1. Packages
  2. Cloudflare Provider
  3. API Docs
  4. ZeroTrustDevicePostureRule
Cloudflare v5.43.0 published on Wednesday, Nov 13, 2024 by Pulumi

cloudflare.ZeroTrustDevicePostureRule

Explore with Pulumi AI

cloudflare logo
Cloudflare v5.43.0 published on Wednesday, Nov 13, 2024 by Pulumi

    Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as cloudflare from "@pulumi/cloudflare";
    
    const eaxmple = new cloudflare.ZeroTrustDevicePostureRule("eaxmple", {
        accountId: "f037e56e89293a057740de681ac9abbe",
        name: "Corporate devices posture rule",
        type: "os_version",
        description: "Device posture rule for corporate devices.",
        schedule: "24h",
        expiration: "24h",
        matches: [{
            platform: "linux",
        }],
        inputs: [{
            id: corporateDevices.id,
            version: "1.0.0",
            operator: "<",
            osDistroName: "ubuntu",
            osDistroRevision: "1.0.0",
            osVersionExtra: "(a)",
        }],
    });
    
    import pulumi
    import pulumi_cloudflare as cloudflare
    
    eaxmple = cloudflare.ZeroTrustDevicePostureRule("eaxmple",
        account_id="f037e56e89293a057740de681ac9abbe",
        name="Corporate devices posture rule",
        type="os_version",
        description="Device posture rule for corporate devices.",
        schedule="24h",
        expiration="24h",
        matches=[{
            "platform": "linux",
        }],
        inputs=[{
            "id": corporate_devices["id"],
            "version": "1.0.0",
            "operator": "<",
            "os_distro_name": "ubuntu",
            "os_distro_revision": "1.0.0",
            "os_version_extra": "(a)",
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudflare.NewZeroTrustDevicePostureRule(ctx, "eaxmple", &cloudflare.ZeroTrustDevicePostureRuleArgs{
    			AccountId:   pulumi.String("f037e56e89293a057740de681ac9abbe"),
    			Name:        pulumi.String("Corporate devices posture rule"),
    			Type:        pulumi.String("os_version"),
    			Description: pulumi.String("Device posture rule for corporate devices."),
    			Schedule:    pulumi.String("24h"),
    			Expiration:  pulumi.String("24h"),
    			Matches: cloudflare.ZeroTrustDevicePostureRuleMatchArray{
    				&cloudflare.ZeroTrustDevicePostureRuleMatchArgs{
    					Platform: pulumi.String("linux"),
    				},
    			},
    			Inputs: cloudflare.ZeroTrustDevicePostureRuleInputTypeArray{
    				&cloudflare.ZeroTrustDevicePostureRuleInputTypeArgs{
    					Id:               pulumi.Any(corporateDevices.Id),
    					Version:          pulumi.String("1.0.0"),
    					Operator:         pulumi.String("<"),
    					OsDistroName:     pulumi.String("ubuntu"),
    					OsDistroRevision: pulumi.String("1.0.0"),
    					OsVersionExtra:   pulumi.String("(a)"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Cloudflare = Pulumi.Cloudflare;
    
    return await Deployment.RunAsync(() => 
    {
        var eaxmple = new Cloudflare.ZeroTrustDevicePostureRule("eaxmple", new()
        {
            AccountId = "f037e56e89293a057740de681ac9abbe",
            Name = "Corporate devices posture rule",
            Type = "os_version",
            Description = "Device posture rule for corporate devices.",
            Schedule = "24h",
            Expiration = "24h",
            Matches = new[]
            {
                new Cloudflare.Inputs.ZeroTrustDevicePostureRuleMatchArgs
                {
                    Platform = "linux",
                },
            },
            Inputs = new[]
            {
                new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputArgs
                {
                    Id = corporateDevices.Id,
                    Version = "1.0.0",
                    Operator = "<",
                    OsDistroName = "ubuntu",
                    OsDistroRevision = "1.0.0",
                    OsVersionExtra = "(a)",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.cloudflare.ZeroTrustDevicePostureRule;
    import com.pulumi.cloudflare.ZeroTrustDevicePostureRuleArgs;
    import com.pulumi.cloudflare.inputs.ZeroTrustDevicePostureRuleMatchArgs;
    import com.pulumi.cloudflare.inputs.ZeroTrustDevicePostureRuleInputArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var eaxmple = new ZeroTrustDevicePostureRule("eaxmple", ZeroTrustDevicePostureRuleArgs.builder()
                .accountId("f037e56e89293a057740de681ac9abbe")
                .name("Corporate devices posture rule")
                .type("os_version")
                .description("Device posture rule for corporate devices.")
                .schedule("24h")
                .expiration("24h")
                .matches(ZeroTrustDevicePostureRuleMatchArgs.builder()
                    .platform("linux")
                    .build())
                .inputs(ZeroTrustDevicePostureRuleInputArgs.builder()
                    .id(corporateDevices.id())
                    .version("1.0.0")
                    .operator("<")
                    .osDistroName("ubuntu")
                    .osDistroRevision("1.0.0")
                    .osVersionExtra("(a)")
                    .build())
                .build());
    
        }
    }
    
    resources:
      eaxmple:
        type: cloudflare:ZeroTrustDevicePostureRule
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          name: Corporate devices posture rule
          type: os_version
          description: Device posture rule for corporate devices.
          schedule: 24h
          expiration: 24h
          matches:
            - platform: linux
          inputs:
            - id: ${corporateDevices.id}
              version: 1.0.0
              operator: <
              osDistroName: ubuntu
              osDistroRevision: 1.0.0
              osVersionExtra: (a)
    

    Create ZeroTrustDevicePostureRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ZeroTrustDevicePostureRule(name: string, args: ZeroTrustDevicePostureRuleArgs, opts?: CustomResourceOptions);
    @overload
    def ZeroTrustDevicePostureRule(resource_name: str,
                                   args: ZeroTrustDevicePostureRuleArgs,
                                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def ZeroTrustDevicePostureRule(resource_name: str,
                                   opts: Optional[ResourceOptions] = None,
                                   account_id: Optional[str] = None,
                                   type: Optional[str] = None,
                                   description: Optional[str] = None,
                                   expiration: Optional[str] = None,
                                   inputs: Optional[Sequence[ZeroTrustDevicePostureRuleInputArgs]] = None,
                                   matches: Optional[Sequence[ZeroTrustDevicePostureRuleMatchArgs]] = None,
                                   name: Optional[str] = None,
                                   schedule: Optional[str] = None)
    func NewZeroTrustDevicePostureRule(ctx *Context, name string, args ZeroTrustDevicePostureRuleArgs, opts ...ResourceOption) (*ZeroTrustDevicePostureRule, error)
    public ZeroTrustDevicePostureRule(string name, ZeroTrustDevicePostureRuleArgs args, CustomResourceOptions? opts = null)
    public ZeroTrustDevicePostureRule(String name, ZeroTrustDevicePostureRuleArgs args)
    public ZeroTrustDevicePostureRule(String name, ZeroTrustDevicePostureRuleArgs args, CustomResourceOptions options)
    
    type: cloudflare:ZeroTrustDevicePostureRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ZeroTrustDevicePostureRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ZeroTrustDevicePostureRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ZeroTrustDevicePostureRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ZeroTrustDevicePostureRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ZeroTrustDevicePostureRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var zeroTrustDevicePostureRuleResource = new Cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", new()
    {
        AccountId = "string",
        Type = "string",
        Description = "string",
        Expiration = "string",
        Inputs = new[]
        {
            new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputArgs
            {
                ActiveThreats = 0,
                CertificateId = "string",
                CheckDisks = new[]
                {
                    "string",
                },
                CheckPrivateKey = false,
                Cn = "string",
                ComplianceStatus = "string",
                ConnectionId = "string",
                CountOperator = "string",
                Domain = "string",
                EidLastSeen = "string",
                Enabled = false,
                Exists = false,
                ExtendedKeyUsages = new[]
                {
                    "string",
                },
                Id = "string",
                Infected = false,
                IsActive = false,
                IssueCount = "string",
                LastSeen = "string",
                Locations = new[]
                {
                    new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputLocationArgs
                    {
                        Paths = new[]
                        {
                            "string",
                        },
                        TrustStores = new[]
                        {
                            "string",
                        },
                    },
                },
                NetworkStatus = "string",
                OperationalState = "string",
                Operator = "string",
                Os = "string",
                OsDistroName = "string",
                OsDistroRevision = "string",
                OsVersionExtra = "string",
                Overall = "string",
                Path = "string",
                RequireAll = false,
                RiskLevel = "string",
                Running = false,
                Score = 0,
                SensorConfig = "string",
                Sha256 = "string",
                State = "string",
                Thumbprint = "string",
                TotalScore = 0,
                Version = "string",
                VersionOperator = "string",
            },
        },
        Matches = new[]
        {
            new Cloudflare.Inputs.ZeroTrustDevicePostureRuleMatchArgs
            {
                Platform = "string",
            },
        },
        Name = "string",
        Schedule = "string",
    });
    
    example, err := cloudflare.NewZeroTrustDevicePostureRule(ctx, "zeroTrustDevicePostureRuleResource", &cloudflare.ZeroTrustDevicePostureRuleArgs{
    	AccountId:   pulumi.String("string"),
    	Type:        pulumi.String("string"),
    	Description: pulumi.String("string"),
    	Expiration:  pulumi.String("string"),
    	Inputs: cloudflare.ZeroTrustDevicePostureRuleInputTypeArray{
    		&cloudflare.ZeroTrustDevicePostureRuleInputTypeArgs{
    			ActiveThreats: pulumi.Int(0),
    			CertificateId: pulumi.String("string"),
    			CheckDisks: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			CheckPrivateKey:  pulumi.Bool(false),
    			Cn:               pulumi.String("string"),
    			ComplianceStatus: pulumi.String("string"),
    			ConnectionId:     pulumi.String("string"),
    			CountOperator:    pulumi.String("string"),
    			Domain:           pulumi.String("string"),
    			EidLastSeen:      pulumi.String("string"),
    			Enabled:          pulumi.Bool(false),
    			Exists:           pulumi.Bool(false),
    			ExtendedKeyUsages: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Id:         pulumi.String("string"),
    			Infected:   pulumi.Bool(false),
    			IsActive:   pulumi.Bool(false),
    			IssueCount: pulumi.String("string"),
    			LastSeen:   pulumi.String("string"),
    			Locations: cloudflare.ZeroTrustDevicePostureRuleInputLocationArray{
    				&cloudflare.ZeroTrustDevicePostureRuleInputLocationArgs{
    					Paths: pulumi.StringArray{
    						pulumi.String("string"),
    					},
    					TrustStores: pulumi.StringArray{
    						pulumi.String("string"),
    					},
    				},
    			},
    			NetworkStatus:    pulumi.String("string"),
    			OperationalState: pulumi.String("string"),
    			Operator:         pulumi.String("string"),
    			Os:               pulumi.String("string"),
    			OsDistroName:     pulumi.String("string"),
    			OsDistroRevision: pulumi.String("string"),
    			OsVersionExtra:   pulumi.String("string"),
    			Overall:          pulumi.String("string"),
    			Path:             pulumi.String("string"),
    			RequireAll:       pulumi.Bool(false),
    			RiskLevel:        pulumi.String("string"),
    			Running:          pulumi.Bool(false),
    			Score:            pulumi.Int(0),
    			SensorConfig:     pulumi.String("string"),
    			Sha256:           pulumi.String("string"),
    			State:            pulumi.String("string"),
    			Thumbprint:       pulumi.String("string"),
    			TotalScore:       pulumi.Int(0),
    			Version:          pulumi.String("string"),
    			VersionOperator:  pulumi.String("string"),
    		},
    	},
    	Matches: cloudflare.ZeroTrustDevicePostureRuleMatchArray{
    		&cloudflare.ZeroTrustDevicePostureRuleMatchArgs{
    			Platform: pulumi.String("string"),
    		},
    	},
    	Name:     pulumi.String("string"),
    	Schedule: pulumi.String("string"),
    })
    
    var zeroTrustDevicePostureRuleResource = new ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", ZeroTrustDevicePostureRuleArgs.builder()
        .accountId("string")
        .type("string")
        .description("string")
        .expiration("string")
        .inputs(ZeroTrustDevicePostureRuleInputArgs.builder()
            .activeThreats(0)
            .certificateId("string")
            .checkDisks("string")
            .checkPrivateKey(false)
            .cn("string")
            .complianceStatus("string")
            .connectionId("string")
            .countOperator("string")
            .domain("string")
            .eidLastSeen("string")
            .enabled(false)
            .exists(false)
            .extendedKeyUsages("string")
            .id("string")
            .infected(false)
            .isActive(false)
            .issueCount("string")
            .lastSeen("string")
            .locations(ZeroTrustDevicePostureRuleInputLocationArgs.builder()
                .paths("string")
                .trustStores("string")
                .build())
            .networkStatus("string")
            .operationalState("string")
            .operator("string")
            .os("string")
            .osDistroName("string")
            .osDistroRevision("string")
            .osVersionExtra("string")
            .overall("string")
            .path("string")
            .requireAll(false)
            .riskLevel("string")
            .running(false)
            .score(0)
            .sensorConfig("string")
            .sha256("string")
            .state("string")
            .thumbprint("string")
            .totalScore(0)
            .version("string")
            .versionOperator("string")
            .build())
        .matches(ZeroTrustDevicePostureRuleMatchArgs.builder()
            .platform("string")
            .build())
        .name("string")
        .schedule("string")
        .build());
    
    zero_trust_device_posture_rule_resource = cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource",
        account_id="string",
        type="string",
        description="string",
        expiration="string",
        inputs=[{
            "active_threats": 0,
            "certificate_id": "string",
            "check_disks": ["string"],
            "check_private_key": False,
            "cn": "string",
            "compliance_status": "string",
            "connection_id": "string",
            "count_operator": "string",
            "domain": "string",
            "eid_last_seen": "string",
            "enabled": False,
            "exists": False,
            "extended_key_usages": ["string"],
            "id": "string",
            "infected": False,
            "is_active": False,
            "issue_count": "string",
            "last_seen": "string",
            "locations": [{
                "paths": ["string"],
                "trust_stores": ["string"],
            }],
            "network_status": "string",
            "operational_state": "string",
            "operator": "string",
            "os": "string",
            "os_distro_name": "string",
            "os_distro_revision": "string",
            "os_version_extra": "string",
            "overall": "string",
            "path": "string",
            "require_all": False,
            "risk_level": "string",
            "running": False,
            "score": 0,
            "sensor_config": "string",
            "sha256": "string",
            "state": "string",
            "thumbprint": "string",
            "total_score": 0,
            "version": "string",
            "version_operator": "string",
        }],
        matches=[{
            "platform": "string",
        }],
        name="string",
        schedule="string")
    
    const zeroTrustDevicePostureRuleResource = new cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", {
        accountId: "string",
        type: "string",
        description: "string",
        expiration: "string",
        inputs: [{
            activeThreats: 0,
            certificateId: "string",
            checkDisks: ["string"],
            checkPrivateKey: false,
            cn: "string",
            complianceStatus: "string",
            connectionId: "string",
            countOperator: "string",
            domain: "string",
            eidLastSeen: "string",
            enabled: false,
            exists: false,
            extendedKeyUsages: ["string"],
            id: "string",
            infected: false,
            isActive: false,
            issueCount: "string",
            lastSeen: "string",
            locations: [{
                paths: ["string"],
                trustStores: ["string"],
            }],
            networkStatus: "string",
            operationalState: "string",
            operator: "string",
            os: "string",
            osDistroName: "string",
            osDistroRevision: "string",
            osVersionExtra: "string",
            overall: "string",
            path: "string",
            requireAll: false,
            riskLevel: "string",
            running: false,
            score: 0,
            sensorConfig: "string",
            sha256: "string",
            state: "string",
            thumbprint: "string",
            totalScore: 0,
            version: "string",
            versionOperator: "string",
        }],
        matches: [{
            platform: "string",
        }],
        name: "string",
        schedule: "string",
    });
    
    type: cloudflare:ZeroTrustDevicePostureRule
    properties:
        accountId: string
        description: string
        expiration: string
        inputs:
            - activeThreats: 0
              certificateId: string
              checkDisks:
                - string
              checkPrivateKey: false
              cn: string
              complianceStatus: string
              connectionId: string
              countOperator: string
              domain: string
              eidLastSeen: string
              enabled: false
              exists: false
              extendedKeyUsages:
                - string
              id: string
              infected: false
              isActive: false
              issueCount: string
              lastSeen: string
              locations:
                - paths:
                    - string
                  trustStores:
                    - string
              networkStatus: string
              operationalState: string
              operator: string
              os: string
              osDistroName: string
              osDistroRevision: string
              osVersionExtra: string
              overall: string
              path: string
              requireAll: false
              riskLevel: string
              running: false
              score: 0
              sensorConfig: string
              sha256: string
              state: string
              thumbprint: string
              totalScore: 0
              version: string
              versionOperator: string
        matches:
            - platform: string
        name: string
        schedule: string
        type: string
    

    ZeroTrustDevicePostureRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The ZeroTrustDevicePostureRule resource accepts the following input properties:

    AccountId string
    The account identifier to target for the resource.
    Type string
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    Description string
    Expiration string
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    Inputs List<ZeroTrustDevicePostureRuleInput>
    Required for all rule types except warp, gateway, and tanium.
    Matches List<ZeroTrustDevicePostureRuleMatch>
    The conditions that the client must match to run the rule.
    Name string
    Name of the device posture rule.
    Schedule string
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    AccountId string
    The account identifier to target for the resource.
    Type string
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    Description string
    Expiration string
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    Inputs []ZeroTrustDevicePostureRuleInputTypeArgs
    Required for all rule types except warp, gateway, and tanium.
    Matches []ZeroTrustDevicePostureRuleMatchArgs
    The conditions that the client must match to run the rule.
    Name string
    Name of the device posture rule.
    Schedule string
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    accountId String
    The account identifier to target for the resource.
    type String
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    description String
    expiration String
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs List<ZeroTrustDevicePostureRuleInput>
    Required for all rule types except warp, gateway, and tanium.
    matches List<ZeroTrustDevicePostureRuleMatch>
    The conditions that the client must match to run the rule.
    name String
    Name of the device posture rule.
    schedule String
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    accountId string
    The account identifier to target for the resource.
    type string
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    description string
    expiration string
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs ZeroTrustDevicePostureRuleInput[]
    Required for all rule types except warp, gateway, and tanium.
    matches ZeroTrustDevicePostureRuleMatch[]
    The conditions that the client must match to run the rule.
    name string
    Name of the device posture rule.
    schedule string
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    account_id str
    The account identifier to target for the resource.
    type str
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    description str
    expiration str
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs Sequence[ZeroTrustDevicePostureRuleInputArgs]
    Required for all rule types except warp, gateway, and tanium.
    matches Sequence[ZeroTrustDevicePostureRuleMatchArgs]
    The conditions that the client must match to run the rule.
    name str
    Name of the device posture rule.
    schedule str
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    accountId String
    The account identifier to target for the resource.
    type String
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    description String
    expiration String
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs List<Property Map>
    Required for all rule types except warp, gateway, and tanium.
    matches List<Property Map>
    The conditions that the client must match to run the rule.
    name String
    Name of the device posture rule.
    schedule String
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ZeroTrustDevicePostureRule resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing ZeroTrustDevicePostureRule Resource

    Get an existing ZeroTrustDevicePostureRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ZeroTrustDevicePostureRuleState, opts?: CustomResourceOptions): ZeroTrustDevicePostureRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_id: Optional[str] = None,
            description: Optional[str] = None,
            expiration: Optional[str] = None,
            inputs: Optional[Sequence[ZeroTrustDevicePostureRuleInputArgs]] = None,
            matches: Optional[Sequence[ZeroTrustDevicePostureRuleMatchArgs]] = None,
            name: Optional[str] = None,
            schedule: Optional[str] = None,
            type: Optional[str] = None) -> ZeroTrustDevicePostureRule
    func GetZeroTrustDevicePostureRule(ctx *Context, name string, id IDInput, state *ZeroTrustDevicePostureRuleState, opts ...ResourceOption) (*ZeroTrustDevicePostureRule, error)
    public static ZeroTrustDevicePostureRule Get(string name, Input<string> id, ZeroTrustDevicePostureRuleState? state, CustomResourceOptions? opts = null)
    public static ZeroTrustDevicePostureRule get(String name, Output<String> id, ZeroTrustDevicePostureRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountId string
    The account identifier to target for the resource.
    Description string
    Expiration string
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    Inputs List<ZeroTrustDevicePostureRuleInput>
    Required for all rule types except warp, gateway, and tanium.
    Matches List<ZeroTrustDevicePostureRuleMatch>
    The conditions that the client must match to run the rule.
    Name string
    Name of the device posture rule.
    Schedule string
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    Type string
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    AccountId string
    The account identifier to target for the resource.
    Description string
    Expiration string
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    Inputs []ZeroTrustDevicePostureRuleInputTypeArgs
    Required for all rule types except warp, gateway, and tanium.
    Matches []ZeroTrustDevicePostureRuleMatchArgs
    The conditions that the client must match to run the rule.
    Name string
    Name of the device posture rule.
    Schedule string
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    Type string
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    accountId String
    The account identifier to target for the resource.
    description String
    expiration String
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs List<ZeroTrustDevicePostureRuleInput>
    Required for all rule types except warp, gateway, and tanium.
    matches List<ZeroTrustDevicePostureRuleMatch>
    The conditions that the client must match to run the rule.
    name String
    Name of the device posture rule.
    schedule String
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    type String
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    accountId string
    The account identifier to target for the resource.
    description string
    expiration string
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs ZeroTrustDevicePostureRuleInput[]
    Required for all rule types except warp, gateway, and tanium.
    matches ZeroTrustDevicePostureRuleMatch[]
    The conditions that the client must match to run the rule.
    name string
    Name of the device posture rule.
    schedule string
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    type string
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    account_id str
    The account identifier to target for the resource.
    description str
    expiration str
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs Sequence[ZeroTrustDevicePostureRuleInputArgs]
    Required for all rule types except warp, gateway, and tanium.
    matches Sequence[ZeroTrustDevicePostureRuleMatchArgs]
    The conditions that the client must match to run the rule.
    name str
    Name of the device posture rule.
    schedule str
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    type str
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
    accountId String
    The account identifier to target for the resource.
    description String
    expiration String
    Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
    inputs List<Property Map>
    Required for all rule types except warp, gateway, and tanium.
    matches List<Property Map>
    The conditions that the client must match to run the rule.
    name String
    Name of the device posture rule.
    schedule String
    Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
    type String
    The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.

    Supporting Types

    ZeroTrustDevicePostureRuleInput, ZeroTrustDevicePostureRuleInputArgs

    ActiveThreats int
    The number of active threats from SentinelOne.
    CertificateId string
    The UUID of a Cloudflare managed certificate.
    CheckDisks List<string>
    Specific volume(s) to check for encryption.
    CheckPrivateKey bool
    Confirm the certificate was not imported from another device.
    Cn string
    The common name for a certificate.
    ComplianceStatus string
    The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
    ConnectionId string
    The workspace one or intune connection id.
    CountOperator string
    The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
    Domain string
    The domain that the client must join.
    EidLastSeen string
    The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
    Enabled bool
    True if the firewall must be enabled.
    Exists bool
    Checks if the file should exist.
    ExtendedKeyUsages List<string>
    List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
    Id string
    The Teams List id. Required for serial_number and unique_client_id rule types.
    Infected bool
    True if SentinelOne device is infected.
    IsActive bool
    True if SentinelOne device is active.
    IssueCount string
    The number of issues for kolide.
    LastSeen string
    The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
    Locations List<ZeroTrustDevicePostureRuleInputLocation>
    List of operating system locations to check for a client certificate..
    NetworkStatus string
    The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
    OperationalState string
    The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
    Operator string
    The version comparison operator. Available values: >, >=, <, <=, ==.
    Os string
    OS signal score from Crowdstrike. Value must be between 1 and 100.
    OsDistroName string
    The operating system excluding version information.
    OsDistroRevision string
    The operating system version excluding OS name information or release name.
    OsVersionExtra string
    Extra version value following the operating system semantic version.
    Overall string
    Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
    Path string
    The path to the file.
    RequireAll bool
    True if all drives must be encrypted.
    RiskLevel string
    The risk level from Tanium. Available values: low, medium, high, critical.
    Running bool
    Checks if the application should be running.
    Score int
    A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
    SensorConfig string
    Sensor signal score from Crowdstrike. Value must be between 1 and 100.
    Sha256 string
    The sha256 hash of the file.
    State string
    The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
    Thumbprint string
    The thumbprint of the file certificate.
    TotalScore int
    The total score from Tanium.
    Version string
    The operating system semantic version.
    VersionOperator string
    The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
    ActiveThreats int
    The number of active threats from SentinelOne.
    CertificateId string
    The UUID of a Cloudflare managed certificate.
    CheckDisks []string
    Specific volume(s) to check for encryption.
    CheckPrivateKey bool
    Confirm the certificate was not imported from another device.
    Cn string
    The common name for a certificate.
    ComplianceStatus string
    The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
    ConnectionId string
    The workspace one or intune connection id.
    CountOperator string
    The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
    Domain string
    The domain that the client must join.
    EidLastSeen string
    The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
    Enabled bool
    True if the firewall must be enabled.
    Exists bool
    Checks if the file should exist.
    ExtendedKeyUsages []string
    List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
    Id string
    The Teams List id. Required for serial_number and unique_client_id rule types.
    Infected bool
    True if SentinelOne device is infected.
    IsActive bool
    True if SentinelOne device is active.
    IssueCount string
    The number of issues for kolide.
    LastSeen string
    The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
    Locations []ZeroTrustDevicePostureRuleInputLocation
    List of operating system locations to check for a client certificate..
    NetworkStatus string
    The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
    OperationalState string
    The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
    Operator string
    The version comparison operator. Available values: >, >=, <, <=, ==.
    Os string
    OS signal score from Crowdstrike. Value must be between 1 and 100.
    OsDistroName string
    The operating system excluding version information.
    OsDistroRevision string
    The operating system version excluding OS name information or release name.
    OsVersionExtra string
    Extra version value following the operating system semantic version.
    Overall string
    Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
    Path string
    The path to the file.
    RequireAll bool
    True if all drives must be encrypted.
    RiskLevel string
    The risk level from Tanium. Available values: low, medium, high, critical.
    Running bool
    Checks if the application should be running.
    Score int
    A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
    SensorConfig string
    Sensor signal score from Crowdstrike. Value must be between 1 and 100.
    Sha256 string
    The sha256 hash of the file.
    State string
    The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
    Thumbprint string
    The thumbprint of the file certificate.
    TotalScore int
    The total score from Tanium.
    Version string
    The operating system semantic version.
    VersionOperator string
    The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
    activeThreats Integer
    The number of active threats from SentinelOne.
    certificateId String
    The UUID of a Cloudflare managed certificate.
    checkDisks List<String>
    Specific volume(s) to check for encryption.
    checkPrivateKey Boolean
    Confirm the certificate was not imported from another device.
    cn String
    The common name for a certificate.
    complianceStatus String
    The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
    connectionId String
    The workspace one or intune connection id.
    countOperator String
    The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
    domain String
    The domain that the client must join.
    eidLastSeen String
    The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
    enabled Boolean
    True if the firewall must be enabled.
    exists Boolean
    Checks if the file should exist.
    extendedKeyUsages List<String>
    List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
    id String
    The Teams List id. Required for serial_number and unique_client_id rule types.
    infected Boolean
    True if SentinelOne device is infected.
    isActive Boolean
    True if SentinelOne device is active.
    issueCount String
    The number of issues for kolide.
    lastSeen String
    The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
    locations List<ZeroTrustDevicePostureRuleInputLocation>
    List of operating system locations to check for a client certificate..
    networkStatus String
    The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
    operationalState String
    The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
    operator String
    The version comparison operator. Available values: >, >=, <, <=, ==.
    os String
    OS signal score from Crowdstrike. Value must be between 1 and 100.
    osDistroName String
    The operating system excluding version information.
    osDistroRevision String
    The operating system version excluding OS name information or release name.
    osVersionExtra String
    Extra version value following the operating system semantic version.
    overall String
    Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
    path String
    The path to the file.
    requireAll Boolean
    True if all drives must be encrypted.
    riskLevel String
    The risk level from Tanium. Available values: low, medium, high, critical.
    running Boolean
    Checks if the application should be running.
    score Integer
    A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
    sensorConfig String
    Sensor signal score from Crowdstrike. Value must be between 1 and 100.
    sha256 String
    The sha256 hash of the file.
    state String
    The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
    thumbprint String
    The thumbprint of the file certificate.
    totalScore Integer
    The total score from Tanium.
    version String
    The operating system semantic version.
    versionOperator String
    The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
    activeThreats number
    The number of active threats from SentinelOne.
    certificateId string
    The UUID of a Cloudflare managed certificate.
    checkDisks string[]
    Specific volume(s) to check for encryption.
    checkPrivateKey boolean
    Confirm the certificate was not imported from another device.
    cn string
    The common name for a certificate.
    complianceStatus string
    The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
    connectionId string
    The workspace one or intune connection id.
    countOperator string
    The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
    domain string
    The domain that the client must join.
    eidLastSeen string
    The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
    enabled boolean
    True if the firewall must be enabled.
    exists boolean
    Checks if the file should exist.
    extendedKeyUsages string[]
    List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
    id string
    The Teams List id. Required for serial_number and unique_client_id rule types.
    infected boolean
    True if SentinelOne device is infected.
    isActive boolean
    True if SentinelOne device is active.
    issueCount string
    The number of issues for kolide.
    lastSeen string
    The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
    locations ZeroTrustDevicePostureRuleInputLocation[]
    List of operating system locations to check for a client certificate..
    networkStatus string
    The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
    operationalState string
    The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
    operator string
    The version comparison operator. Available values: >, >=, <, <=, ==.
    os string
    OS signal score from Crowdstrike. Value must be between 1 and 100.
    osDistroName string
    The operating system excluding version information.
    osDistroRevision string
    The operating system version excluding OS name information or release name.
    osVersionExtra string
    Extra version value following the operating system semantic version.
    overall string
    Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
    path string
    The path to the file.
    requireAll boolean
    True if all drives must be encrypted.
    riskLevel string
    The risk level from Tanium. Available values: low, medium, high, critical.
    running boolean
    Checks if the application should be running.
    score number
    A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
    sensorConfig string
    Sensor signal score from Crowdstrike. Value must be between 1 and 100.
    sha256 string
    The sha256 hash of the file.
    state string
    The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
    thumbprint string
    The thumbprint of the file certificate.
    totalScore number
    The total score from Tanium.
    version string
    The operating system semantic version.
    versionOperator string
    The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
    active_threats int
    The number of active threats from SentinelOne.
    certificate_id str
    The UUID of a Cloudflare managed certificate.
    check_disks Sequence[str]
    Specific volume(s) to check for encryption.
    check_private_key bool
    Confirm the certificate was not imported from another device.
    cn str
    The common name for a certificate.
    compliance_status str
    The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
    connection_id str
    The workspace one or intune connection id.
    count_operator str
    The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
    domain str
    The domain that the client must join.
    eid_last_seen str
    The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
    enabled bool
    True if the firewall must be enabled.
    exists bool
    Checks if the file should exist.
    extended_key_usages Sequence[str]
    List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
    id str
    The Teams List id. Required for serial_number and unique_client_id rule types.
    infected bool
    True if SentinelOne device is infected.
    is_active bool
    True if SentinelOne device is active.
    issue_count str
    The number of issues for kolide.
    last_seen str
    The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
    locations Sequence[ZeroTrustDevicePostureRuleInputLocation]
    List of operating system locations to check for a client certificate..
    network_status str
    The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
    operational_state str
    The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
    operator str
    The version comparison operator. Available values: >, >=, <, <=, ==.
    os str
    OS signal score from Crowdstrike. Value must be between 1 and 100.
    os_distro_name str
    The operating system excluding version information.
    os_distro_revision str
    The operating system version excluding OS name information or release name.
    os_version_extra str
    Extra version value following the operating system semantic version.
    overall str
    Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
    path str
    The path to the file.
    require_all bool
    True if all drives must be encrypted.
    risk_level str
    The risk level from Tanium. Available values: low, medium, high, critical.
    running bool
    Checks if the application should be running.
    score int
    A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
    sensor_config str
    Sensor signal score from Crowdstrike. Value must be between 1 and 100.
    sha256 str
    The sha256 hash of the file.
    state str
    The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
    thumbprint str
    The thumbprint of the file certificate.
    total_score int
    The total score from Tanium.
    version str
    The operating system semantic version.
    version_operator str
    The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
    activeThreats Number
    The number of active threats from SentinelOne.
    certificateId String
    The UUID of a Cloudflare managed certificate.
    checkDisks List<String>
    Specific volume(s) to check for encryption.
    checkPrivateKey Boolean
    Confirm the certificate was not imported from another device.
    cn String
    The common name for a certificate.
    complianceStatus String
    The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
    connectionId String
    The workspace one or intune connection id.
    countOperator String
    The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
    domain String
    The domain that the client must join.
    eidLastSeen String
    The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
    enabled Boolean
    True if the firewall must be enabled.
    exists Boolean
    Checks if the file should exist.
    extendedKeyUsages List<String>
    List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
    id String
    The Teams List id. Required for serial_number and unique_client_id rule types.
    infected Boolean
    True if SentinelOne device is infected.
    isActive Boolean
    True if SentinelOne device is active.
    issueCount String
    The number of issues for kolide.
    lastSeen String
    The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
    locations List<Property Map>
    List of operating system locations to check for a client certificate..
    networkStatus String
    The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
    operationalState String
    The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
    operator String
    The version comparison operator. Available values: >, >=, <, <=, ==.
    os String
    OS signal score from Crowdstrike. Value must be between 1 and 100.
    osDistroName String
    The operating system excluding version information.
    osDistroRevision String
    The operating system version excluding OS name information or release name.
    osVersionExtra String
    Extra version value following the operating system semantic version.
    overall String
    Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
    path String
    The path to the file.
    requireAll Boolean
    True if all drives must be encrypted.
    riskLevel String
    The risk level from Tanium. Available values: low, medium, high, critical.
    running Boolean
    Checks if the application should be running.
    score Number
    A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
    sensorConfig String
    Sensor signal score from Crowdstrike. Value must be between 1 and 100.
    sha256 String
    The sha256 hash of the file.
    state String
    The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
    thumbprint String
    The thumbprint of the file certificate.
    totalScore Number
    The total score from Tanium.
    version String
    The operating system semantic version.
    versionOperator String
    The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.

    ZeroTrustDevicePostureRuleInputLocation, ZeroTrustDevicePostureRuleInputLocationArgs

    Paths List<string>
    List of paths to check for client certificate rule.
    TrustStores List<string>
    List of trust stores to check for client certificate rule. Available values: system, user.
    Paths []string
    List of paths to check for client certificate rule.
    TrustStores []string
    List of trust stores to check for client certificate rule. Available values: system, user.
    paths List<String>
    List of paths to check for client certificate rule.
    trustStores List<String>
    List of trust stores to check for client certificate rule. Available values: system, user.
    paths string[]
    List of paths to check for client certificate rule.
    trustStores string[]
    List of trust stores to check for client certificate rule. Available values: system, user.
    paths Sequence[str]
    List of paths to check for client certificate rule.
    trust_stores Sequence[str]
    List of trust stores to check for client certificate rule. Available values: system, user.
    paths List<String>
    List of paths to check for client certificate rule.
    trustStores List<String>
    List of trust stores to check for client certificate rule. Available values: system, user.

    ZeroTrustDevicePostureRuleMatch, ZeroTrustDevicePostureRuleMatchArgs

    Platform string
    The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
    Platform string
    The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
    platform String
    The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
    platform string
    The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
    platform str
    The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
    platform String
    The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.

    Import

    $ pulumi import cloudflare:index/zeroTrustDevicePostureRule:ZeroTrustDevicePostureRule example <account_id>/<device_posture_rule_id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Cloudflare pulumi/pulumi-cloudflare
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cloudflare Terraform Provider.
    cloudflare logo
    Cloudflare v5.43.0 published on Wednesday, Nov 13, 2024 by Pulumi