time") @@ -28936,6 +30721,7 @@ def __init__(__self__, *, privacy_pass: Optional[pulumi.Input[str]] = None, proxy_read_timeout: Optional[pulumi.Input[str]] = None, pseudo_ipv4: Optional[pulumi.Input[str]] = None, + replace_insecure_js: Optional[pulumi.Input[str]] = None, response_buffering: Optional[pulumi.Input[str]] = None, rocket_loader: Optional[pulumi.Input[str]] = None, security_header: Optional[pulumi.Input['ZoneSettingsOverrideInitialSettingSecurityHeaderArgs']] = None, @@ -29036,6 +30822,8 @@ def __init__(__self__, *, pulumi.set(__self__, "proxy_read_timeout", proxy_read_timeout) if pseudo_ipv4 is not None: pulumi.set(__self__, "pseudo_ipv4", pseudo_ipv4) + if replace_insecure_js is not None: + pulumi.set(__self__, "replace_insecure_js", replace_insecure_js) if response_buffering is not None: pulumi.set(__self__, "response_buffering", response_buffering) if rocket_loader is not None: @@ -29435,6 +31223,15 @@ def pseudo_ipv4(self) -> Optional[pulumi.Input[str]]: def pseudo_ipv4(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "pseudo_ipv4", value) + @property + @pulumi.getter(name="replaceInsecureJs") + def replace_insecure_js(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "replace_insecure_js") + + @replace_insecure_js.setter + def replace_insecure_js(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "replace_insecure_js", value) + @property @pulumi.getter(name="responseBuffering") def response_buffering(self) -> Optional[pulumi.Input[str]]: @@ -29790,6 +31587,7 @@ def __init__(__self__, *, privacy_pass: Optional[pulumi.Input[str]] = None, proxy_read_timeout: Optional[pulumi.Input[str]] = None, pseudo_ipv4: Optional[pulumi.Input[str]] = None, + replace_insecure_js: Optional[pulumi.Input[str]] = None, response_buffering: Optional[pulumi.Input[str]] = None, rocket_loader: Optional[pulumi.Input[str]] = None, security_header: Optional[pulumi.Input['ZoneSettingsOverrideSettingsSecurityHeaderArgs']] = None, @@ -29890,6 +31688,8 @@ def __init__(__self__, *, pulumi.set(__self__, "proxy_read_timeout", proxy_read_timeout) if pseudo_ipv4 is not None: pulumi.set(__self__, "pseudo_ipv4", pseudo_ipv4) + if replace_insecure_js is not None: + pulumi.set(__self__, "replace_insecure_js", replace_insecure_js) if response_buffering is not None: pulumi.set(__self__, "response_buffering", response_buffering) if rocket_loader is not None: @@ -30289,6 +32089,15 @@ def pseudo_ipv4(self) -> Optional[pulumi.Input[str]]: def pseudo_ipv4(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "pseudo_ipv4", value) + @property + @pulumi.getter(name="replaceInsecureJs") + def replace_insecure_js(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "replace_insecure_js") + + @replace_insecure_js.setter + def replace_insecure_js(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "replace_insecure_js", value) + @property @pulumi.getter(name="responseBuffering") def response_buffering(self) -> Optional[pulumi.Input[str]]: diff --git a/sdk/python/pulumi_cloudflare/access_policy.py b/sdk/python/pulumi_cloudflare/access_policy.py index c658fafc6..899ac281d 100644 --- a/sdk/python/pulumi_cloudflare/access_policy.py +++ b/sdk/python/pulumi_cloudflare/access_policy.py @@ -36,7 +36,7 @@ def __init__(__self__, *, :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyIncludeArgs']]] includes: A series of access conditions, see Access Groups. :param pulumi.Input[str] name: Friendly name of the Access Policy. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeArgs']]] excludes: A series of access conditions, see Access Groups. :param pulumi.Input[bool] isolation_required: Require this application to be served in an isolated browser for users matching this policy. @@ -45,7 +45,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireArgs']]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ pulumi.set(__self__, "decision", decision) pulumi.set(__self__, "includes", includes) @@ -115,7 +115,7 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter(name="accountId") def account_id(self) -> Optional[pulumi.Input[str]]: """ - The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + The account identifier to target for the resource. Conflicts with `zone_id`. """ return pulumi.get(self, "account_id") @@ -241,7 +241,7 @@ def session_duration(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="zoneId") def zone_id(self) -> Optional[pulumi.Input[str]]: """ - The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + The zone identifier to target for the resource. Conflicts with `account_id`. """ return pulumi.get(self, "zone_id") @@ -270,7 +270,7 @@ def __init__(__self__, *, zone_id: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering AccessPolicy resources. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyExcludeArgs']]] excludes: A series of access conditions, see Access Groups. @@ -282,7 +282,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyRequireArgs']]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ if account_id is not None: pulumi.set(__self__, "account_id", account_id) @@ -319,7 +319,7 @@ def __init__(__self__, *, @pulumi.getter(name="accountId") def account_id(self) -> Optional[pulumi.Input[str]]: """ - The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + The account identifier to target for the resource. Conflicts with `zone_id`. """ return pulumi.get(self, "account_id") @@ -481,7 +481,7 @@ def session_duration(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="zoneId") def zone_id(self) -> Optional[pulumi.Input[str]]: """ - The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + The zone identifier to target for the resource. Conflicts with `account_id`. """ return pulumi.get(self, "zone_id") @@ -532,7 +532,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input[Union['AccessPolicyExcludeArgs', 'AccessPolicyExcludeArgsDict']]]] excludes: A series of access conditions, see Access Groups. @@ -544,7 +544,7 @@ def __init__(__self__, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input[Union['AccessPolicyRequireArgs', 'AccessPolicyRequireArgsDict']]]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ ... @overload @@ -663,7 +663,7 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input[Union['AccessPolicyExcludeArgs', 'AccessPolicyExcludeArgsDict']]]] excludes: A series of access conditions, see Access Groups. @@ -675,7 +675,7 @@ def get(resource_name: str, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input[Union['AccessPolicyRequireArgs', 'AccessPolicyRequireArgsDict']]]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -702,7 +702,7 @@ def get(resource_name: str, @pulumi.getter(name="accountId") def account_id(self) -> pulumi.Output[Optional[str]]: """ - The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + The account identifier to target for the resource. Conflicts with `zone_id`. """ return pulumi.get(self, "account_id") @@ -808,7 +808,7 @@ def session_duration(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="zoneId") def zone_id(self) -> pulumi.Output[Optional[str]]: """ - The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + The zone identifier to target for the resource. Conflicts with `account_id`. """ return pulumi.get(self, "zone_id") diff --git a/sdk/python/pulumi_cloudflare/bot_management.py b/sdk/python/pulumi_cloudflare/bot_management.py index 61aa5dbba..831639570 100644 --- a/sdk/python/pulumi_cloudflare/bot_management.py +++ b/sdk/python/pulumi_cloudflare/bot_management.py @@ -15,6 +15,7 @@ class BotManagementArgs: def __init__(__self__, *, zone_id: pulumi.Input[str], + ai_bots_protection: Optional[pulumi.Input[str]] = None, auto_update_model: Optional[pulumi.Input[bool]] = None, enable_js: Optional[pulumi.Input[bool]] = None, fight_mode: Optional[pulumi.Input[bool]] = None, @@ -27,6 +28,7 @@ def __init__(__self__, *, """ The set of arguments for constructing a BotManagement resource. :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] ai_bots_protection: Enable rule to block AI Scrapers and Crawlers. :param pulumi.Input[bool] auto_update_model: Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). :param pulumi.Input[bool] enable_js: Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). :param pulumi.Input[bool] fight_mode: Whether to enable Bot Fight Mode. @@ -38,6 +40,8 @@ def __init__(__self__, *, :param pulumi.Input[bool] suppress_session_score: Whether to disable tracking the highest bot score for a session in the Bot Management cookie. """ pulumi.set(__self__, "zone_id", zone_id) + if ai_bots_protection is not None: + pulumi.set(__self__, "ai_bots_protection", ai_bots_protection) if auto_update_model is not None: pulumi.set(__self__, "auto_update_model", auto_update_model) if enable_js is not None: @@ -69,6 +73,18 @@ def zone_id(self) -> pulumi.Input[str]: def zone_id(self, value: pulumi.Input[str]): pulumi.set(self, "zone_id", value) + @property + @pulumi.getter(name="aiBotsProtection") + def ai_bots_protection(self) -> Optional[pulumi.Input[str]]: + """ + Enable rule to block AI Scrapers and Crawlers. + """ + return pulumi.get(self, "ai_bots_protection") + + @ai_bots_protection.setter + def ai_bots_protection(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "ai_bots_protection", value) + @property @pulumi.getter(name="autoUpdateModel") def auto_update_model(self) -> Optional[pulumi.Input[bool]]: @@ -181,6 +197,7 @@ def suppress_session_score(self, value: Optional[pulumi.Input[bool]]): @pulumi.input_type class _BotManagementState: def __init__(__self__, *, + ai_bots_protection: Optional[pulumi.Input[str]] = None, auto_update_model: Optional[pulumi.Input[bool]] = None, enable_js: Optional[pulumi.Input[bool]] = None, fight_mode: Optional[pulumi.Input[bool]] = None, @@ -194,6 +211,7 @@ def __init__(__self__, *, zone_id: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering BotManagement resources. + :param pulumi.Input[str] ai_bots_protection: Enable rule to block AI Scrapers and Crawlers. :param pulumi.Input[bool] auto_update_model: Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). :param pulumi.Input[bool] enable_js: Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). :param pulumi.Input[bool] fight_mode: Whether to enable Bot Fight Mode. @@ -206,6 +224,8 @@ def __init__(__self__, *, :param pulumi.Input[bool] using_latest_model: A read-only field that indicates whether the zone currently is running the latest ML model. :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. **Modifying this attribute will force creation of a new resource.** """ + if ai_bots_protection is not None: + pulumi.set(__self__, "ai_bots_protection", ai_bots_protection) if auto_update_model is not None: pulumi.set(__self__, "auto_update_model", auto_update_model) if enable_js is not None: @@ -229,6 +249,18 @@ def __init__(__self__, *, if zone_id is not None: pulumi.set(__self__, "zone_id", zone_id) + @property + @pulumi.getter(name="aiBotsProtection") + def ai_bots_protection(self) -> Optional[pulumi.Input[str]]: + """ + Enable rule to block AI Scrapers and Crawlers. + """ + return pulumi.get(self, "ai_bots_protection") + + @ai_bots_protection.setter + def ai_bots_protection(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "ai_bots_protection", value) + @property @pulumi.getter(name="autoUpdateModel") def auto_update_model(self) -> Optional[pulumi.Input[bool]]: @@ -367,6 +399,7 @@ class BotManagement(pulumi.CustomResource): def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + ai_bots_protection: Optional[pulumi.Input[str]] = None, auto_update_model: Optional[pulumi.Input[bool]] = None, enable_js: Optional[pulumi.Input[bool]] = None, fight_mode: Optional[pulumi.Input[bool]] = None, @@ -411,6 +444,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] ai_bots_protection: Enable rule to block AI Scrapers and Crawlers. :param pulumi.Input[bool] auto_update_model: Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). :param pulumi.Input[bool] enable_js: Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). :param pulumi.Input[bool] fight_mode: Whether to enable Bot Fight Mode. @@ -474,6 +508,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs): def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + ai_bots_protection: Optional[pulumi.Input[str]] = None, auto_update_model: Optional[pulumi.Input[bool]] = None, enable_js: Optional[pulumi.Input[bool]] = None, fight_mode: Optional[pulumi.Input[bool]] = None, @@ -493,6 +528,7 @@ def _internal_init(__self__, raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') __props__ = BotManagementArgs.__new__(BotManagementArgs) + __props__.__dict__["ai_bots_protection"] = ai_bots_protection __props__.__dict__["auto_update_model"] = auto_update_model __props__.__dict__["enable_js"] = enable_js __props__.__dict__["fight_mode"] = fight_mode @@ -516,6 +552,7 @@ def _internal_init(__self__, def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, + ai_bots_protection: Optional[pulumi.Input[str]] = None, auto_update_model: Optional[pulumi.Input[bool]] = None, enable_js: Optional[pulumi.Input[bool]] = None, fight_mode: Optional[pulumi.Input[bool]] = None, @@ -534,6 +571,7 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] ai_bots_protection: Enable rule to block AI Scrapers and Crawlers. :param pulumi.Input[bool] auto_update_model: Automatically update to the newest bot detection models created by Cloudflare as they are released. [Learn more.](https://developers.cloudflare.com/bots/reference/machine-learning-models#model-versions-and-release-notes). :param pulumi.Input[bool] enable_js: Use lightweight, invisible JavaScript detections to improve Bot Management. [Learn more about JavaScript Detections](https://developers.cloudflare.com/bots/reference/javascript-detections/). :param pulumi.Input[bool] fight_mode: Whether to enable Bot Fight Mode. @@ -550,6 +588,7 @@ def get(resource_name: str, __props__ = _BotManagementState.__new__(_BotManagementState) + __props__.__dict__["ai_bots_protection"] = ai_bots_protection __props__.__dict__["auto_update_model"] = auto_update_model __props__.__dict__["enable_js"] = enable_js __props__.__dict__["fight_mode"] = fight_mode @@ -563,6 +602,14 @@ def get(resource_name: str, __props__.__dict__["zone_id"] = zone_id return BotManagement(resource_name, opts=opts, __props__=__props__) + @property + @pulumi.getter(name="aiBotsProtection") + def ai_bots_protection(self) -> pulumi.Output[str]: + """ + Enable rule to block AI Scrapers and Crawlers. + """ + return pulumi.get(self, "ai_bots_protection") + @property @pulumi.getter(name="autoUpdateModel") def auto_update_model(self) -> pulumi.Output[Optional[bool]]: diff --git a/sdk/python/pulumi_cloudflare/device_settings_policy.py b/sdk/python/pulumi_cloudflare/device_settings_policy.py index 08b70897f..b7aa5385b 100644 --- a/sdk/python/pulumi_cloudflare/device_settings_policy.py +++ b/sdk/python/pulumi_cloudflare/device_settings_policy.py @@ -53,7 +53,7 @@ def __init__(__self__, *, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ pulumi.set(__self__, "account_id", account_id) pulumi.set(__self__, "description", description) @@ -311,7 +311,7 @@ def switch_locked(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="tunnelProtocol") def tunnel_protocol(self) -> Optional[pulumi.Input[str]]: """ - Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ return pulumi.get(self, "tunnel_protocol") @@ -362,7 +362,7 @@ def __init__(__self__, *, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ if account_id is not None: pulumi.set(__self__, "account_id", account_id) @@ -623,7 +623,7 @@ def switch_locked(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="tunnelProtocol") def tunnel_protocol(self) -> Optional[pulumi.Input[str]]: """ - Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ return pulumi.get(self, "tunnel_protocol") @@ -716,7 +716,7 @@ def __init__(__self__, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ ... @overload @@ -885,7 +885,7 @@ def get(resource_name: str, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -1060,7 +1060,7 @@ def switch_locked(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter(name="tunnelProtocol") def tunnel_protocol(self) -> pulumi.Output[Optional[str]]: """ - Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard` + Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ return pulumi.get(self, "tunnel_protocol") diff --git a/sdk/python/pulumi_cloudflare/get_device_posture_rules.py b/sdk/python/pulumi_cloudflare/get_device_posture_rules.py index 8a9a354e0..b22294db2 100644 --- a/sdk/python/pulumi_cloudflare/get_device_posture_rules.py +++ b/sdk/python/pulumi_cloudflare/get_device_posture_rules.py @@ -75,7 +75,7 @@ def rules(self) -> Sequence['outputs.GetDevicePostureRulesRuleResult']: @pulumi.getter def type(self) -> Optional[str]: """ - The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ return pulumi.get(self, "type") @@ -114,7 +114,7 @@ def get_device_posture_rules(account_id: Optional[str] = None, :param str account_id: The account identifier to target for the resource. :param str name: Name of the Device Posture Rule. - :param str type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + :param str type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ __args__ = dict() __args__['accountId'] = account_id @@ -153,6 +153,6 @@ def get_device_posture_rules_output(account_id: Optional[pulumi.Input[str]] = No :param str account_id: The account identifier to target for the resource. :param str name: Name of the Device Posture Rule. - :param str type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + :param str type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ ... diff --git a/sdk/python/pulumi_cloudflare/notification_policy.py b/sdk/python/pulumi_cloudflare/notification_policy.py index c082517a0..44e97d977 100644 --- a/sdk/python/pulumi_cloudflare/notification_policy.py +++ b/sdk/python/pulumi_cloudflare/notification_policy.py @@ -28,7 +28,7 @@ def __init__(__self__, *, """ The set of arguments for constructing a NotificationPolicy resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. - :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. :param pulumi.Input[bool] enabled: The status of the notification policy. :param pulumi.Input[str] name: The name of the notification policy. :param pulumi.Input[str] description: Description of the notification policy. @@ -68,7 +68,7 @@ def account_id(self, value: pulumi.Input[str]): @pulumi.getter(name="alertType") def alert_type(self) -> pulumi.Input[str]: """ - The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. """ return pulumi.get(self, "alert_type") @@ -178,7 +178,7 @@ def __init__(__self__, *, """ Input properties used for looking up and filtering NotificationPolicy resources. :param pulumi.Input[str] account_id: The account identifier to target for the resource. - :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. :param pulumi.Input[str] created: When the notification policy was created. :param pulumi.Input[str] description: Description of the notification policy. :param pulumi.Input[Sequence[pulumi.Input['NotificationPolicyEmailIntegrationArgs']]] email_integrations: The email ID to which the notification should be dispatched. @@ -228,7 +228,7 @@ def account_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="alertType") def alert_type(self) -> Optional[pulumi.Input[str]]: """ - The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. """ return pulumi.get(self, "alert_type") @@ -374,7 +374,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. - :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. :param pulumi.Input[str] description: Description of the notification policy. :param pulumi.Input[Sequence[pulumi.Input[Union['NotificationPolicyEmailIntegrationArgs', 'NotificationPolicyEmailIntegrationArgsDict']]]] email_integrations: The email ID to which the notification should be dispatched. :param pulumi.Input[bool] enabled: The status of the notification policy. @@ -481,7 +481,7 @@ def get(resource_name: str, :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. - :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + :param pulumi.Input[str] alert_type: The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. :param pulumi.Input[str] created: When the notification policy was created. :param pulumi.Input[str] description: Description of the notification policy. :param pulumi.Input[Sequence[pulumi.Input[Union['NotificationPolicyEmailIntegrationArgs', 'NotificationPolicyEmailIntegrationArgsDict']]]] email_integrations: The email ID to which the notification should be dispatched. @@ -521,7 +521,7 @@ def account_id(self) -> pulumi.Output[str]: @pulumi.getter(name="alertType") def alert_type(self) -> pulumi.Output[str]: """ - The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. + The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `image_notification`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`. """ return pulumi.get(self, "alert_type") diff --git a/sdk/python/pulumi_cloudflare/outputs.py b/sdk/python/pulumi_cloudflare/outputs.py index 8f2f2dd4d..5a94f8c92 100644 --- a/sdk/python/pulumi_cloudflare/outputs.py +++ b/sdk/python/pulumi_cloudflare/outputs.py @@ -189,6 +189,7 @@ 'RulesetRuleActionParametersCacheKeyCustomKeyHost', 'RulesetRuleActionParametersCacheKeyCustomKeyQueryString', 'RulesetRuleActionParametersCacheKeyCustomKeyUser', + 'RulesetRuleActionParametersCacheReserve', 'RulesetRuleActionParametersEdgeTtl', 'RulesetRuleActionParametersEdgeTtlStatusCodeTtl', 'RulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRange', @@ -219,6 +220,7 @@ 'TeamsAccountAntivirusNotificationSettings', 'TeamsAccountBlockPage', 'TeamsAccountBodyScanning', + 'TeamsAccountCertificate', 'TeamsAccountCustomCertificate', 'TeamsAccountExtendedEmailMatching', 'TeamsAccountFips', @@ -258,6 +260,7 @@ 'WaitingRoomRulesRule', 'WorkerScriptAnalyticsEngineBinding', 'WorkerScriptD1DatabaseBinding', + 'WorkerScriptHyperdriveConfigBinding', 'WorkerScriptKvNamespaceBinding', 'WorkerScriptPlacement', 'WorkerScriptPlainTextBinding', @@ -268,6 +271,7 @@ 'WorkerScriptWebassemblyBinding', 'WorkersScriptAnalyticsEngineBinding', 'WorkersScriptD1DatabaseBinding', + 'WorkersScriptHyperdriveConfigBinding', 'WorkersScriptKvNamespaceBinding', 'WorkersScriptPlacement', 'WorkersScriptPlainTextBinding', @@ -371,6 +375,7 @@ 'ZeroTrustGatewaySettingsAntivirusNotificationSettings', 'ZeroTrustGatewaySettingsBlockPage', 'ZeroTrustGatewaySettingsBodyScanning', + 'ZeroTrustGatewaySettingsCertificate', 'ZeroTrustGatewaySettingsCustomCertificate', 'ZeroTrustGatewaySettingsExtendedEmailMatching', 'ZeroTrustGatewaySettingsFips', @@ -433,6 +438,7 @@ 'GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyHostResult', 'GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyQueryStringResult', 'GetRulesetsRulesetRuleActionParametersCacheKeyCustomKeyUserResult', + 'GetRulesetsRulesetRuleActionParametersCacheReserveResult', 'GetRulesetsRulesetRuleActionParametersEdgeTtlResult', 'GetRulesetsRulesetRuleActionParametersEdgeTtlStatusCodeTtlResult', 'GetRulesetsRulesetRuleActionParametersEdgeTtlStatusCodeTtlStatusCodeRangeResult', @@ -1774,9 +1780,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.AccessGroupExcludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['AccessGroupExcludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param 'AccessGroupExcludeExternalEvaluationArgs' external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['AccessGroupExcludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['AccessGroupExcludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['AccessGroupExcludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['AccessGroupExcludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -1828,6 +1853,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -1838,21 +1866,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.AccessGroupExcludeAuthCont @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.AccessGroupExcludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -1866,58 +1906,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional['outputs.AccessGroupExcludeExternalEvaluation']: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.AccessGroupExcludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.AccessGroupExcludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -1932,21 +2002,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.AccessGroupExcludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.AccessGroupExcludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -1978,7 +2060,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -2004,7 +2086,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2032,7 +2114,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -2044,7 +2126,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2081,6 +2163,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -2089,11 +2175,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -2120,6 +2212,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -2130,16 +2227,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -2165,6 +2271,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -2173,11 +2283,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -2203,6 +2319,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -2211,11 +2331,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -2246,6 +2372,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -2256,16 +2387,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -2335,9 +2475,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.AccessGroupIncludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['AccessGroupIncludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param 'AccessGroupIncludeExternalEvaluationArgs' external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['AccessGroupIncludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['AccessGroupIncludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['AccessGroupIncludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['AccessGroupIncludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -2389,6 +2548,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -2399,21 +2561,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.AccessGroupIncludeAuthCont @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.AccessGroupIncludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -2427,58 +2601,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional['outputs.AccessGroupIncludeExternalEvaluation']: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.AccessGroupIncludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.AccessGroupIncludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -2493,21 +2697,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.AccessGroupIncludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.AccessGroupIncludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -2539,7 +2755,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -2565,7 +2781,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2593,7 +2809,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -2605,7 +2821,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -2642,6 +2858,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -2650,11 +2870,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -2681,6 +2907,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -2691,16 +2922,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -2726,6 +2966,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -2734,11 +2978,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -2764,6 +3014,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -2772,11 +3026,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -2807,6 +3067,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -2817,16 +3082,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -2896,9 +3170,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.AccessGroupRequireSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['AccessGroupRequireAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param 'AccessGroupRequireExternalEvaluationArgs' external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['AccessGroupRequireGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['AccessGroupRequireGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['AccessGroupRequireOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['AccessGroupRequireSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -2950,6 +3243,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -2960,21 +3256,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.AccessGroupRequireAuthCont @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.AccessGroupRequireAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -2988,58 +3296,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional['outputs.AccessGroupRequireExternalEvaluation']: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.AccessGroupRequireGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.AccessGroupRequireGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -3054,21 +3392,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.AccessGroupRequireOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.AccessGroupRequireSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -3100,7 +3450,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -3126,7 +3476,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -3154,7 +3504,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -3166,7 +3516,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -3203,6 +3553,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -3211,11 +3565,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -3242,6 +3602,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -3252,16 +3617,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -3287,6 +3661,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -3295,11 +3673,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -3325,6 +3709,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -3333,11 +3721,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -3368,6 +3762,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -3378,16 +3777,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -4067,9 +4475,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.AccessPolicyExcludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['AccessPolicyExcludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param 'AccessPolicyExcludeExternalEvaluationArgs' external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['AccessPolicyExcludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['AccessPolicyExcludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['AccessPolicyExcludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['AccessPolicyExcludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -4121,6 +4548,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -4131,21 +4561,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.AccessPolicyExcludeAuthCon @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.AccessPolicyExcludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -4159,58 +4601,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional['outputs.AccessPolicyExcludeExternalEvaluation']: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.AccessPolicyExcludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.AccessPolicyExcludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -4225,21 +4697,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.AccessPolicyExcludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.AccessPolicyExcludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -4271,7 +4755,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -4297,7 +4781,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4325,7 +4809,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -4337,7 +4821,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4374,6 +4858,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -4382,11 +4870,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -4413,6 +4907,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -4423,16 +4922,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -4458,6 +4966,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -4466,11 +4978,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -4496,6 +5014,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -4504,11 +5026,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -4539,6 +5067,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -4549,16 +5082,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -4628,9 +5170,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.AccessPolicyIncludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['AccessPolicyIncludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param 'AccessPolicyIncludeExternalEvaluationArgs' external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['AccessPolicyIncludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['AccessPolicyIncludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['AccessPolicyIncludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['AccessPolicyIncludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -4682,6 +5243,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -4692,21 +5256,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.AccessPolicyIncludeAuthCon @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.AccessPolicyIncludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -4720,58 +5296,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional['outputs.AccessPolicyIncludeExternalEvaluation']: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.AccessPolicyIncludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.AccessPolicyIncludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -4786,21 +5392,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.AccessPolicyIncludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.AccessPolicyIncludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -4832,7 +5450,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -4858,7 +5476,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4886,7 +5504,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -4898,7 +5516,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -4935,6 +5553,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -4943,11 +5565,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -4974,6 +5602,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -4984,16 +5617,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -5019,6 +5661,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -5027,11 +5673,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -5057,6 +5709,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -5065,11 +5721,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -5100,6 +5762,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -5110,16 +5777,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -5189,9 +5865,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.AccessPolicyRequireSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['AccessPolicyRequireAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param 'AccessPolicyRequireExternalEvaluationArgs' external_evaluation: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['AccessPolicyRequireGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['AccessPolicyRequireGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['AccessPolicyRequireOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['AccessPolicyRequireSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -5243,6 +5938,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -5253,21 +5951,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.AccessPolicyRequireAuthCon @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.AccessPolicyRequireAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -5281,58 +5991,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluation") def external_evaluation(self) -> Optional['outputs.AccessPolicyRequireExternalEvaluation']: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluation") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.AccessPolicyRequireGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.AccessPolicyRequireGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -5347,21 +6087,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.AccessPolicyRequireOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.AccessPolicyRequireSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -5393,7 +6145,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -5419,7 +6171,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -5447,7 +6199,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -5459,7 +6211,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -5496,6 +6248,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -5504,11 +6260,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -5535,6 +6297,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -5545,16 +6312,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -5580,6 +6356,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -5588,11 +6368,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -5618,6 +6404,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -5626,11 +6416,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -5661,6 +6457,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -5671,16 +6472,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -6935,7 +7745,7 @@ def __init__(__self__, *, :param bool is_active: True if SentinelOne device is active. :param str issue_count: The number of issues for kolide. :param str last_seen: The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. - :param Sequence['DevicePostureRuleInputLocationArgs'] locations: List of locations to check for client certificate posture check. + :param Sequence['DevicePostureRuleInputLocationArgs'] locations: List of operating system locations to check for a client certificate.. :param str network_status: The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. :param str operator: The version comparison operator. Available values: `>`, `>=`, `<`, `<=`, `==`. :param str os: OS signal score from Crowdstrike. Value must be between 1 and 100. @@ -6953,7 +7763,7 @@ def __init__(__self__, *, :param str thumbprint: The thumbprint of the file certificate. :param int total_score: The total score from Tanium. :param str version: The operating system semantic version. - :param str version_operator: The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + :param str version_operator: The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ if active_threats is not None: pulumi.set(__self__, "active_threats", active_threats) @@ -7178,7 +7988,7 @@ def last_seen(self) -> Optional[str]: @pulumi.getter def locations(self) -> Optional[Sequence['outputs.DevicePostureRuleInputLocation']]: """ - List of locations to check for client certificate posture check. + List of operating system locations to check for a client certificate.. """ return pulumi.get(self, "locations") @@ -7322,7 +8132,7 @@ def version(self) -> Optional[str]: @pulumi.getter(name="versionOperator") def version_operator(self) -> Optional[str]: """ - The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ return pulumi.get(self, "version_operator") @@ -7350,8 +8160,8 @@ def __init__(__self__, *, paths: Optional[Sequence[str]] = None, trust_stores: Optional[Sequence[str]] = None): """ - :param Sequence[str] paths: List of paths to check for client certificate. - :param Sequence[str] trust_stores: List of trust stores to check for client certificate. Available values: `system`, `user`. + :param Sequence[str] paths: List of paths to check for client certificate rule. + :param Sequence[str] trust_stores: List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ if paths is not None: pulumi.set(__self__, "paths", paths) @@ -7362,7 +8172,7 @@ def __init__(__self__, *, @pulumi.getter def paths(self) -> Optional[Sequence[str]]: """ - List of paths to check for client certificate. + List of paths to check for client certificate rule. """ return pulumi.get(self, "paths") @@ -7370,7 +8180,7 @@ def paths(self) -> Optional[Sequence[str]]: @pulumi.getter(name="trustStores") def trust_stores(self) -> Optional[Sequence[str]]: """ - List of trust stores to check for client certificate. Available values: `system`, `user`. + List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ return pulumi.get(self, "trust_stores") @@ -13163,6 +13973,8 @@ def __key_warning(key: str): suggest = "browser_ttl" elif key == "cacheKey": suggest = "cache_key" + elif key == "cacheReserve": + suggest = "cache_reserve" elif key == "contentType": suggest = "content_type" elif key == "cookieFields": @@ -13234,6 +14046,7 @@ def __init__(__self__, *, browser_ttl: Optional['outputs.RulesetRuleActionParametersBrowserTtl'] = None, cache: Optional[bool] = None, cache_key: Optional['outputs.RulesetRuleActionParametersCacheKey'] = None, + cache_reserve: Optional['outputs.RulesetRuleActionParametersCacheReserve'] = None, content: Optional[str] = None, content_type: Optional[str] = None, cookie_fields: Optional[Sequence[str]] = None, @@ -13288,6 +14101,7 @@ def __init__(__self__, *, :param 'RulesetRuleActionParametersBrowserTtlArgs' browser_ttl: List of browser TTL parameters to apply to the request. :param bool cache: Whether to cache if expression matches. :param 'RulesetRuleActionParametersCacheKeyArgs' cache_key: List of cache key parameters to apply to the request. + :param 'RulesetRuleActionParametersCacheReserveArgs' cache_reserve: List of cache reserve parameters to apply to the request. :param str content: Content of the custom error response. :param str content_type: Content-Type of the custom error response. :param Sequence[str] cookie_fields: List of cookie values to include as part of custom fields logging. @@ -13349,6 +14163,8 @@ def __init__(__self__, *, pulumi.set(__self__, "cache", cache) if cache_key is not None: pulumi.set(__self__, "cache_key", cache_key) + if cache_reserve is not None: + pulumi.set(__self__, "cache_reserve", cache_reserve) if content is not None: pulumi.set(__self__, "content", content) if content_type is not None: @@ -13504,6 +14320,14 @@ def cache_key(self) -> Optional['outputs.RulesetRuleActionParametersCacheKey']: """ return pulumi.get(self, "cache_key") + @property + @pulumi.getter(name="cacheReserve") + def cache_reserve(self) -> Optional['outputs.RulesetRuleActionParametersCacheReserve']: + """ + List of cache reserve parameters to apply to the request. + """ + return pulumi.get(self, "cache_reserve") + @property @pulumi.getter def content(self) -> Optional[str]: @@ -14347,6 +15171,53 @@ def lang(self) -> Optional[bool]: return pulumi.get(self, "lang") +@pulumi.output_type +class RulesetRuleActionParametersCacheReserve(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "minimumFileSize": + suggest = "minimum_file_size" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in RulesetRuleActionParametersCacheReserve. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + RulesetRuleActionParametersCacheReserve.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + RulesetRuleActionParametersCacheReserve.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + eligible: bool, + minimum_file_size: Optional[int] = None): + """ + :param bool eligible: Determines whether Cloudflare will write the eligible resource to cache reserve. + :param int minimum_file_size: The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + """ + pulumi.set(__self__, "eligible", eligible) + if minimum_file_size is not None: + pulumi.set(__self__, "minimum_file_size", minimum_file_size) + + @property + @pulumi.getter + def eligible(self) -> bool: + """ + Determines whether Cloudflare will write the eligible resource to cache reserve. + """ + return pulumi.get(self, "eligible") + + @property + @pulumi.getter(name="minimumFileSize") + def minimum_file_size(self) -> Optional[int]: + """ + The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + """ + return pulumi.get(self, "minimum_file_size") + + @pulumi.output_type class RulesetRuleActionParametersEdgeTtl(dict): @staticmethod @@ -15855,6 +16726,24 @@ def inspection_mode(self) -> str: return pulumi.get(self, "inspection_mode") +@pulumi.output_type +class TeamsAccountCertificate(dict): + def __init__(__self__, *, + id: str): + """ + :param str id: ID of certificate for TLS interception. + """ + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def id(self) -> str: + """ + ID of certificate for TLS interception. + """ + return pulumi.get(self, "id") + + @pulumi.output_type class TeamsAccountCustomCertificate(dict): @staticmethod @@ -16232,7 +17121,7 @@ def __init__(__self__, *, udp: bool, virtual_ip: bool): """ - :param int disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP + :param int disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP. :param bool root_ca: Whether root ca is enabled account wide for ZT clients. :param bool tcp: Whether gateway proxy is enabled on gateway devices for TCP traffic. :param bool udp: Whether gateway proxy is enabled on gateway devices for UDP traffic. @@ -16248,7 +17137,7 @@ def __init__(__self__, *, @pulumi.getter(name="disableForTime") def disable_for_time(self) -> int: """ - Sets the time limit in seconds that a user can use an override code to bypass WARP + Sets the time limit in seconds that a user can use an override code to bypass WARP. """ return pulumi.get(self, "disable_for_time") @@ -18292,20 +19181,49 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) @property - @pulumi.getter(name="databaseId") - def database_id(self) -> str: + @pulumi.getter(name="databaseId") + def database_id(self) -> str: + """ + Database ID of D1 database to use. + """ + return pulumi.get(self, "database_id") + + @property + @pulumi.getter + def name(self) -> str: + """ + The global variable for the binding in your Worker code. + """ + return pulumi.get(self, "name") + + +@pulumi.output_type +class WorkerScriptHyperdriveConfigBinding(dict): + def __init__(__self__, *, + binding: str, + id: str): + """ + :param str binding: The global variable for the binding in your Worker code. + :param str id: The ID of the Hyperdrive config to use. + """ + pulumi.set(__self__, "binding", binding) + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def binding(self) -> str: """ - Database ID of D1 database to use. + The global variable for the binding in your Worker code. """ - return pulumi.get(self, "database_id") + return pulumi.get(self, "binding") @property @pulumi.getter - def name(self) -> str: + def id(self) -> str: """ - The global variable for the binding in your Worker code. + The ID of the Hyperdrive config to use. """ - return pulumi.get(self, "name") + return pulumi.get(self, "id") @pulumi.output_type @@ -18650,6 +19568,35 @@ def name(self) -> str: return pulumi.get(self, "name") +@pulumi.output_type +class WorkersScriptHyperdriveConfigBinding(dict): + def __init__(__self__, *, + binding: str, + id: str): + """ + :param str binding: The global variable for the binding in your Worker code. + :param str id: The ID of the Hyperdrive config to use. + """ + pulumi.set(__self__, "binding", binding) + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def binding(self) -> str: + """ + The global variable for the binding in your Worker code. + """ + return pulumi.get(self, "binding") + + @property + @pulumi.getter + def id(self) -> str: + """ + The ID of the Hyperdrive config to use. + """ + return pulumi.get(self, "id") + + @pulumi.output_type class WorkersScriptKvNamespaceBinding(dict): @staticmethod @@ -20233,9 +21180,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['ZeroTrustAccessGroupExcludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param Sequence['ZeroTrustAccessGroupExcludeExternalEvaluationArgs'] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['ZeroTrustAccessGroupExcludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['ZeroTrustAccessGroupExcludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['ZeroTrustAccessGroupExcludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['ZeroTrustAccessGroupExcludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -20287,6 +21253,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -20297,21 +21266,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExclud @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -20325,58 +21306,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeExternalEvaluation']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -20391,21 +21402,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupExcludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -20437,7 +21460,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -20463,7 +21486,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -20491,7 +21514,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -20503,7 +21526,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -20540,6 +21563,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -20548,11 +21575,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -20579,6 +21612,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -20589,16 +21627,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -20624,6 +21671,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -20632,11 +21683,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -20662,6 +21719,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -20670,11 +21731,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -20705,6 +21772,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -20715,16 +21787,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -20794,9 +21875,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['ZeroTrustAccessGroupIncludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param Sequence['ZeroTrustAccessGroupIncludeExternalEvaluationArgs'] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['ZeroTrustAccessGroupIncludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['ZeroTrustAccessGroupIncludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['ZeroTrustAccessGroupIncludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['ZeroTrustAccessGroupIncludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -20848,6 +21948,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -20858,21 +21961,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupInclud @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -20886,58 +22001,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeExternalEvaluation']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -20952,21 +22097,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupIncludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -20998,7 +22155,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -21024,7 +22181,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -21052,7 +22209,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -21064,7 +22221,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -21101,6 +22258,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -21109,11 +22270,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -21140,6 +22307,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -21150,16 +22322,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -21185,6 +22366,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -21193,11 +22378,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -21223,6 +22414,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -21231,11 +22426,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -21266,6 +22467,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -21276,16 +22482,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -21355,9 +22570,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.ZeroTrustAccessGroupRequireSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['ZeroTrustAccessGroupRequireAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param Sequence['ZeroTrustAccessGroupRequireExternalEvaluationArgs'] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['ZeroTrustAccessGroupRequireGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['ZeroTrustAccessGroupRequireGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['ZeroTrustAccessGroupRequireOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['ZeroTrustAccessGroupRequireSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -21409,6 +22643,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -21419,21 +22656,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequir @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequireAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -21447,58 +22696,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequireExternalEvaluation']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequireGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequireGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -21513,21 +22792,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequireOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.ZeroTrustAccessGroupRequireSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -21559,7 +22850,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -21585,7 +22876,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -21613,7 +22904,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -21625,7 +22916,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -21662,6 +22953,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -21670,11 +22965,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -21701,6 +23002,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -21711,16 +23017,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -21746,6 +23061,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -21754,11 +23073,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -21784,6 +23109,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -21792,11 +23121,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -21827,6 +23162,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -21837,16 +23177,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -22526,9 +23875,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['ZeroTrustAccessPolicyExcludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param Sequence['ZeroTrustAccessPolicyExcludeExternalEvaluationArgs'] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['ZeroTrustAccessPolicyExcludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['ZeroTrustAccessPolicyExcludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['ZeroTrustAccessPolicyExcludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['ZeroTrustAccessPolicyExcludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -22580,6 +23948,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -22590,21 +23961,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExclu @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -22618,58 +24001,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeExternalEvaluation']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -22684,21 +24097,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyExcludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -22730,7 +24155,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -22756,7 +24181,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -22784,7 +24209,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -22796,7 +24221,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -22833,6 +24258,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -22841,11 +24270,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -22872,6 +24307,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -22882,16 +24322,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -22917,6 +24366,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -22925,11 +24378,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -22955,6 +24414,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -22963,11 +24426,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -22998,6 +24467,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -23008,16 +24482,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -23087,9 +24570,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['ZeroTrustAccessPolicyIncludeAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param Sequence['ZeroTrustAccessPolicyIncludeExternalEvaluationArgs'] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['ZeroTrustAccessPolicyIncludeGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['ZeroTrustAccessPolicyIncludeGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['ZeroTrustAccessPolicyIncludeOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['ZeroTrustAccessPolicyIncludeSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -23141,6 +24643,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -23151,21 +24656,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyInclu @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -23179,58 +24696,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeExternalEvaluation']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -23245,21 +24792,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyIncludeSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -23291,7 +24850,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -23317,7 +24876,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -23345,7 +24904,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -23357,7 +24916,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -23394,6 +24953,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -23402,11 +24965,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -23433,6 +25002,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -23443,16 +25017,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -23478,6 +25061,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -23486,11 +25073,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -23516,6 +25109,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -23524,11 +25121,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -23559,6 +25162,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -23569,16 +25177,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -23648,9 +25265,28 @@ def __init__(__self__, *, samls: Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireSaml']] = None, service_tokens: Optional[Sequence[str]] = None): """ + :param bool any_valid_service_token: Matches any valid Access service token. + :param str auth_method: The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + :param Sequence['ZeroTrustAccessPolicyRequireAzureArgs'] azures: Matches an Azure group. Requires an Azure identity provider. + :param bool certificate: Matches any valid client certificate. + :param str common_name: Matches a valid client certificate common name. :param Sequence[str] common_names: Overflow field if you need to have multiple common*name rules in a single policy. Use in place of the singular common*name field. - :param Sequence[str] ip_lists: The ID of an existing IP list to reference. + :param Sequence[str] device_postures: The ID of a device posture integration. + :param Sequence[str] email_domains: The email domain to match. + :param Sequence[str] email_lists: The ID of a previously created email list. + :param Sequence[str] emails: The email of the user. + :param bool everyone: Matches everyone. + :param Sequence['ZeroTrustAccessPolicyRequireExternalEvaluationArgs'] external_evaluations: Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + :param Sequence[str] geos: Matches a specific country. + :param Sequence['ZeroTrustAccessPolicyRequireGithubArgs'] githubs: Matches a Github organization. Requires a Github identity provider. + :param Sequence[str] groups: The ID of a previously created Access group. + :param Sequence['ZeroTrustAccessPolicyRequireGsuiteArgs'] gsuites: Matches a group in Google Workspace. Requires a Google Workspace identity provider. + :param Sequence[str] ip_lists: The ID of a previously created IP list. :param Sequence[str] ips: An IPv4 or IPv6 CIDR block. + :param Sequence[str] login_methods: The ID of a configured identity provider. + :param Sequence['ZeroTrustAccessPolicyRequireOktaArgs'] oktas: Matches an Okta group. Requires an Okta identity provider. + :param Sequence['ZeroTrustAccessPolicyRequireSamlArgs'] samls: Matches a SAML group. Requires a SAML identity provider. + :param Sequence[str] service_tokens: The ID of an Access service token. """ if any_valid_service_token is not None: pulumi.set(__self__, "any_valid_service_token", any_valid_service_token) @@ -23702,6 +25338,9 @@ def __init__(__self__, *, @property @pulumi.getter(name="anyValidServiceToken") def any_valid_service_token(self) -> Optional[bool]: + """ + Matches any valid Access service token. + """ return pulumi.get(self, "any_valid_service_token") @property @@ -23712,21 +25351,33 @@ def auth_contexts(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequi @property @pulumi.getter(name="authMethod") def auth_method(self) -> Optional[str]: + """ + The type of authentication method. Refer to https://datatracker.ietf.org/doc/html/rfc8176#section-2 for possible types. + """ return pulumi.get(self, "auth_method") @property @pulumi.getter def azures(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireAzure']]: + """ + Matches an Azure group. Requires an Azure identity provider. + """ return pulumi.get(self, "azures") @property @pulumi.getter def certificate(self) -> Optional[bool]: + """ + Matches any valid client certificate. + """ return pulumi.get(self, "certificate") @property @pulumi.getter(name="commonName") def common_name(self) -> Optional[str]: + """ + Matches a valid client certificate common name. + """ return pulumi.get(self, "common_name") @property @@ -23740,58 +25391,88 @@ def common_names(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="devicePostures") def device_postures(self) -> Optional[Sequence[str]]: + """ + The ID of a device posture integration. + """ return pulumi.get(self, "device_postures") @property @pulumi.getter(name="emailDomains") def email_domains(self) -> Optional[Sequence[str]]: + """ + The email domain to match. + """ return pulumi.get(self, "email_domains") @property @pulumi.getter(name="emailLists") def email_lists(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created email list. + """ return pulumi.get(self, "email_lists") @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the user. + """ return pulumi.get(self, "emails") @property @pulumi.getter def everyone(self) -> Optional[bool]: + """ + Matches everyone. + """ return pulumi.get(self, "everyone") @property @pulumi.getter(name="externalEvaluations") def external_evaluations(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireExternalEvaluation']]: + """ + Create Allow or Block policies which evaluate the user based on custom criteria. https://developers.cloudflare.com/cloudflare-one/policies/access/external-evaluation/. + """ return pulumi.get(self, "external_evaluations") @property @pulumi.getter def geos(self) -> Optional[Sequence[str]]: + """ + Matches a specific country. + """ return pulumi.get(self, "geos") @property @pulumi.getter def githubs(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireGithub']]: + """ + Matches a Github organization. Requires a Github identity provider. + """ return pulumi.get(self, "githubs") @property @pulumi.getter def groups(self) -> Optional[Sequence[str]]: + """ + The ID of a previously created Access group. + """ return pulumi.get(self, "groups") @property @pulumi.getter def gsuites(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireGsuite']]: + """ + Matches a group in Google Workspace. Requires a Google Workspace identity provider. + """ return pulumi.get(self, "gsuites") @property @pulumi.getter(name="ipLists") def ip_lists(self) -> Optional[Sequence[str]]: """ - The ID of an existing IP list to reference. + The ID of a previously created IP list. """ return pulumi.get(self, "ip_lists") @@ -23806,21 +25487,33 @@ def ips(self) -> Optional[Sequence[str]]: @property @pulumi.getter(name="loginMethods") def login_methods(self) -> Optional[Sequence[str]]: + """ + The ID of a configured identity provider. + """ return pulumi.get(self, "login_methods") @property @pulumi.getter def oktas(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireOkta']]: + """ + Matches an Okta group. Requires an Okta identity provider. + """ return pulumi.get(self, "oktas") @property @pulumi.getter def samls(self) -> Optional[Sequence['outputs.ZeroTrustAccessPolicyRequireSaml']]: + """ + Matches a SAML group. Requires a SAML identity provider. + """ return pulumi.get(self, "samls") @property @pulumi.getter(name="serviceTokens") def service_tokens(self) -> Optional[Sequence[str]]: + """ + The ID of an Access service token. + """ return pulumi.get(self, "service_tokens") @@ -23852,7 +25545,7 @@ def __init__(__self__, *, """ :param str ac_id: The ACID of the Authentication Context. :param str id: The ID of the Authentication Context. - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. """ pulumi.set(__self__, "ac_id", ac_id) pulumi.set(__self__, "id", id) @@ -23878,7 +25571,7 @@ def id(self) -> str: @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> str: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -23906,7 +25599,7 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, ids: Optional[Sequence[str]] = None): """ - :param str identity_provider_id: The ID of the Azure Identity provider. + :param str identity_provider_id: The ID of the Azure identity provider. :param Sequence[str] ids: The ID of the Azure group or user. """ if identity_provider_id is not None: @@ -23918,7 +25611,7 @@ def __init__(__self__, *, @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: """ - The ID of the Azure Identity provider. + The ID of the Azure identity provider. """ return pulumi.get(self, "identity_provider_id") @@ -23955,6 +25648,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, evaluate_url: Optional[str] = None, keys_url: Optional[str] = None): + """ + :param str evaluate_url: The API endpoint containing your business logic. + :param str keys_url: The API endpoint containing the key that Access uses to verify that the response came from your API. + """ if evaluate_url is not None: pulumi.set(__self__, "evaluate_url", evaluate_url) if keys_url is not None: @@ -23963,11 +25660,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="evaluateUrl") def evaluate_url(self) -> Optional[str]: + """ + The API endpoint containing your business logic. + """ return pulumi.get(self, "evaluate_url") @property @pulumi.getter(name="keysUrl") def keys_url(self) -> Optional[str]: + """ + The API endpoint containing the key that Access uses to verify that the response came from your API. + """ return pulumi.get(self, "keys_url") @@ -23994,6 +25697,11 @@ def __init__(__self__, *, identity_provider_id: Optional[str] = None, name: Optional[str] = None, teams: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Github identity provider. + :param str name: The name of the organization. + :param Sequence[str] teams: The teams that should be matched. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if name is not None: @@ -24004,16 +25712,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Github identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def name(self) -> Optional[str]: + """ + The name of the organization. + """ return pulumi.get(self, "name") @property @pulumi.getter def teams(self) -> Optional[Sequence[str]]: + """ + The teams that should be matched. + """ return pulumi.get(self, "teams") @@ -24039,6 +25756,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, emails: Optional[Sequence[str]] = None, identity_provider_id: Optional[str] = None): + """ + :param Sequence[str] emails: The email of the Google Workspace group. + :param str identity_provider_id: The ID of your Google Workspace identity provider. + """ if emails is not None: pulumi.set(__self__, "emails", emails) if identity_provider_id is not None: @@ -24047,11 +25768,17 @@ def __init__(__self__, *, @property @pulumi.getter def emails(self) -> Optional[Sequence[str]]: + """ + The email of the Google Workspace group. + """ return pulumi.get(self, "emails") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Google Workspace identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -24077,6 +25804,10 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, identity_provider_id: Optional[str] = None, names: Optional[Sequence[str]] = None): + """ + :param str identity_provider_id: The ID of your Okta identity provider. + :param Sequence[str] names: The name of the Okta Group. + """ if identity_provider_id is not None: pulumi.set(__self__, "identity_provider_id", identity_provider_id) if names is not None: @@ -24085,11 +25816,17 @@ def __init__(__self__, *, @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your Okta identity provider. + """ return pulumi.get(self, "identity_provider_id") @property @pulumi.getter def names(self) -> Optional[Sequence[str]]: + """ + The name of the Okta Group. + """ return pulumi.get(self, "names") @@ -24120,6 +25857,11 @@ def __init__(__self__, *, attribute_name: Optional[str] = None, attribute_value: Optional[str] = None, identity_provider_id: Optional[str] = None): + """ + :param str attribute_name: The name of the SAML attribute. + :param str attribute_value: The SAML attribute value to look for. + :param str identity_provider_id: The ID of your SAML identity provider. + """ if attribute_name is not None: pulumi.set(__self__, "attribute_name", attribute_name) if attribute_value is not None: @@ -24130,16 +25872,25 @@ def __init__(__self__, *, @property @pulumi.getter(name="attributeName") def attribute_name(self) -> Optional[str]: + """ + The name of the SAML attribute. + """ return pulumi.get(self, "attribute_name") @property @pulumi.getter(name="attributeValue") def attribute_value(self) -> Optional[str]: + """ + The SAML attribute value to look for. + """ return pulumi.get(self, "attribute_value") @property @pulumi.getter(name="identityProviderId") def identity_provider_id(self) -> Optional[str]: + """ + The ID of your SAML identity provider. + """ return pulumi.get(self, "identity_provider_id") @@ -24430,16 +26181,16 @@ def __init__(__self__, *, :param str connection_id: The workspace one or intune connection id. :param str count_operator: The count comparison operator for kolide. Available values: `>`, `>=`, `<`, `<=`, `==`. :param str domain: The domain that the client must join. - :param str eid_last_seen: The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + :param str eid_last_seen: The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. :param bool enabled: True if the firewall must be enabled. :param bool exists: Checks if the file should exist. - :param Sequence[str] extended_key_usages: List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + :param Sequence[str] extended_key_usages: List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. :param str id: The Teams List id. Required for `serial_number` and `unique_client_id` rule types. :param bool infected: True if SentinelOne device is infected. :param bool is_active: True if SentinelOne device is active. :param str issue_count: The number of issues for kolide. :param str last_seen: The duration of time that the host was last seen from Crowdstrike. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. - :param Sequence['ZeroTrustDevicePostureRuleInputLocationArgs'] locations: List of locations to check for client certificate. + :param Sequence['ZeroTrustDevicePostureRuleInputLocationArgs'] locations: List of operating system locations to check for a client certificate.. :param str network_status: The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`. :param str operator: The version comparison operator. Available values: `>`, `>=`, `<`, `<=`, `==`. :param str os: OS signal score from Crowdstrike. Value must be between 1 and 100. @@ -24457,7 +26208,7 @@ def __init__(__self__, *, :param str thumbprint: The thumbprint of the file certificate. :param int total_score: The total score from Tanium. :param str version: The operating system semantic version. - :param str version_operator: The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + :param str version_operator: The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ if active_threats is not None: pulumi.set(__self__, "active_threats", active_threats) @@ -24610,7 +26361,7 @@ def domain(self) -> Optional[str]: @pulumi.getter(name="eidLastSeen") def eid_last_seen(self) -> Optional[str]: """ - The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m` + The time a device last seen in Tanium. Must be in the format `1h` or `30m`. Valid units are `d`, `h` and `m`. """ return pulumi.get(self, "eid_last_seen") @@ -24634,7 +26385,7 @@ def exists(self) -> Optional[bool]: @pulumi.getter(name="extendedKeyUsages") def extended_key_usages(self) -> Optional[Sequence[str]]: """ - List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection` + List of values indicating purposes for which the certificate public key can be used. Available values: `clientAuth`, `emailProtection`. """ return pulumi.get(self, "extended_key_usages") @@ -24682,7 +26433,7 @@ def last_seen(self) -> Optional[str]: @pulumi.getter def locations(self) -> Optional[Sequence['outputs.ZeroTrustDevicePostureRuleInputLocation']]: """ - List of locations to check for client certificate. + List of operating system locations to check for a client certificate.. """ return pulumi.get(self, "locations") @@ -24826,7 +26577,7 @@ def version(self) -> Optional[str]: @pulumi.getter(name="versionOperator") def version_operator(self) -> Optional[str]: """ - The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. + The version comparison operator for Crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`. """ return pulumi.get(self, "version_operator") @@ -24855,7 +26606,7 @@ def __init__(__self__, *, trust_stores: Optional[Sequence[str]] = None): """ :param Sequence[str] paths: List of paths to check for client certificate rule. - :param Sequence[str] trust_stores: List of trust stores to check for client certificate rule. Available values: `system`, `user` + :param Sequence[str] trust_stores: List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ if paths is not None: pulumi.set(__self__, "paths", paths) @@ -24874,7 +26625,7 @@ def paths(self) -> Optional[Sequence[str]]: @pulumi.getter(name="trustStores") def trust_stores(self) -> Optional[Sequence[str]]: """ - List of trust stores to check for client certificate rule. Available values: `system`, `user` + List of trust stores to check for client certificate rule. Available values: `system`, `user`. """ return pulumi.get(self, "trust_stores") @@ -26225,6 +27976,24 @@ def inspection_mode(self) -> str: return pulumi.get(self, "inspection_mode") +@pulumi.output_type +class ZeroTrustGatewaySettingsCertificate(dict): + def __init__(__self__, *, + id: str): + """ + :param str id: ID of certificate for TLS interception. + """ + pulumi.set(__self__, "id", id) + + @property + @pulumi.getter + def id(self) -> str: + """ + ID of certificate for TLS interception. + """ + return pulumi.get(self, "id") + + @pulumi.output_type class ZeroTrustGatewaySettingsCustomCertificate(dict): @staticmethod @@ -26602,7 +28371,7 @@ def __init__(__self__, *, udp: bool, virtual_ip: bool): """ - :param int disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP + :param int disable_for_time: Sets the time limit in seconds that a user can use an override code to bypass WARP. :param bool root_ca: Whether root ca is enabled account wide for ZT clients. :param bool tcp: Whether gateway proxy is enabled on gateway devices for TCP traffic. :param bool udp: Whether gateway proxy is enabled on gateway devices for UDP traffic. @@ -26618,7 +28387,7 @@ def __init__(__self__, *, @pulumi.getter(name="disableForTime") def disable_for_time(self) -> int: """ - Sets the time limit in seconds that a user can use an override code to bypass WARP + Sets the time limit in seconds that a user can use an override code to bypass WARP. """ return pulumi.get(self, "disable_for_time") @@ -27862,6 +29631,8 @@ def __key_warning(key: str): suggest = "proxy_read_timeout" elif key == "pseudoIpv4": suggest = "pseudo_ipv4" + elif key == "replaceInsecureJs": + suggest = "replace_insecure_js" elif key == "responseBuffering": suggest = "response_buffering" elif key == "rocketLoader": @@ -27939,6 +29710,7 @@ def __init__(__self__, *, privacy_pass: Optional[str] = None, proxy_read_timeout: Optional[str] = None, pseudo_ipv4: Optional[str] = None, + replace_insecure_js: Optional[str] = None, response_buffering: Optional[str] = None, rocket_loader: Optional[str] = None, security_header: Optional['outputs.ZoneSettingsOverrideInitialSettingSecurityHeader'] = None, @@ -28036,6 +29808,8 @@ def __init__(__self__, *, pulumi.set(__self__, "proxy_read_timeout", proxy_read_timeout) if pseudo_ipv4 is not None: pulumi.set(__self__, "pseudo_ipv4", pseudo_ipv4) + if replace_insecure_js is not None: + pulumi.set(__self__, "replace_insecure_js", replace_insecure_js) if response_buffering is not None: pulumi.set(__self__, "response_buffering", response_buffering) if rocket_loader is not None: @@ -28272,6 +30046,11 @@ def proxy_read_timeout(self) -> Optional[str]: def pseudo_ipv4(self) -> Optional[str]: return pulumi.get(self, "pseudo_ipv4") + @property + @pulumi.getter(name="replaceInsecureJs") + def replace_insecure_js(self) -> Optional[str]: + return pulumi.get(self, "replace_insecure_js") + @property @pulumi.getter(name="responseBuffering") def response_buffering(self) -> Optional[str]: @@ -28571,6 +30350,8 @@ def __key_warning(key: str): suggest = "proxy_read_timeout" elif key == "pseudoIpv4": suggest = "pseudo_ipv4" + elif key == "replaceInsecureJs": + suggest = "replace_insecure_js" elif key == "responseBuffering": suggest = "response_buffering" elif key == "rocketLoader": @@ -28648,6 +30429,7 @@ def __init__(__self__, *, privacy_pass: Optional[str] = None, proxy_read_timeout: Optional[str] = None, pseudo_ipv4: Optional[str] = None, + replace_insecure_js: Optional[str] = None, response_buffering: Optional[str] = None, rocket_loader: Optional[str] = None, security_header: Optional['outputs.ZoneSettingsOverrideSettingsSecurityHeader'] = None, @@ -28745,6 +30527,8 @@ def __init__(__self__, *, pulumi.set(__self__, "proxy_read_timeout", proxy_read_timeout) if pseudo_ipv4 is not None: pulumi.set(__self__, "pseudo_ipv4", pseudo_ipv4) + if replace_insecure_js is not None: + pulumi.set(__self__, "replace_insecure_js", replace_insecure_js) if response_buffering is not None: pulumi.set(__self__, "response_buffering", response_buffering) if rocket_loader is not None: @@ -28981,6 +30765,11 @@ def proxy_read_timeout(self) -> Optional[str]: def pseudo_ipv4(self) -> Optional[str]: return pulumi.get(self, "pseudo_ipv4") + @property + @pulumi.getter(name="replaceInsecureJs") + def replace_insecure_js(self) -> Optional[str]: + return pulumi.get(self, "replace_insecure_js") + @property @pulumi.getter(name="responseBuffering") def response_buffering(self) -> Optional[str]: @@ -30602,6 +32391,7 @@ def __init__(__self__, *, browser_ttl: Optional['outputs.GetRulesetsRulesetRuleActionParametersBrowserTtlResult'] = None, cache: Optional[bool] = None, cache_key: Optional['outputs.GetRulesetsRulesetRuleActionParametersCacheKeyResult'] = None, + cache_reserve: Optional['outputs.GetRulesetsRulesetRuleActionParametersCacheReserveResult'] = None, content: Optional[str] = None, content_type: Optional[str] = None, cookie_fields: Optional[Sequence[str]] = None, @@ -30653,6 +32443,7 @@ def __init__(__self__, *, :param 'GetRulesetsRulesetRuleActionParametersBrowserTtlArgs' browser_ttl: List of browser TTL parameters to apply to the request. :param bool cache: Whether to cache if expression matches. :param 'GetRulesetsRulesetRuleActionParametersCacheKeyArgs' cache_key: List of cache key parameters to apply to the request. + :param 'GetRulesetsRulesetRuleActionParametersCacheReserveArgs' cache_reserve: List of cache reserve parameters to apply to the request. :param str content: Content of the custom error response :param str content_type: Content-Type of the custom error response :param Sequence[str] cookie_fields: List of cookie values to include as part of custom fields logging. @@ -30710,6 +32501,8 @@ def __init__(__self__, *, pulumi.set(__self__, "cache", cache) if cache_key is not None: pulumi.set(__self__, "cache_key", cache_key) + if cache_reserve is not None: + pulumi.set(__self__, "cache_reserve", cache_reserve) if content is not None: pulumi.set(__self__, "content", content) if content_type is not None: @@ -30859,6 +32652,14 @@ def cache_key(self) -> Optional['outputs.GetRulesetsRulesetRuleActionParametersC """ return pulumi.get(self, "cache_key") + @property + @pulumi.getter(name="cacheReserve") + def cache_reserve(self) -> Optional['outputs.GetRulesetsRulesetRuleActionParametersCacheReserveResult']: + """ + List of cache reserve parameters to apply to the request. + """ + return pulumi.get(self, "cache_reserve") + @property @pulumi.getter def content(self) -> Optional[str]: @@ -31567,6 +33368,36 @@ def lang(self) -> Optional[bool]: return pulumi.get(self, "lang") +@pulumi.output_type +class GetRulesetsRulesetRuleActionParametersCacheReserveResult(dict): + def __init__(__self__, *, + eligible: bool, + minimum_file_size: Optional[int] = None): + """ + :param bool eligible: Determines whether Cloudflare will write the eligible resource to cache reserve. + :param int minimum_file_size: The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + """ + pulumi.set(__self__, "eligible", eligible) + if minimum_file_size is not None: + pulumi.set(__self__, "minimum_file_size", minimum_file_size) + + @property + @pulumi.getter + def eligible(self) -> bool: + """ + Determines whether Cloudflare will write the eligible resource to cache reserve. + """ + return pulumi.get(self, "eligible") + + @property + @pulumi.getter(name="minimumFileSize") + def minimum_file_size(self) -> Optional[int]: + """ + The minimum file size, in bytes, eligible for storage in cache reserve. If omitted and "eligible" is true, Cloudflare will use 0 bytes by default. + """ + return pulumi.get(self, "minimum_file_size") + + @pulumi.output_type class GetRulesetsRulesetRuleActionParametersEdgeTtlResult(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_cloudflare/teams_account.py b/sdk/python/pulumi_cloudflare/teams_account.py index af2d6d36c..f0ec8142c 100644 --- a/sdk/python/pulumi_cloudflare/teams_account.py +++ b/sdk/python/pulumi_cloudflare/teams_account.py @@ -21,6 +21,7 @@ def __init__(__self__, *, antivirus: Optional[pulumi.Input['TeamsAccountAntivirusArgs']] = None, block_page: Optional[pulumi.Input['TeamsAccountBlockPageArgs']] = None, body_scanning: Optional[pulumi.Input['TeamsAccountBodyScanningArgs']] = None, + certificate: Optional[pulumi.Input['TeamsAccountCertificateArgs']] = None, custom_certificate: Optional[pulumi.Input['TeamsAccountCustomCertificateArgs']] = None, extended_email_matching: Optional[pulumi.Input['TeamsAccountExtendedEmailMatchingArgs']] = None, fips: Optional[pulumi.Input['TeamsAccountFipsArgs']] = None, @@ -39,7 +40,8 @@ def __init__(__self__, *, :param pulumi.Input['TeamsAccountAntivirusArgs'] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input['TeamsAccountBlockPageArgs'] block_page: Configuration for a custom block page. :param pulumi.Input['TeamsAccountBodyScanningArgs'] body_scanning: Configuration for body scanning. - :param pulumi.Input['TeamsAccountCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input['TeamsAccountCertificateArgs'] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input['TeamsAccountCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input['TeamsAccountExtendedEmailMatchingArgs'] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input['TeamsAccountFipsArgs'] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -59,6 +61,11 @@ def __init__(__self__, *, pulumi.set(__self__, "block_page", block_page) if body_scanning is not None: pulumi.set(__self__, "body_scanning", body_scanning) + if certificate is not None: + pulumi.set(__self__, "certificate", certificate) + if custom_certificate is not None: + warnings.warn("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""", DeprecationWarning) + pulumi.log.warn("""custom_certificate is deprecated: Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") if custom_certificate is not None: pulumi.set(__self__, "custom_certificate", custom_certificate) if extended_email_matching is not None: @@ -142,11 +149,24 @@ def body_scanning(self) -> Optional[pulumi.Input['TeamsAccountBodyScanningArgs'] def body_scanning(self, value: Optional[pulumi.Input['TeamsAccountBodyScanningArgs']]): pulumi.set(self, "body_scanning", value) + @property + @pulumi.getter + def certificate(self) -> Optional[pulumi.Input['TeamsAccountCertificateArgs']]: + """ + Configuration for TLS interception certificate. This will be required starting Feb 2025. + """ + return pulumi.get(self, "certificate") + + @certificate.setter + def certificate(self, value: Optional[pulumi.Input['TeamsAccountCertificateArgs']]): + pulumi.set(self, "certificate", value) + @property @pulumi.getter(name="customCertificate") + @_utilities.deprecated("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") def custom_certificate(self) -> Optional[pulumi.Input['TeamsAccountCustomCertificateArgs']]: """ - Configuration for custom certificates / BYO-PKI. + Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. """ return pulumi.get(self, "custom_certificate") @@ -280,6 +300,7 @@ def __init__(__self__, *, antivirus: Optional[pulumi.Input['TeamsAccountAntivirusArgs']] = None, block_page: Optional[pulumi.Input['TeamsAccountBlockPageArgs']] = None, body_scanning: Optional[pulumi.Input['TeamsAccountBodyScanningArgs']] = None, + certificate: Optional[pulumi.Input['TeamsAccountCertificateArgs']] = None, custom_certificate: Optional[pulumi.Input['TeamsAccountCustomCertificateArgs']] = None, extended_email_matching: Optional[pulumi.Input['TeamsAccountExtendedEmailMatchingArgs']] = None, fips: Optional[pulumi.Input['TeamsAccountFipsArgs']] = None, @@ -298,7 +319,8 @@ def __init__(__self__, *, :param pulumi.Input['TeamsAccountAntivirusArgs'] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input['TeamsAccountBlockPageArgs'] block_page: Configuration for a custom block page. :param pulumi.Input['TeamsAccountBodyScanningArgs'] body_scanning: Configuration for body scanning. - :param pulumi.Input['TeamsAccountCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input['TeamsAccountCertificateArgs'] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input['TeamsAccountCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input['TeamsAccountExtendedEmailMatchingArgs'] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input['TeamsAccountFipsArgs'] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -319,6 +341,11 @@ def __init__(__self__, *, pulumi.set(__self__, "block_page", block_page) if body_scanning is not None: pulumi.set(__self__, "body_scanning", body_scanning) + if certificate is not None: + pulumi.set(__self__, "certificate", certificate) + if custom_certificate is not None: + warnings.warn("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""", DeprecationWarning) + pulumi.log.warn("""custom_certificate is deprecated: Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") if custom_certificate is not None: pulumi.set(__self__, "custom_certificate", custom_certificate) if extended_email_matching is not None: @@ -402,11 +429,24 @@ def body_scanning(self) -> Optional[pulumi.Input['TeamsAccountBodyScanningArgs'] def body_scanning(self, value: Optional[pulumi.Input['TeamsAccountBodyScanningArgs']]): pulumi.set(self, "body_scanning", value) + @property + @pulumi.getter + def certificate(self) -> Optional[pulumi.Input['TeamsAccountCertificateArgs']]: + """ + Configuration for TLS interception certificate. This will be required starting Feb 2025. + """ + return pulumi.get(self, "certificate") + + @certificate.setter + def certificate(self, value: Optional[pulumi.Input['TeamsAccountCertificateArgs']]): + pulumi.set(self, "certificate", value) + @property @pulumi.getter(name="customCertificate") + @_utilities.deprecated("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") def custom_certificate(self) -> Optional[pulumi.Input['TeamsAccountCustomCertificateArgs']]: """ - Configuration for custom certificates / BYO-PKI. + Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. """ return pulumi.get(self, "custom_certificate") @@ -542,6 +582,7 @@ def __init__(__self__, antivirus: Optional[pulumi.Input[Union['TeamsAccountAntivirusArgs', 'TeamsAccountAntivirusArgsDict']]] = None, block_page: Optional[pulumi.Input[Union['TeamsAccountBlockPageArgs', 'TeamsAccountBlockPageArgsDict']]] = None, body_scanning: Optional[pulumi.Input[Union['TeamsAccountBodyScanningArgs', 'TeamsAccountBodyScanningArgsDict']]] = None, + certificate: Optional[pulumi.Input[Union['TeamsAccountCertificateArgs', 'TeamsAccountCertificateArgsDict']]] = None, custom_certificate: Optional[pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']]] = None, extended_email_matching: Optional[pulumi.Input[Union['TeamsAccountExtendedEmailMatchingArgs', 'TeamsAccountExtendedEmailMatchingArgsDict']]] = None, fips: Optional[pulumi.Input[Union['TeamsAccountFipsArgs', 'TeamsAccountFipsArgsDict']]] = None, @@ -595,6 +636,7 @@ def __init__(__self__, "udp": True, "root_ca": True, "virtual_ip": False, + "disable_for_time": 3600, }, url_browser_isolation_enabled=True, logging={ @@ -632,7 +674,8 @@ def __init__(__self__, :param pulumi.Input[Union['TeamsAccountAntivirusArgs', 'TeamsAccountAntivirusArgsDict']] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input[Union['TeamsAccountBlockPageArgs', 'TeamsAccountBlockPageArgsDict']] block_page: Configuration for a custom block page. :param pulumi.Input[Union['TeamsAccountBodyScanningArgs', 'TeamsAccountBodyScanningArgsDict']] body_scanning: Configuration for body scanning. - :param pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input[Union['TeamsAccountCertificateArgs', 'TeamsAccountCertificateArgsDict']] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input[Union['TeamsAccountExtendedEmailMatchingArgs', 'TeamsAccountExtendedEmailMatchingArgsDict']] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input[Union['TeamsAccountFipsArgs', 'TeamsAccountFipsArgsDict']] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -690,6 +733,7 @@ def __init__(__self__, "udp": True, "root_ca": True, "virtual_ip": False, + "disable_for_time": 3600, }, url_browser_isolation_enabled=True, logging={ @@ -740,6 +784,7 @@ def _internal_init(__self__, antivirus: Optional[pulumi.Input[Union['TeamsAccountAntivirusArgs', 'TeamsAccountAntivirusArgsDict']]] = None, block_page: Optional[pulumi.Input[Union['TeamsAccountBlockPageArgs', 'TeamsAccountBlockPageArgsDict']]] = None, body_scanning: Optional[pulumi.Input[Union['TeamsAccountBodyScanningArgs', 'TeamsAccountBodyScanningArgsDict']]] = None, + certificate: Optional[pulumi.Input[Union['TeamsAccountCertificateArgs', 'TeamsAccountCertificateArgsDict']]] = None, custom_certificate: Optional[pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']]] = None, extended_email_matching: Optional[pulumi.Input[Union['TeamsAccountExtendedEmailMatchingArgs', 'TeamsAccountExtendedEmailMatchingArgsDict']]] = None, fips: Optional[pulumi.Input[Union['TeamsAccountFipsArgs', 'TeamsAccountFipsArgsDict']]] = None, @@ -767,6 +812,7 @@ def _internal_init(__self__, __props__.__dict__["antivirus"] = antivirus __props__.__dict__["block_page"] = block_page __props__.__dict__["body_scanning"] = body_scanning + __props__.__dict__["certificate"] = certificate __props__.__dict__["custom_certificate"] = custom_certificate __props__.__dict__["extended_email_matching"] = extended_email_matching __props__.__dict__["fips"] = fips @@ -793,6 +839,7 @@ def get(resource_name: str, antivirus: Optional[pulumi.Input[Union['TeamsAccountAntivirusArgs', 'TeamsAccountAntivirusArgsDict']]] = None, block_page: Optional[pulumi.Input[Union['TeamsAccountBlockPageArgs', 'TeamsAccountBlockPageArgsDict']]] = None, body_scanning: Optional[pulumi.Input[Union['TeamsAccountBodyScanningArgs', 'TeamsAccountBodyScanningArgsDict']]] = None, + certificate: Optional[pulumi.Input[Union['TeamsAccountCertificateArgs', 'TeamsAccountCertificateArgsDict']]] = None, custom_certificate: Optional[pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']]] = None, extended_email_matching: Optional[pulumi.Input[Union['TeamsAccountExtendedEmailMatchingArgs', 'TeamsAccountExtendedEmailMatchingArgsDict']]] = None, fips: Optional[pulumi.Input[Union['TeamsAccountFipsArgs', 'TeamsAccountFipsArgsDict']]] = None, @@ -816,7 +863,8 @@ def get(resource_name: str, :param pulumi.Input[Union['TeamsAccountAntivirusArgs', 'TeamsAccountAntivirusArgsDict']] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input[Union['TeamsAccountBlockPageArgs', 'TeamsAccountBlockPageArgsDict']] block_page: Configuration for a custom block page. :param pulumi.Input[Union['TeamsAccountBodyScanningArgs', 'TeamsAccountBodyScanningArgsDict']] body_scanning: Configuration for body scanning. - :param pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input[Union['TeamsAccountCertificateArgs', 'TeamsAccountCertificateArgsDict']] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input[Union['TeamsAccountCustomCertificateArgs', 'TeamsAccountCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input[Union['TeamsAccountExtendedEmailMatchingArgs', 'TeamsAccountExtendedEmailMatchingArgsDict']] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input[Union['TeamsAccountFipsArgs', 'TeamsAccountFipsArgsDict']] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -836,6 +884,7 @@ def get(resource_name: str, __props__.__dict__["antivirus"] = antivirus __props__.__dict__["block_page"] = block_page __props__.__dict__["body_scanning"] = body_scanning + __props__.__dict__["certificate"] = certificate __props__.__dict__["custom_certificate"] = custom_certificate __props__.__dict__["extended_email_matching"] = extended_email_matching __props__.__dict__["fips"] = fips @@ -889,11 +938,20 @@ def body_scanning(self) -> pulumi.Output[Optional['outputs.TeamsAccountBodyScann """ return pulumi.get(self, "body_scanning") + @property + @pulumi.getter + def certificate(self) -> pulumi.Output[Optional['outputs.TeamsAccountCertificate']]: + """ + Configuration for TLS interception certificate. This will be required starting Feb 2025. + """ + return pulumi.get(self, "certificate") + @property @pulumi.getter(name="customCertificate") + @_utilities.deprecated("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") def custom_certificate(self) -> pulumi.Output[Optional['outputs.TeamsAccountCustomCertificate']]: """ - Configuration for custom certificates / BYO-PKI. + Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. """ return pulumi.get(self, "custom_certificate") diff --git a/sdk/python/pulumi_cloudflare/waiting_room.py b/sdk/python/pulumi_cloudflare/waiting_room.py index 61e47287c..d35194917 100644 --- a/sdk/python/pulumi_cloudflare/waiting_room.py +++ b/sdk/python/pulumi_cloudflare/waiting_room.py @@ -48,7 +48,7 @@ def __init__(__self__, *, :param pulumi.Input[str] default_template_language: The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`, `ru-RU`, `fa-IR`. Defaults to `en-US`. :param pulumi.Input[str] description: A description to add more details about the waiting room. :param pulumi.Input[bool] disable_session_renewal: Disables automatic renewal of session cookies. - :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke` + :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke`. :param pulumi.Input[bool] json_response_enabled: If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. :param pulumi.Input[str] path: The path within the host to enable the waiting room on. Defaults to `/`. :param pulumi.Input[bool] queue_all: If queue_all is true, then all traffic will be sent to the waiting room. @@ -227,7 +227,7 @@ def disable_session_renewal(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="enabledOriginCommands") def enabled_origin_commands(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The list of enabled origin commands for the waiting room. Available values: `revoke` + The list of enabled origin commands for the waiting room. Available values: `revoke`. """ return pulumi.get(self, "enabled_origin_commands") @@ -350,7 +350,7 @@ def __init__(__self__, *, :param pulumi.Input[str] default_template_language: The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`, `ru-RU`, `fa-IR`. Defaults to `en-US`. :param pulumi.Input[str] description: A description to add more details about the waiting room. :param pulumi.Input[bool] disable_session_renewal: Disables automatic renewal of session cookies. - :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke` + :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke`. :param pulumi.Input[str] host: Host name for which the waiting room will be applied (no wildcards). :param pulumi.Input[bool] json_response_enabled: If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. :param pulumi.Input[str] name: A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** @@ -479,7 +479,7 @@ def disable_session_renewal(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="enabledOriginCommands") def enabled_origin_commands(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The list of enabled origin commands for the waiting room. Available values: `revoke` + The list of enabled origin commands for the waiting room. Available values: `revoke`. """ return pulumi.get(self, "enabled_origin_commands") @@ -684,7 +684,8 @@ def __init__(__self__, "host": "shop2.example.com", }, ], - queueing_status_code=200) + queueing_status_code=200, + enabled_origin_commands=["revoke"]) ``` ## Import @@ -703,7 +704,7 @@ def __init__(__self__, :param pulumi.Input[str] default_template_language: The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`, `ru-RU`, `fa-IR`. Defaults to `en-US`. :param pulumi.Input[str] description: A description to add more details about the waiting room. :param pulumi.Input[bool] disable_session_renewal: Disables automatic renewal of session cookies. - :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke` + :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke`. :param pulumi.Input[str] host: Host name for which the waiting room will be applied (no wildcards). :param pulumi.Input[bool] json_response_enabled: If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. :param pulumi.Input[str] name: A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** @@ -750,7 +751,8 @@ def __init__(__self__, "host": "shop2.example.com", }, ], - queueing_status_code=200) + queueing_status_code=200, + enabled_origin_commands=["revoke"]) ``` ## Import @@ -875,7 +877,7 @@ def get(resource_name: str, :param pulumi.Input[str] default_template_language: The language to use for the default waiting room page. Available values: `de-DE`, `es-ES`, `en-US`, `fr-FR`, `id-ID`, `it-IT`, `ja-JP`, `ko-KR`, `nl-NL`, `pl-PL`, `pt-BR`, `tr-TR`, `zh-CN`, `zh-TW`, `ru-RU`, `fa-IR`. Defaults to `en-US`. :param pulumi.Input[str] description: A description to add more details about the waiting room. :param pulumi.Input[bool] disable_session_renewal: Disables automatic renewal of session cookies. - :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke` + :param pulumi.Input[Sequence[pulumi.Input[str]]] enabled_origin_commands: The list of enabled origin commands for the waiting room. Available values: `revoke`. :param pulumi.Input[str] host: Host name for which the waiting room will be applied (no wildcards). :param pulumi.Input[bool] json_response_enabled: If true, requests to the waiting room with the header `Accept: application/json` will receive a JSON response object. :param pulumi.Input[str] name: A unique name to identify the waiting room. **Modifying this attribute will force creation of a new resource.** @@ -966,7 +968,7 @@ def disable_session_renewal(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter(name="enabledOriginCommands") def enabled_origin_commands(self) -> pulumi.Output[Optional[Sequence[str]]]: """ - The list of enabled origin commands for the waiting room. Available values: `revoke` + The list of enabled origin commands for the waiting room. Available values: `revoke`. """ return pulumi.get(self, "enabled_origin_commands") diff --git a/sdk/python/pulumi_cloudflare/worker_script.py b/sdk/python/pulumi_cloudflare/worker_script.py index 5f201e7c9..53307d16d 100644 --- a/sdk/python/pulumi_cloudflare/worker_script.py +++ b/sdk/python/pulumi_cloudflare/worker_script.py @@ -24,6 +24,7 @@ def __init__(__self__, *, compatibility_flags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptD1DatabaseBindingArgs']]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptHyperdriveConfigBindingArgs']]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptKvNamespaceBindingArgs']]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -59,6 +60,8 @@ def __init__(__self__, *, pulumi.set(__self__, "d1_database_bindings", d1_database_bindings) if dispatch_namespace is not None: pulumi.set(__self__, "dispatch_namespace", dispatch_namespace) + if hyperdrive_config_bindings is not None: + pulumi.set(__self__, "hyperdrive_config_bindings", hyperdrive_config_bindings) if kv_namespace_bindings is not None: pulumi.set(__self__, "kv_namespace_bindings", kv_namespace_bindings) if logpush is not None: @@ -172,6 +175,15 @@ def dispatch_namespace(self) -> Optional[pulumi.Input[str]]: def dispatch_namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "dispatch_namespace", value) + @property + @pulumi.getter(name="hyperdriveConfigBindings") + def hyperdrive_config_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptHyperdriveConfigBindingArgs']]]]: + return pulumi.get(self, "hyperdrive_config_bindings") + + @hyperdrive_config_bindings.setter + def hyperdrive_config_bindings(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptHyperdriveConfigBindingArgs']]]]): + pulumi.set(self, "hyperdrive_config_bindings", value) + @property @pulumi.getter(name="kvNamespaceBindings") def kv_namespace_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptKvNamespaceBindingArgs']]]]: @@ -288,6 +300,7 @@ def __init__(__self__, *, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptD1DatabaseBindingArgs']]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptHyperdriveConfigBindingArgs']]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptKvNamespaceBindingArgs']]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -325,6 +338,8 @@ def __init__(__self__, *, pulumi.set(__self__, "d1_database_bindings", d1_database_bindings) if dispatch_namespace is not None: pulumi.set(__self__, "dispatch_namespace", dispatch_namespace) + if hyperdrive_config_bindings is not None: + pulumi.set(__self__, "hyperdrive_config_bindings", hyperdrive_config_bindings) if kv_namespace_bindings is not None: pulumi.set(__self__, "kv_namespace_bindings", kv_namespace_bindings) if logpush is not None: @@ -428,6 +443,15 @@ def dispatch_namespace(self) -> Optional[pulumi.Input[str]]: def dispatch_namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "dispatch_namespace", value) + @property + @pulumi.getter(name="hyperdriveConfigBindings") + def hyperdrive_config_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptHyperdriveConfigBindingArgs']]]]: + return pulumi.get(self, "hyperdrive_config_bindings") + + @hyperdrive_config_bindings.setter + def hyperdrive_config_bindings(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptHyperdriveConfigBindingArgs']]]]): + pulumi.set(self, "hyperdrive_config_bindings", value) + @property @pulumi.getter(name="kvNamespaceBindings") def kv_namespace_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkerScriptKvNamespaceBindingArgs']]]]: @@ -558,6 +582,7 @@ def __init__(__self__, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptD1DatabaseBindingArgs', 'WorkerScriptD1DatabaseBindingArgsDict']]]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptHyperdriveConfigBindingArgs', 'WorkerScriptHyperdriveConfigBindingArgsDict']]]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptKvNamespaceBindingArgs', 'WorkerScriptKvNamespaceBindingArgsDict']]]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -720,6 +745,7 @@ def _internal_init(__self__, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptD1DatabaseBindingArgs', 'WorkerScriptD1DatabaseBindingArgsDict']]]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptHyperdriveConfigBindingArgs', 'WorkerScriptHyperdriveConfigBindingArgsDict']]]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptKvNamespaceBindingArgs', 'WorkerScriptKvNamespaceBindingArgsDict']]]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -752,6 +778,7 @@ def _internal_init(__self__, __props__.__dict__["content"] = content __props__.__dict__["d1_database_bindings"] = d1_database_bindings __props__.__dict__["dispatch_namespace"] = dispatch_namespace + __props__.__dict__["hyperdrive_config_bindings"] = hyperdrive_config_bindings __props__.__dict__["kv_namespace_bindings"] = kv_namespace_bindings __props__.__dict__["logpush"] = logpush __props__.__dict__["module"] = module @@ -783,6 +810,7 @@ def get(resource_name: str, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptD1DatabaseBindingArgs', 'WorkerScriptD1DatabaseBindingArgsDict']]]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptHyperdriveConfigBindingArgs', 'WorkerScriptHyperdriveConfigBindingArgsDict']]]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkerScriptKvNamespaceBindingArgs', 'WorkerScriptKvNamespaceBindingArgsDict']]]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -822,6 +850,7 @@ def get(resource_name: str, __props__.__dict__["content"] = content __props__.__dict__["d1_database_bindings"] = d1_database_bindings __props__.__dict__["dispatch_namespace"] = dispatch_namespace + __props__.__dict__["hyperdrive_config_bindings"] = hyperdrive_config_bindings __props__.__dict__["kv_namespace_bindings"] = kv_namespace_bindings __props__.__dict__["logpush"] = logpush __props__.__dict__["module"] = module @@ -886,6 +915,11 @@ def dispatch_namespace(self) -> pulumi.Output[Optional[str]]: """ return pulumi.get(self, "dispatch_namespace") + @property + @pulumi.getter(name="hyperdriveConfigBindings") + def hyperdrive_config_bindings(self) -> pulumi.Output[Optional[Sequence['outputs.WorkerScriptHyperdriveConfigBinding']]]: + return pulumi.get(self, "hyperdrive_config_bindings") + @property @pulumi.getter(name="kvNamespaceBindings") def kv_namespace_bindings(self) -> pulumi.Output[Optional[Sequence['outputs.WorkerScriptKvNamespaceBinding']]]: diff --git a/sdk/python/pulumi_cloudflare/workers_script.py b/sdk/python/pulumi_cloudflare/workers_script.py index a7719a734..4ad3cdfa4 100644 --- a/sdk/python/pulumi_cloudflare/workers_script.py +++ b/sdk/python/pulumi_cloudflare/workers_script.py @@ -24,6 +24,7 @@ def __init__(__self__, *, compatibility_flags: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptD1DatabaseBindingArgs']]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptHyperdriveConfigBindingArgs']]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptKvNamespaceBindingArgs']]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -59,6 +60,8 @@ def __init__(__self__, *, pulumi.set(__self__, "d1_database_bindings", d1_database_bindings) if dispatch_namespace is not None: pulumi.set(__self__, "dispatch_namespace", dispatch_namespace) + if hyperdrive_config_bindings is not None: + pulumi.set(__self__, "hyperdrive_config_bindings", hyperdrive_config_bindings) if kv_namespace_bindings is not None: pulumi.set(__self__, "kv_namespace_bindings", kv_namespace_bindings) if logpush is not None: @@ -172,6 +175,15 @@ def dispatch_namespace(self) -> Optional[pulumi.Input[str]]: def dispatch_namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "dispatch_namespace", value) + @property + @pulumi.getter(name="hyperdriveConfigBindings") + def hyperdrive_config_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptHyperdriveConfigBindingArgs']]]]: + return pulumi.get(self, "hyperdrive_config_bindings") + + @hyperdrive_config_bindings.setter + def hyperdrive_config_bindings(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptHyperdriveConfigBindingArgs']]]]): + pulumi.set(self, "hyperdrive_config_bindings", value) + @property @pulumi.getter(name="kvNamespaceBindings") def kv_namespace_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptKvNamespaceBindingArgs']]]]: @@ -288,6 +300,7 @@ def __init__(__self__, *, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptD1DatabaseBindingArgs']]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptHyperdriveConfigBindingArgs']]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptKvNamespaceBindingArgs']]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -325,6 +338,8 @@ def __init__(__self__, *, pulumi.set(__self__, "d1_database_bindings", d1_database_bindings) if dispatch_namespace is not None: pulumi.set(__self__, "dispatch_namespace", dispatch_namespace) + if hyperdrive_config_bindings is not None: + pulumi.set(__self__, "hyperdrive_config_bindings", hyperdrive_config_bindings) if kv_namespace_bindings is not None: pulumi.set(__self__, "kv_namespace_bindings", kv_namespace_bindings) if logpush is not None: @@ -428,6 +443,15 @@ def dispatch_namespace(self) -> Optional[pulumi.Input[str]]: def dispatch_namespace(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "dispatch_namespace", value) + @property + @pulumi.getter(name="hyperdriveConfigBindings") + def hyperdrive_config_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptHyperdriveConfigBindingArgs']]]]: + return pulumi.get(self, "hyperdrive_config_bindings") + + @hyperdrive_config_bindings.setter + def hyperdrive_config_bindings(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptHyperdriveConfigBindingArgs']]]]): + pulumi.set(self, "hyperdrive_config_bindings", value) + @property @pulumi.getter(name="kvNamespaceBindings") def kv_namespace_bindings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['WorkersScriptKvNamespaceBindingArgs']]]]: @@ -558,6 +582,7 @@ def __init__(__self__, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptD1DatabaseBindingArgs', 'WorkersScriptD1DatabaseBindingArgsDict']]]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptHyperdriveConfigBindingArgs', 'WorkersScriptHyperdriveConfigBindingArgsDict']]]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptKvNamespaceBindingArgs', 'WorkersScriptKvNamespaceBindingArgsDict']]]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -720,6 +745,7 @@ def _internal_init(__self__, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptD1DatabaseBindingArgs', 'WorkersScriptD1DatabaseBindingArgsDict']]]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptHyperdriveConfigBindingArgs', 'WorkersScriptHyperdriveConfigBindingArgsDict']]]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptKvNamespaceBindingArgs', 'WorkersScriptKvNamespaceBindingArgsDict']]]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -752,6 +778,7 @@ def _internal_init(__self__, __props__.__dict__["content"] = content __props__.__dict__["d1_database_bindings"] = d1_database_bindings __props__.__dict__["dispatch_namespace"] = dispatch_namespace + __props__.__dict__["hyperdrive_config_bindings"] = hyperdrive_config_bindings __props__.__dict__["kv_namespace_bindings"] = kv_namespace_bindings __props__.__dict__["logpush"] = logpush __props__.__dict__["module"] = module @@ -783,6 +810,7 @@ def get(resource_name: str, content: Optional[pulumi.Input[str]] = None, d1_database_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptD1DatabaseBindingArgs', 'WorkersScriptD1DatabaseBindingArgsDict']]]]] = None, dispatch_namespace: Optional[pulumi.Input[str]] = None, + hyperdrive_config_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptHyperdriveConfigBindingArgs', 'WorkersScriptHyperdriveConfigBindingArgsDict']]]]] = None, kv_namespace_bindings: Optional[pulumi.Input[Sequence[pulumi.Input[Union['WorkersScriptKvNamespaceBindingArgs', 'WorkersScriptKvNamespaceBindingArgsDict']]]]] = None, logpush: Optional[pulumi.Input[bool]] = None, module: Optional[pulumi.Input[bool]] = None, @@ -822,6 +850,7 @@ def get(resource_name: str, __props__.__dict__["content"] = content __props__.__dict__["d1_database_bindings"] = d1_database_bindings __props__.__dict__["dispatch_namespace"] = dispatch_namespace + __props__.__dict__["hyperdrive_config_bindings"] = hyperdrive_config_bindings __props__.__dict__["kv_namespace_bindings"] = kv_namespace_bindings __props__.__dict__["logpush"] = logpush __props__.__dict__["module"] = module @@ -886,6 +915,11 @@ def dispatch_namespace(self) -> pulumi.Output[Optional[str]]: """ return pulumi.get(self, "dispatch_namespace") + @property + @pulumi.getter(name="hyperdriveConfigBindings") + def hyperdrive_config_bindings(self) -> pulumi.Output[Optional[Sequence['outputs.WorkersScriptHyperdriveConfigBinding']]]: + return pulumi.get(self, "hyperdrive_config_bindings") + @property @pulumi.getter(name="kvNamespaceBindings") def kv_namespace_bindings(self) -> pulumi.Output[Optional[Sequence['outputs.WorkersScriptKvNamespaceBinding']]]: diff --git a/sdk/python/pulumi_cloudflare/zero_trust_access_policy.py b/sdk/python/pulumi_cloudflare/zero_trust_access_policy.py index c5d52399f..fa4df2a04 100644 --- a/sdk/python/pulumi_cloudflare/zero_trust_access_policy.py +++ b/sdk/python/pulumi_cloudflare/zero_trust_access_policy.py @@ -36,7 +36,7 @@ def __init__(__self__, *, :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyIncludeArgs']]] includes: A series of access conditions, see Access Groups. :param pulumi.Input[str] name: Friendly name of the Access Policy. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeArgs']]] excludes: A series of access conditions, see Access Groups. :param pulumi.Input[bool] isolation_required: Require this application to be served in an isolated browser for users matching this policy. @@ -45,7 +45,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireArgs']]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ pulumi.set(__self__, "decision", decision) pulumi.set(__self__, "includes", includes) @@ -115,7 +115,7 @@ def name(self, value: pulumi.Input[str]): @pulumi.getter(name="accountId") def account_id(self) -> Optional[pulumi.Input[str]]: """ - The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + The account identifier to target for the resource. Conflicts with `zone_id`. """ return pulumi.get(self, "account_id") @@ -241,7 +241,7 @@ def session_duration(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="zoneId") def zone_id(self) -> Optional[pulumi.Input[str]]: """ - The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + The zone identifier to target for the resource. Conflicts with `account_id`. """ return pulumi.get(self, "zone_id") @@ -270,7 +270,7 @@ def __init__(__self__, *, zone_id: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering ZeroTrustAccessPolicy resources. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyExcludeArgs']]] excludes: A series of access conditions, see Access Groups. @@ -282,7 +282,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustAccessPolicyRequireArgs']]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ if account_id is not None: pulumi.set(__self__, "account_id", account_id) @@ -319,7 +319,7 @@ def __init__(__self__, *, @pulumi.getter(name="accountId") def account_id(self) -> Optional[pulumi.Input[str]]: """ - The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + The account identifier to target for the resource. Conflicts with `zone_id`. """ return pulumi.get(self, "account_id") @@ -481,7 +481,7 @@ def session_duration(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="zoneId") def zone_id(self) -> Optional[pulumi.Input[str]]: """ - The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + The zone identifier to target for the resource. Conflicts with `account_id`. """ return pulumi.get(self, "zone_id") @@ -532,7 +532,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input[Union['ZeroTrustAccessPolicyExcludeArgs', 'ZeroTrustAccessPolicyExcludeArgsDict']]]] excludes: A series of access conditions, see Access Groups. @@ -544,7 +544,7 @@ def __init__(__self__, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input[Union['ZeroTrustAccessPolicyRequireArgs', 'ZeroTrustAccessPolicyRequireArgsDict']]]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ ... @overload @@ -663,7 +663,7 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] account_id: The account identifier to target for the resource. Conflicts with `zone_id`. :param pulumi.Input[str] application_id: The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.** :param pulumi.Input[str] decision: Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`. :param pulumi.Input[Sequence[pulumi.Input[Union['ZeroTrustAccessPolicyExcludeArgs', 'ZeroTrustAccessPolicyExcludeArgsDict']]]] excludes: A series of access conditions, see Access Groups. @@ -675,7 +675,7 @@ def get(resource_name: str, :param pulumi.Input[bool] purpose_justification_required: Whether to prompt the user for a justification for accessing the resource. :param pulumi.Input[Sequence[pulumi.Input[Union['ZeroTrustAccessPolicyRequireArgs', 'ZeroTrustAccessPolicyRequireArgsDict']]]] requires: A series of access conditions, see Access Groups. :param pulumi.Input[str] session_duration: How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. - :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + :param pulumi.Input[str] zone_id: The zone identifier to target for the resource. Conflicts with `account_id`. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -702,7 +702,7 @@ def get(resource_name: str, @pulumi.getter(name="accountId") def account_id(self) -> pulumi.Output[Optional[str]]: """ - The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.** + The account identifier to target for the resource. Conflicts with `zone_id`. """ return pulumi.get(self, "account_id") @@ -808,7 +808,7 @@ def session_duration(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="zoneId") def zone_id(self) -> pulumi.Output[Optional[str]]: """ - The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.** + The zone identifier to target for the resource. Conflicts with `account_id`. """ return pulumi.get(self, "zone_id") diff --git a/sdk/python/pulumi_cloudflare/zero_trust_device_posture_rule.py b/sdk/python/pulumi_cloudflare/zero_trust_device_posture_rule.py index 8ad365432..f7c9d17dc 100644 --- a/sdk/python/pulumi_cloudflare/zero_trust_device_posture_rule.py +++ b/sdk/python/pulumi_cloudflare/zero_trust_device_posture_rule.py @@ -27,7 +27,7 @@ def __init__(__self__, *, """ The set of arguments for constructing a ZeroTrustDevicePostureRule resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. - :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. :param pulumi.Input[str] expiration: Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustDevicePostureRuleInputArgs']]] inputs: Required for all rule types except `warp`, `gateway`, and `tanium`. :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustDevicePostureRuleMatchArgs']]] matches: The conditions that the client must match to run the rule. @@ -65,7 +65,7 @@ def account_id(self, value: pulumi.Input[str]): @pulumi.getter def type(self) -> pulumi.Input[str]: """ - The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ return pulumi.get(self, "type") @@ -162,7 +162,7 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input['ZeroTrustDevicePostureRuleMatchArgs']]] matches: The conditions that the client must match to run the rule. :param pulumi.Input[str] name: Name of the device posture rule. :param pulumi.Input[str] schedule: Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. - :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ if account_id is not None: pulumi.set(__self__, "account_id", account_id) @@ -266,7 +266,7 @@ def schedule(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def type(self) -> Optional[pulumi.Input[str]]: """ - The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ return pulumi.get(self, "type") @@ -332,7 +332,7 @@ def __init__(__self__, :param pulumi.Input[Sequence[pulumi.Input[Union['ZeroTrustDevicePostureRuleMatchArgs', 'ZeroTrustDevicePostureRuleMatchArgsDict']]]] matches: The conditions that the client must match to run the rule. :param pulumi.Input[str] name: Name of the device posture rule. :param pulumi.Input[str] schedule: Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. - :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ ... @overload @@ -450,7 +450,7 @@ def get(resource_name: str, :param pulumi.Input[Sequence[pulumi.Input[Union['ZeroTrustDevicePostureRuleMatchArgs', 'ZeroTrustDevicePostureRuleMatchArgsDict']]]] matches: The conditions that the client must match to run the rule. :param pulumi.Input[str] name: Name of the device posture rule. :param pulumi.Input[str] schedule: Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`. - :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + :param pulumi.Input[str] type: The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -523,7 +523,7 @@ def schedule(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def type(self) -> pulumi.Output[str]: """ - The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. + The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `client_certificate_v2`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`. """ return pulumi.get(self, "type") diff --git a/sdk/python/pulumi_cloudflare/zero_trust_device_profiles.py b/sdk/python/pulumi_cloudflare/zero_trust_device_profiles.py index c67d8f2dc..3bc12de25 100644 --- a/sdk/python/pulumi_cloudflare/zero_trust_device_profiles.py +++ b/sdk/python/pulumi_cloudflare/zero_trust_device_profiles.py @@ -53,7 +53,7 @@ def __init__(__self__, *, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ pulumi.set(__self__, "account_id", account_id) pulumi.set(__self__, "description", description) @@ -311,7 +311,7 @@ def switch_locked(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="tunnelProtocol") def tunnel_protocol(self) -> Optional[pulumi.Input[str]]: """ - Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ return pulumi.get(self, "tunnel_protocol") @@ -362,7 +362,7 @@ def __init__(__self__, *, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ if account_id is not None: pulumi.set(__self__, "account_id", account_id) @@ -623,7 +623,7 @@ def switch_locked(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="tunnelProtocol") def tunnel_protocol(self) -> Optional[pulumi.Input[str]]: """ - Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ return pulumi.get(self, "tunnel_protocol") @@ -715,7 +715,7 @@ def __init__(__self__, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ ... @overload @@ -883,7 +883,7 @@ def get(resource_name: str, :param pulumi.Input[int] service_mode_v2_port: The port to use for the proxy service mode. Required when using `service_mode_v2_mode`. :param pulumi.Input[str] support_url: The support URL that will be opened when sending feedback. :param pulumi.Input[bool] switch_locked: Enablement of the ZT client switch lock. - :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + :param pulumi.Input[str] tunnel_protocol: Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -1058,7 +1058,7 @@ def switch_locked(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter(name="tunnelProtocol") def tunnel_protocol(self) -> pulumi.Output[Optional[str]]: """ - Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque` + Determines which tunnel protocol to use. Available values: `""`, `wireguard`, `masque`. Defaults to `wireguard`. """ return pulumi.get(self, "tunnel_protocol") diff --git a/sdk/python/pulumi_cloudflare/zero_trust_gateway_certificate.py b/sdk/python/pulumi_cloudflare/zero_trust_gateway_certificate.py new file mode 100644 index 000000000..70cdc2b8c --- /dev/null +++ b/sdk/python/pulumi_cloudflare/zero_trust_gateway_certificate.py @@ -0,0 +1,472 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['ZeroTrustGatewayCertificateArgs', 'ZeroTrustGatewayCertificate'] + +@pulumi.input_type +class ZeroTrustGatewayCertificateArgs: + def __init__(__self__, *, + account_id: pulumi.Input[str], + activate: Optional[pulumi.Input[bool]] = None, + custom: Optional[pulumi.Input[bool]] = None, + gateway_managed: Optional[pulumi.Input[bool]] = None, + validity_period_days: Optional[pulumi.Input[int]] = None): + """ + The set of arguments for constructing a ZeroTrustGatewayCertificate resource. + :param pulumi.Input[str] account_id: The account identifier to target for the resource. + :param pulumi.Input[bool] activate: Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + :param pulumi.Input[bool] custom: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[bool] gateway_managed: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[int] validity_period_days: Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + pulumi.set(__self__, "account_id", account_id) + if activate is not None: + pulumi.set(__self__, "activate", activate) + if custom is not None: + pulumi.set(__self__, "custom", custom) + if gateway_managed is not None: + pulumi.set(__self__, "gateway_managed", gateway_managed) + if validity_period_days is not None: + pulumi.set(__self__, "validity_period_days", validity_period_days) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> pulumi.Input[str]: + """ + The account identifier to target for the resource. + """ + return pulumi.get(self, "account_id") + + @account_id.setter + def account_id(self, value: pulumi.Input[str]): + pulumi.set(self, "account_id", value) + + @property + @pulumi.getter + def activate(self) -> Optional[pulumi.Input[bool]]: + """ + Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + """ + return pulumi.get(self, "activate") + + @activate.setter + def activate(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "activate", value) + + @property + @pulumi.getter + def custom(self) -> Optional[pulumi.Input[bool]]: + """ + The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + """ + return pulumi.get(self, "custom") + + @custom.setter + def custom(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "custom", value) + + @property + @pulumi.getter(name="gatewayManaged") + def gateway_managed(self) -> Optional[pulumi.Input[bool]]: + """ + The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + """ + return pulumi.get(self, "gateway_managed") + + @gateway_managed.setter + def gateway_managed(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "gateway_managed", value) + + @property + @pulumi.getter(name="validityPeriodDays") + def validity_period_days(self) -> Optional[pulumi.Input[int]]: + """ + Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + return pulumi.get(self, "validity_period_days") + + @validity_period_days.setter + def validity_period_days(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "validity_period_days", value) + + +@pulumi.input_type +class _ZeroTrustGatewayCertificateState: + def __init__(__self__, *, + account_id: Optional[pulumi.Input[str]] = None, + activate: Optional[pulumi.Input[bool]] = None, + binding_status: Optional[pulumi.Input[str]] = None, + created_at: Optional[pulumi.Input[str]] = None, + custom: Optional[pulumi.Input[bool]] = None, + expires_on: Optional[pulumi.Input[str]] = None, + gateway_managed: Optional[pulumi.Input[bool]] = None, + in_use: Optional[pulumi.Input[bool]] = None, + qs_pack_id: Optional[pulumi.Input[str]] = None, + uploaded_on: Optional[pulumi.Input[str]] = None, + validity_period_days: Optional[pulumi.Input[int]] = None): + """ + Input properties used for looking up and filtering ZeroTrustGatewayCertificate resources. + :param pulumi.Input[str] account_id: The account identifier to target for the resource. + :param pulumi.Input[bool] activate: Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + :param pulumi.Input[str] binding_status: The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + :param pulumi.Input[bool] custom: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[bool] gateway_managed: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[bool] in_use: Whether the certificate is in use by Gateway for TLS interception and the block page. + :param pulumi.Input[int] validity_period_days: Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + if account_id is not None: + pulumi.set(__self__, "account_id", account_id) + if activate is not None: + pulumi.set(__self__, "activate", activate) + if binding_status is not None: + pulumi.set(__self__, "binding_status", binding_status) + if created_at is not None: + pulumi.set(__self__, "created_at", created_at) + if custom is not None: + pulumi.set(__self__, "custom", custom) + if expires_on is not None: + pulumi.set(__self__, "expires_on", expires_on) + if gateway_managed is not None: + pulumi.set(__self__, "gateway_managed", gateway_managed) + if in_use is not None: + pulumi.set(__self__, "in_use", in_use) + if qs_pack_id is not None: + pulumi.set(__self__, "qs_pack_id", qs_pack_id) + if uploaded_on is not None: + pulumi.set(__self__, "uploaded_on", uploaded_on) + if validity_period_days is not None: + pulumi.set(__self__, "validity_period_days", validity_period_days) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> Optional[pulumi.Input[str]]: + """ + The account identifier to target for the resource. + """ + return pulumi.get(self, "account_id") + + @account_id.setter + def account_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "account_id", value) + + @property + @pulumi.getter + def activate(self) -> Optional[pulumi.Input[bool]]: + """ + Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + """ + return pulumi.get(self, "activate") + + @activate.setter + def activate(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "activate", value) + + @property + @pulumi.getter(name="bindingStatus") + def binding_status(self) -> Optional[pulumi.Input[str]]: + """ + The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + """ + return pulumi.get(self, "binding_status") + + @binding_status.setter + def binding_status(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "binding_status", value) + + @property + @pulumi.getter(name="createdAt") + def created_at(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "created_at") + + @created_at.setter + def created_at(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "created_at", value) + + @property + @pulumi.getter + def custom(self) -> Optional[pulumi.Input[bool]]: + """ + The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + """ + return pulumi.get(self, "custom") + + @custom.setter + def custom(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "custom", value) + + @property + @pulumi.getter(name="expiresOn") + def expires_on(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "expires_on") + + @expires_on.setter + def expires_on(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "expires_on", value) + + @property + @pulumi.getter(name="gatewayManaged") + def gateway_managed(self) -> Optional[pulumi.Input[bool]]: + """ + The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + """ + return pulumi.get(self, "gateway_managed") + + @gateway_managed.setter + def gateway_managed(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "gateway_managed", value) + + @property + @pulumi.getter(name="inUse") + def in_use(self) -> Optional[pulumi.Input[bool]]: + """ + Whether the certificate is in use by Gateway for TLS interception and the block page. + """ + return pulumi.get(self, "in_use") + + @in_use.setter + def in_use(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "in_use", value) + + @property + @pulumi.getter(name="qsPackId") + def qs_pack_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "qs_pack_id") + + @qs_pack_id.setter + def qs_pack_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "qs_pack_id", value) + + @property + @pulumi.getter(name="uploadedOn") + def uploaded_on(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "uploaded_on") + + @uploaded_on.setter + def uploaded_on(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "uploaded_on", value) + + @property + @pulumi.getter(name="validityPeriodDays") + def validity_period_days(self) -> Optional[pulumi.Input[int]]: + """ + Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + return pulumi.get(self, "validity_period_days") + + @validity_period_days.setter + def validity_period_days(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "validity_period_days", value) + + +class ZeroTrustGatewayCertificate(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + account_id: Optional[pulumi.Input[str]] = None, + activate: Optional[pulumi.Input[bool]] = None, + custom: Optional[pulumi.Input[bool]] = None, + gateway_managed: Optional[pulumi.Input[bool]] = None, + validity_period_days: Optional[pulumi.Input[int]] = None, + __props__=None): + """ + Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can + be specified for Gateway TLS interception and block pages. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] account_id: The account identifier to target for the resource. + :param pulumi.Input[bool] activate: Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + :param pulumi.Input[bool] custom: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[bool] gateway_managed: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[int] validity_period_days: Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ZeroTrustGatewayCertificateArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Provides a Cloudflare Teams Gateway Certificate resource. A Teams Certificate can + be specified for Gateway TLS interception and block pages. + + :param str resource_name: The name of the resource. + :param ZeroTrustGatewayCertificateArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ZeroTrustGatewayCertificateArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + account_id: Optional[pulumi.Input[str]] = None, + activate: Optional[pulumi.Input[bool]] = None, + custom: Optional[pulumi.Input[bool]] = None, + gateway_managed: Optional[pulumi.Input[bool]] = None, + validity_period_days: Optional[pulumi.Input[int]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ZeroTrustGatewayCertificateArgs.__new__(ZeroTrustGatewayCertificateArgs) + + if account_id is None and not opts.urn: + raise TypeError("Missing required property 'account_id'") + __props__.__dict__["account_id"] = account_id + __props__.__dict__["activate"] = activate + __props__.__dict__["custom"] = custom + __props__.__dict__["gateway_managed"] = gateway_managed + __props__.__dict__["validity_period_days"] = validity_period_days + __props__.__dict__["binding_status"] = None + __props__.__dict__["created_at"] = None + __props__.__dict__["expires_on"] = None + __props__.__dict__["in_use"] = None + __props__.__dict__["qs_pack_id"] = None + __props__.__dict__["uploaded_on"] = None + super(ZeroTrustGatewayCertificate, __self__).__init__( + 'cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + account_id: Optional[pulumi.Input[str]] = None, + activate: Optional[pulumi.Input[bool]] = None, + binding_status: Optional[pulumi.Input[str]] = None, + created_at: Optional[pulumi.Input[str]] = None, + custom: Optional[pulumi.Input[bool]] = None, + expires_on: Optional[pulumi.Input[str]] = None, + gateway_managed: Optional[pulumi.Input[bool]] = None, + in_use: Optional[pulumi.Input[bool]] = None, + qs_pack_id: Optional[pulumi.Input[str]] = None, + uploaded_on: Optional[pulumi.Input[str]] = None, + validity_period_days: Optional[pulumi.Input[int]] = None) -> 'ZeroTrustGatewayCertificate': + """ + Get an existing ZeroTrustGatewayCertificate resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] account_id: The account identifier to target for the resource. + :param pulumi.Input[bool] activate: Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + :param pulumi.Input[str] binding_status: The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + :param pulumi.Input[bool] custom: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[bool] gateway_managed: The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + :param pulumi.Input[bool] in_use: Whether the certificate is in use by Gateway for TLS interception and the block page. + :param pulumi.Input[int] validity_period_days: Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _ZeroTrustGatewayCertificateState.__new__(_ZeroTrustGatewayCertificateState) + + __props__.__dict__["account_id"] = account_id + __props__.__dict__["activate"] = activate + __props__.__dict__["binding_status"] = binding_status + __props__.__dict__["created_at"] = created_at + __props__.__dict__["custom"] = custom + __props__.__dict__["expires_on"] = expires_on + __props__.__dict__["gateway_managed"] = gateway_managed + __props__.__dict__["in_use"] = in_use + __props__.__dict__["qs_pack_id"] = qs_pack_id + __props__.__dict__["uploaded_on"] = uploaded_on + __props__.__dict__["validity_period_days"] = validity_period_days + return ZeroTrustGatewayCertificate(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> pulumi.Output[str]: + """ + The account identifier to target for the resource. + """ + return pulumi.get(self, "account_id") + + @property + @pulumi.getter + def activate(self) -> pulumi.Output[Optional[bool]]: + """ + Whether or not to activate a certificate. A certificate must be activated to use in Gateway certificate settings. Defaults to `false`. + """ + return pulumi.get(self, "activate") + + @property + @pulumi.getter(name="bindingStatus") + def binding_status(self) -> pulumi.Output[str]: + """ + The deployment status of the certificate on the edge Available values: `IP`, `SERIAL`, `URL`, `DOMAIN`, `EMAIL`. + """ + return pulumi.get(self, "binding_status") + + @property + @pulumi.getter(name="createdAt") + def created_at(self) -> pulumi.Output[str]: + return pulumi.get(self, "created_at") + + @property + @pulumi.getter + def custom(self) -> pulumi.Output[Optional[bool]]: + """ + The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + """ + return pulumi.get(self, "custom") + + @property + @pulumi.getter(name="expiresOn") + def expires_on(self) -> pulumi.Output[str]: + return pulumi.get(self, "expires_on") + + @property + @pulumi.getter(name="gatewayManaged") + def gateway_managed(self) -> pulumi.Output[Optional[bool]]: + """ + The type of certificate (custom or Gateway-managed). Must provide only one of `custom`, `gateway_managed`. + """ + return pulumi.get(self, "gateway_managed") + + @property + @pulumi.getter(name="inUse") + def in_use(self) -> pulumi.Output[bool]: + """ + Whether the certificate is in use by Gateway for TLS interception and the block page. + """ + return pulumi.get(self, "in_use") + + @property + @pulumi.getter(name="qsPackId") + def qs_pack_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "qs_pack_id") + + @property + @pulumi.getter(name="uploadedOn") + def uploaded_on(self) -> pulumi.Output[str]: + return pulumi.get(self, "uploaded_on") + + @property + @pulumi.getter(name="validityPeriodDays") + def validity_period_days(self) -> pulumi.Output[Optional[int]]: + """ + Number of days the generated certificate will be valid, minimum 1 day and maximum 30 years. Defaults to 5 years. Defaults to `1826`. Required when using `gateway_managed`. Conflicts with `custom`. **Modifying this attribute will force creation of a new resource.** + """ + return pulumi.get(self, "validity_period_days") + diff --git a/sdk/python/pulumi_cloudflare/zero_trust_gateway_settings.py b/sdk/python/pulumi_cloudflare/zero_trust_gateway_settings.py index 314fdc032..78c1d7afd 100644 --- a/sdk/python/pulumi_cloudflare/zero_trust_gateway_settings.py +++ b/sdk/python/pulumi_cloudflare/zero_trust_gateway_settings.py @@ -21,6 +21,7 @@ def __init__(__self__, *, antivirus: Optional[pulumi.Input['ZeroTrustGatewaySettingsAntivirusArgs']] = None, block_page: Optional[pulumi.Input['ZeroTrustGatewaySettingsBlockPageArgs']] = None, body_scanning: Optional[pulumi.Input['ZeroTrustGatewaySettingsBodyScanningArgs']] = None, + certificate: Optional[pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs']] = None, custom_certificate: Optional[pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs']] = None, extended_email_matching: Optional[pulumi.Input['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs']] = None, fips: Optional[pulumi.Input['ZeroTrustGatewaySettingsFipsArgs']] = None, @@ -39,7 +40,8 @@ def __init__(__self__, *, :param pulumi.Input['ZeroTrustGatewaySettingsAntivirusArgs'] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input['ZeroTrustGatewaySettingsBlockPageArgs'] block_page: Configuration for a custom block page. :param pulumi.Input['ZeroTrustGatewaySettingsBodyScanningArgs'] body_scanning: Configuration for body scanning. - :param pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs'] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs'] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input['ZeroTrustGatewaySettingsFipsArgs'] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -59,6 +61,11 @@ def __init__(__self__, *, pulumi.set(__self__, "block_page", block_page) if body_scanning is not None: pulumi.set(__self__, "body_scanning", body_scanning) + if certificate is not None: + pulumi.set(__self__, "certificate", certificate) + if custom_certificate is not None: + warnings.warn("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""", DeprecationWarning) + pulumi.log.warn("""custom_certificate is deprecated: Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") if custom_certificate is not None: pulumi.set(__self__, "custom_certificate", custom_certificate) if extended_email_matching is not None: @@ -142,11 +149,24 @@ def body_scanning(self) -> Optional[pulumi.Input['ZeroTrustGatewaySettingsBodySc def body_scanning(self, value: Optional[pulumi.Input['ZeroTrustGatewaySettingsBodyScanningArgs']]): pulumi.set(self, "body_scanning", value) + @property + @pulumi.getter + def certificate(self) -> Optional[pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs']]: + """ + Configuration for TLS interception certificate. This will be required starting Feb 2025. + """ + return pulumi.get(self, "certificate") + + @certificate.setter + def certificate(self, value: Optional[pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs']]): + pulumi.set(self, "certificate", value) + @property @pulumi.getter(name="customCertificate") + @_utilities.deprecated("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") def custom_certificate(self) -> Optional[pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs']]: """ - Configuration for custom certificates / BYO-PKI. + Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. """ return pulumi.get(self, "custom_certificate") @@ -280,6 +300,7 @@ def __init__(__self__, *, antivirus: Optional[pulumi.Input['ZeroTrustGatewaySettingsAntivirusArgs']] = None, block_page: Optional[pulumi.Input['ZeroTrustGatewaySettingsBlockPageArgs']] = None, body_scanning: Optional[pulumi.Input['ZeroTrustGatewaySettingsBodyScanningArgs']] = None, + certificate: Optional[pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs']] = None, custom_certificate: Optional[pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs']] = None, extended_email_matching: Optional[pulumi.Input['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs']] = None, fips: Optional[pulumi.Input['ZeroTrustGatewaySettingsFipsArgs']] = None, @@ -298,7 +319,8 @@ def __init__(__self__, *, :param pulumi.Input['ZeroTrustGatewaySettingsAntivirusArgs'] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input['ZeroTrustGatewaySettingsBlockPageArgs'] block_page: Configuration for a custom block page. :param pulumi.Input['ZeroTrustGatewaySettingsBodyScanningArgs'] body_scanning: Configuration for body scanning. - :param pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs'] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs'] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs'] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input['ZeroTrustGatewaySettingsFipsArgs'] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -319,6 +341,11 @@ def __init__(__self__, *, pulumi.set(__self__, "block_page", block_page) if body_scanning is not None: pulumi.set(__self__, "body_scanning", body_scanning) + if certificate is not None: + pulumi.set(__self__, "certificate", certificate) + if custom_certificate is not None: + warnings.warn("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""", DeprecationWarning) + pulumi.log.warn("""custom_certificate is deprecated: Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") if custom_certificate is not None: pulumi.set(__self__, "custom_certificate", custom_certificate) if extended_email_matching is not None: @@ -402,11 +429,24 @@ def body_scanning(self) -> Optional[pulumi.Input['ZeroTrustGatewaySettingsBodySc def body_scanning(self, value: Optional[pulumi.Input['ZeroTrustGatewaySettingsBodyScanningArgs']]): pulumi.set(self, "body_scanning", value) + @property + @pulumi.getter + def certificate(self) -> Optional[pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs']]: + """ + Configuration for TLS interception certificate. This will be required starting Feb 2025. + """ + return pulumi.get(self, "certificate") + + @certificate.setter + def certificate(self, value: Optional[pulumi.Input['ZeroTrustGatewaySettingsCertificateArgs']]): + pulumi.set(self, "certificate", value) + @property @pulumi.getter(name="customCertificate") + @_utilities.deprecated("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") def custom_certificate(self) -> Optional[pulumi.Input['ZeroTrustGatewaySettingsCustomCertificateArgs']]: """ - Configuration for custom certificates / BYO-PKI. + Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. """ return pulumi.get(self, "custom_certificate") @@ -542,6 +582,7 @@ def __init__(__self__, antivirus: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsAntivirusArgs', 'ZeroTrustGatewaySettingsAntivirusArgsDict']]] = None, block_page: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsBlockPageArgs', 'ZeroTrustGatewaySettingsBlockPageArgsDict']]] = None, body_scanning: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsBodyScanningArgs', 'ZeroTrustGatewaySettingsBodyScanningArgsDict']]] = None, + certificate: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsCertificateArgs', 'ZeroTrustGatewaySettingsCertificateArgsDict']]] = None, custom_certificate: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']]] = None, extended_email_matching: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs', 'ZeroTrustGatewaySettingsExtendedEmailMatchingArgsDict']]] = None, fips: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsFipsArgs', 'ZeroTrustGatewaySettingsFipsArgsDict']]] = None, @@ -595,6 +636,7 @@ def __init__(__self__, "udp": True, "root_ca": True, "virtual_ip": False, + "disable_for_time": 3600, }, url_browser_isolation_enabled=True, logging={ @@ -632,7 +674,8 @@ def __init__(__self__, :param pulumi.Input[Union['ZeroTrustGatewaySettingsAntivirusArgs', 'ZeroTrustGatewaySettingsAntivirusArgsDict']] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input[Union['ZeroTrustGatewaySettingsBlockPageArgs', 'ZeroTrustGatewaySettingsBlockPageArgsDict']] block_page: Configuration for a custom block page. :param pulumi.Input[Union['ZeroTrustGatewaySettingsBodyScanningArgs', 'ZeroTrustGatewaySettingsBodyScanningArgsDict']] body_scanning: Configuration for body scanning. - :param pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input[Union['ZeroTrustGatewaySettingsCertificateArgs', 'ZeroTrustGatewaySettingsCertificateArgsDict']] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input[Union['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs', 'ZeroTrustGatewaySettingsExtendedEmailMatchingArgsDict']] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input[Union['ZeroTrustGatewaySettingsFipsArgs', 'ZeroTrustGatewaySettingsFipsArgsDict']] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -690,6 +733,7 @@ def __init__(__self__, "udp": True, "root_ca": True, "virtual_ip": False, + "disable_for_time": 3600, }, url_browser_isolation_enabled=True, logging={ @@ -740,6 +784,7 @@ def _internal_init(__self__, antivirus: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsAntivirusArgs', 'ZeroTrustGatewaySettingsAntivirusArgsDict']]] = None, block_page: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsBlockPageArgs', 'ZeroTrustGatewaySettingsBlockPageArgsDict']]] = None, body_scanning: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsBodyScanningArgs', 'ZeroTrustGatewaySettingsBodyScanningArgsDict']]] = None, + certificate: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsCertificateArgs', 'ZeroTrustGatewaySettingsCertificateArgsDict']]] = None, custom_certificate: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']]] = None, extended_email_matching: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs', 'ZeroTrustGatewaySettingsExtendedEmailMatchingArgsDict']]] = None, fips: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsFipsArgs', 'ZeroTrustGatewaySettingsFipsArgsDict']]] = None, @@ -767,6 +812,7 @@ def _internal_init(__self__, __props__.__dict__["antivirus"] = antivirus __props__.__dict__["block_page"] = block_page __props__.__dict__["body_scanning"] = body_scanning + __props__.__dict__["certificate"] = certificate __props__.__dict__["custom_certificate"] = custom_certificate __props__.__dict__["extended_email_matching"] = extended_email_matching __props__.__dict__["fips"] = fips @@ -793,6 +839,7 @@ def get(resource_name: str, antivirus: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsAntivirusArgs', 'ZeroTrustGatewaySettingsAntivirusArgsDict']]] = None, block_page: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsBlockPageArgs', 'ZeroTrustGatewaySettingsBlockPageArgsDict']]] = None, body_scanning: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsBodyScanningArgs', 'ZeroTrustGatewaySettingsBodyScanningArgsDict']]] = None, + certificate: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsCertificateArgs', 'ZeroTrustGatewaySettingsCertificateArgsDict']]] = None, custom_certificate: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']]] = None, extended_email_matching: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs', 'ZeroTrustGatewaySettingsExtendedEmailMatchingArgsDict']]] = None, fips: Optional[pulumi.Input[Union['ZeroTrustGatewaySettingsFipsArgs', 'ZeroTrustGatewaySettingsFipsArgsDict']]] = None, @@ -816,7 +863,8 @@ def get(resource_name: str, :param pulumi.Input[Union['ZeroTrustGatewaySettingsAntivirusArgs', 'ZeroTrustGatewaySettingsAntivirusArgsDict']] antivirus: Configuration block for antivirus traffic scanning. :param pulumi.Input[Union['ZeroTrustGatewaySettingsBlockPageArgs', 'ZeroTrustGatewaySettingsBlockPageArgsDict']] block_page: Configuration for a custom block page. :param pulumi.Input[Union['ZeroTrustGatewaySettingsBodyScanningArgs', 'ZeroTrustGatewaySettingsBodyScanningArgsDict']] body_scanning: Configuration for body scanning. - :param pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. + :param pulumi.Input[Union['ZeroTrustGatewaySettingsCertificateArgs', 'ZeroTrustGatewaySettingsCertificateArgsDict']] certificate: Configuration for TLS interception certificate. This will be required starting Feb 2025. + :param pulumi.Input[Union['ZeroTrustGatewaySettingsCustomCertificateArgs', 'ZeroTrustGatewaySettingsCustomCertificateArgsDict']] custom_certificate: Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. :param pulumi.Input[Union['ZeroTrustGatewaySettingsExtendedEmailMatchingArgs', 'ZeroTrustGatewaySettingsExtendedEmailMatchingArgsDict']] extended_email_matching: Configuration for extended e-mail matching. :param pulumi.Input[Union['ZeroTrustGatewaySettingsFipsArgs', 'ZeroTrustGatewaySettingsFipsArgsDict']] fips: Configure compliance with Federal Information Processing Standards. :param pulumi.Input[bool] non_identity_browser_isolation_enabled: Enable non-identity onramp for Browser Isolation. Defaults to `false`. @@ -836,6 +884,7 @@ def get(resource_name: str, __props__.__dict__["antivirus"] = antivirus __props__.__dict__["block_page"] = block_page __props__.__dict__["body_scanning"] = body_scanning + __props__.__dict__["certificate"] = certificate __props__.__dict__["custom_certificate"] = custom_certificate __props__.__dict__["extended_email_matching"] = extended_email_matching __props__.__dict__["fips"] = fips @@ -889,11 +938,20 @@ def body_scanning(self) -> pulumi.Output[Optional['outputs.ZeroTrustGatewaySetti """ return pulumi.get(self, "body_scanning") + @property + @pulumi.getter + def certificate(self) -> pulumi.Output[Optional['outputs.ZeroTrustGatewaySettingsCertificate']]: + """ + Configuration for TLS interception certificate. This will be required starting Feb 2025. + """ + return pulumi.get(self, "certificate") + @property @pulumi.getter(name="customCertificate") + @_utilities.deprecated("""Use `certificate` instead. Continuing to use custom_certificate may result in inconsistent configuration.""") def custom_certificate(self) -> pulumi.Output[Optional['outputs.ZeroTrustGatewaySettingsCustomCertificate']]: """ - Configuration for custom certificates / BYO-PKI. + Configuration for custom certificates / BYO-PKI. Conflicts with `certificate`. """ return pulumi.get(self, "custom_certificate") diff --git a/sdk/python/pulumi_cloudflare/zero_trust_risk_score_integration.py b/sdk/python/pulumi_cloudflare/zero_trust_risk_score_integration.py index 1f36c2b9b..6118dacb4 100644 --- a/sdk/python/pulumi_cloudflare/zero_trust_risk_score_integration.py +++ b/sdk/python/pulumi_cloudflare/zero_trust_risk_score_integration.py @@ -22,13 +22,10 @@ def __init__(__self__, *, """ The set of arguments for constructing a ZeroTrustRiskScoreIntegration resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. - :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body :param pulumi.Input[str] tenant_url: The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. :param pulumi.Input[bool] active: Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. - :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider """ pulumi.set(__self__, "account_id", account_id) pulumi.set(__self__, "integration_type", integration_type) @@ -54,8 +51,7 @@ def account_id(self, value: pulumi.Input[str]): @pulumi.getter(name="integrationType") def integration_type(self) -> pulumi.Input[str]: """ - The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body """ return pulumi.get(self, "integration_type") @@ -91,9 +87,7 @@ def active(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="referenceId") def reference_id(self) -> Optional[pulumi.Input[str]]: """ - A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider """ return pulumi.get(self, "reference_id") @@ -115,14 +109,10 @@ def __init__(__self__, *, Input properties used for looking up and filtering ZeroTrustRiskScoreIntegration resources. :param pulumi.Input[str] account_id: The account identifier to target for the resource. :param pulumi.Input[bool] active: Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. - :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body - :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider :param pulumi.Input[str] tenant_url: The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. - :param pulumi.Input[str] well_known_url: The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + :param pulumi.Input[str] well_known_url: The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 """ if account_id is not None: pulumi.set(__self__, "account_id", account_id) @@ -165,8 +155,7 @@ def active(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="integrationType") def integration_type(self) -> Optional[pulumi.Input[str]]: """ - The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body """ return pulumi.get(self, "integration_type") @@ -178,9 +167,7 @@ def integration_type(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="referenceId") def reference_id(self) -> Optional[pulumi.Input[str]]: """ - A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider """ return pulumi.get(self, "reference_id") @@ -204,8 +191,7 @@ def tenant_url(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="wellKnownUrl") def well_known_url(self) -> Optional[pulumi.Input[str]]: """ - The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 """ return pulumi.get(self, "well_known_url") @@ -226,16 +212,14 @@ def __init__(__self__, tenant_url: Optional[pulumi.Input[str]] = None, __props__=None): """ - Create a ZeroTrustRiskScoreIntegration resource with the given unique name, props, and options. + The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta. + :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. :param pulumi.Input[bool] active: Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. - :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body - :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider :param pulumi.Input[str] tenant_url: The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. """ ... @@ -245,7 +229,8 @@ def __init__(__self__, args: ZeroTrustRiskScoreIntegrationArgs, opts: Optional[pulumi.ResourceOptions] = None): """ - Create a ZeroTrustRiskScoreIntegration resource with the given unique name, props, and options. + The [Risk Score Integration](https://developers.cloudflare.com/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) resource allows you to transmit changes in User Risk Score to a specified vendor such as Okta. + :param str resource_name: The name of the resource. :param ZeroTrustRiskScoreIntegrationArgs args: The arguments to use to populate this resource's properties. :param pulumi.ResourceOptions opts: Options for the resource. @@ -312,14 +297,10 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] account_id: The account identifier to target for the resource. :param pulumi.Input[bool] active: Whether this integration is enabled. If disabled, no risk changes will be exported to the third-party. - :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body - :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + :param pulumi.Input[str] integration_type: The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + :param pulumi.Input[str] reference_id: A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider :param pulumi.Input[str] tenant_url: The base url of the tenant, e.g. 'https://tenant.okta.com'. Must be your Okta Tenant URL and not your custom domain. - :param pulumi.Input[str] well_known_url: The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + :param pulumi.Input[str] well_known_url: The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -353,8 +334,7 @@ def active(self) -> pulumi.Output[bool]: @pulumi.getter(name="integrationType") def integration_type(self) -> pulumi.Output[str]: """ - The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: - https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body + The type of integration, e.g. 'Okta'. Full list of allowed values can be found here: https://developers.cloudflare.com/api/operations/dlp-zt-risk-score-integration-create#request-body """ return pulumi.get(self, "integration_type") @@ -362,9 +342,7 @@ def integration_type(self) -> pulumi.Output[str]: @pulumi.getter(name="referenceId") def reference_id(self) -> pulumi.Output[str]: """ - A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If - omitted, a random UUIDv4 is used. - https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider + A reference id that can be supplied by the client. Currently this should be set to the Access-Okta IDP ID (a UUIDv4). If omitted, a random UUIDv4 is used. https://developers.cloudflare.com/api/operations/access-identity-providers-get-an-access-identity-provider """ return pulumi.get(self, "reference_id") @@ -380,8 +358,7 @@ def tenant_url(self) -> pulumi.Output[str]: @pulumi.getter(name="wellKnownUrl") def well_known_url(self) -> pulumi.Output[str]: """ - The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration_uuid}/'. - https://openid.net/specs/openid-sse-framework-1_0.html#rfc.section.6.2.1 + The URL for the Shared Signals Framework configuration, e.g. '/.well-known/sse-configuration/{integration*uuid}/'. https://openid.net/specs/openid-sse-framework-1*0.html#rfc.section.6.2.1 """ return pulumi.get(self, "well_known_url")