cloudflare.ZeroTrustDeviceProfiles
Explore with Pulumi AI
Provides a Cloudflare Device Settings Policy resource. Device policies configure settings applied to WARP devices.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const developerWarpPolicy = new cloudflare.ZeroTrustDeviceProfiles("developer_warp_policy", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "Developers WARP settings policy",
description: "Developers WARP settings policy description",
precedence: 10,
match: "any(identity.groups.name[*] in {\"Developers\"})",
"default": false,
enabled: true,
allowModeSwitch: true,
allowUpdates: true,
allowedToLeave: true,
autoConnect: 0,
captivePortal: 5,
disableAutoFallback: true,
supportUrl: "https://cloudflare.com",
switchLocked: true,
serviceModeV2Mode: "warp",
serviceModeV2Port: 3000,
excludeOfficeIps: false,
});
import pulumi
import pulumi_cloudflare as cloudflare
developer_warp_policy = cloudflare.ZeroTrustDeviceProfiles("developer_warp_policy",
account_id="f037e56e89293a057740de681ac9abbe",
name="Developers WARP settings policy",
description="Developers WARP settings policy description",
precedence=10,
match="any(identity.groups.name[*] in {\"Developers\"})",
default=False,
enabled=True,
allow_mode_switch=True,
allow_updates=True,
allowed_to_leave=True,
auto_connect=0,
captive_portal=5,
disable_auto_fallback=True,
support_url="https://cloudflare.com",
switch_locked=True,
service_mode_v2_mode="warp",
service_mode_v2_port=3000,
exclude_office_ips=False)
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewZeroTrustDeviceProfiles(ctx, "developer_warp_policy", &cloudflare.ZeroTrustDeviceProfilesArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("Developers WARP settings policy"),
Description: pulumi.String("Developers WARP settings policy description"),
Precedence: pulumi.Int(10),
Match: pulumi.String("any(identity.groups.name[*] in {\"Developers\"})"),
Default: pulumi.Bool(false),
Enabled: pulumi.Bool(true),
AllowModeSwitch: pulumi.Bool(true),
AllowUpdates: pulumi.Bool(true),
AllowedToLeave: pulumi.Bool(true),
AutoConnect: pulumi.Int(0),
CaptivePortal: pulumi.Int(5),
DisableAutoFallback: pulumi.Bool(true),
SupportUrl: pulumi.String("https://cloudflare.com"),
SwitchLocked: pulumi.Bool(true),
ServiceModeV2Mode: pulumi.String("warp"),
ServiceModeV2Port: pulumi.Int(3000),
ExcludeOfficeIps: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var developerWarpPolicy = new Cloudflare.ZeroTrustDeviceProfiles("developer_warp_policy", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "Developers WARP settings policy",
Description = "Developers WARP settings policy description",
Precedence = 10,
Match = "any(identity.groups.name[*] in {\"Developers\"})",
Default = false,
Enabled = true,
AllowModeSwitch = true,
AllowUpdates = true,
AllowedToLeave = true,
AutoConnect = 0,
CaptivePortal = 5,
DisableAutoFallback = true,
SupportUrl = "https://cloudflare.com",
SwitchLocked = true,
ServiceModeV2Mode = "warp",
ServiceModeV2Port = 3000,
ExcludeOfficeIps = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZeroTrustDeviceProfiles;
import com.pulumi.cloudflare.ZeroTrustDeviceProfilesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var developerWarpPolicy = new ZeroTrustDeviceProfiles("developerWarpPolicy", ZeroTrustDeviceProfilesArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("Developers WARP settings policy")
.description("Developers WARP settings policy description")
.precedence(10)
.match("any(identity.groups.name[*] in {\"Developers\"})")
.default_(false)
.enabled(true)
.allowModeSwitch(true)
.allowUpdates(true)
.allowedToLeave(true)
.autoConnect(0)
.captivePortal(5)
.disableAutoFallback(true)
.supportUrl("https://cloudflare.com")
.switchLocked(true)
.serviceModeV2Mode("warp")
.serviceModeV2Port(3000)
.excludeOfficeIps(false)
.build());
}
}
resources:
developerWarpPolicy:
type: cloudflare:ZeroTrustDeviceProfiles
name: developer_warp_policy
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: Developers WARP settings policy
description: Developers WARP settings policy description
precedence: 10
match: any(identity.groups.name[*] in {"Developers"})
default: false
enabled: true
allowModeSwitch: true
allowUpdates: true
allowedToLeave: true
autoConnect: 0
captivePortal: 5
disableAutoFallback: true
supportUrl: https://cloudflare.com
switchLocked: true
serviceModeV2Mode: warp
serviceModeV2Port: 3000
excludeOfficeIps: false
Create ZeroTrustDeviceProfiles Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZeroTrustDeviceProfiles(name: string, args: ZeroTrustDeviceProfilesArgs, opts?: CustomResourceOptions);
@overload
def ZeroTrustDeviceProfiles(resource_name: str,
args: ZeroTrustDeviceProfilesArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZeroTrustDeviceProfiles(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
name: Optional[str] = None,
description: Optional[str] = None,
auto_connect: Optional[int] = None,
exclude_office_ips: Optional[bool] = None,
captive_portal: Optional[int] = None,
default: Optional[bool] = None,
allow_updates: Optional[bool] = None,
disable_auto_fallback: Optional[bool] = None,
enabled: Optional[bool] = None,
allowed_to_leave: Optional[bool] = None,
match: Optional[str] = None,
allow_mode_switch: Optional[bool] = None,
precedence: Optional[int] = None,
service_mode_v2_mode: Optional[str] = None,
service_mode_v2_port: Optional[int] = None,
support_url: Optional[str] = None,
switch_locked: Optional[bool] = None,
tunnel_protocol: Optional[str] = None)
func NewZeroTrustDeviceProfiles(ctx *Context, name string, args ZeroTrustDeviceProfilesArgs, opts ...ResourceOption) (*ZeroTrustDeviceProfiles, error)
public ZeroTrustDeviceProfiles(string name, ZeroTrustDeviceProfilesArgs args, CustomResourceOptions? opts = null)
public ZeroTrustDeviceProfiles(String name, ZeroTrustDeviceProfilesArgs args)
public ZeroTrustDeviceProfiles(String name, ZeroTrustDeviceProfilesArgs args, CustomResourceOptions options)
type: cloudflare:ZeroTrustDeviceProfiles
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ZeroTrustDeviceProfilesArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZeroTrustDeviceProfilesArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZeroTrustDeviceProfilesArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZeroTrustDeviceProfilesArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZeroTrustDeviceProfilesArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zeroTrustDeviceProfilesResource = new Cloudflare.ZeroTrustDeviceProfiles("zeroTrustDeviceProfilesResource", new()
{
AccountId = "string",
Name = "string",
Description = "string",
AutoConnect = 0,
ExcludeOfficeIps = false,
CaptivePortal = 0,
Default = false,
AllowUpdates = false,
DisableAutoFallback = false,
Enabled = false,
AllowedToLeave = false,
Match = "string",
AllowModeSwitch = false,
Precedence = 0,
ServiceModeV2Mode = "string",
ServiceModeV2Port = 0,
SupportUrl = "string",
SwitchLocked = false,
TunnelProtocol = "string",
});
example, err := cloudflare.NewZeroTrustDeviceProfiles(ctx, "zeroTrustDeviceProfilesResource", &cloudflare.ZeroTrustDeviceProfilesArgs{
AccountId: pulumi.String("string"),
Name: pulumi.String("string"),
Description: pulumi.String("string"),
AutoConnect: pulumi.Int(0),
ExcludeOfficeIps: pulumi.Bool(false),
CaptivePortal: pulumi.Int(0),
Default: pulumi.Bool(false),
AllowUpdates: pulumi.Bool(false),
DisableAutoFallback: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
AllowedToLeave: pulumi.Bool(false),
Match: pulumi.String("string"),
AllowModeSwitch: pulumi.Bool(false),
Precedence: pulumi.Int(0),
ServiceModeV2Mode: pulumi.String("string"),
ServiceModeV2Port: pulumi.Int(0),
SupportUrl: pulumi.String("string"),
SwitchLocked: pulumi.Bool(false),
TunnelProtocol: pulumi.String("string"),
})
var zeroTrustDeviceProfilesResource = new ZeroTrustDeviceProfiles("zeroTrustDeviceProfilesResource", ZeroTrustDeviceProfilesArgs.builder()
.accountId("string")
.name("string")
.description("string")
.autoConnect(0)
.excludeOfficeIps(false)
.captivePortal(0)
.default_(false)
.allowUpdates(false)
.disableAutoFallback(false)
.enabled(false)
.allowedToLeave(false)
.match("string")
.allowModeSwitch(false)
.precedence(0)
.serviceModeV2Mode("string")
.serviceModeV2Port(0)
.supportUrl("string")
.switchLocked(false)
.tunnelProtocol("string")
.build());
zero_trust_device_profiles_resource = cloudflare.ZeroTrustDeviceProfiles("zeroTrustDeviceProfilesResource",
account_id="string",
name="string",
description="string",
auto_connect=0,
exclude_office_ips=False,
captive_portal=0,
default=False,
allow_updates=False,
disable_auto_fallback=False,
enabled=False,
allowed_to_leave=False,
match="string",
allow_mode_switch=False,
precedence=0,
service_mode_v2_mode="string",
service_mode_v2_port=0,
support_url="string",
switch_locked=False,
tunnel_protocol="string")
const zeroTrustDeviceProfilesResource = new cloudflare.ZeroTrustDeviceProfiles("zeroTrustDeviceProfilesResource", {
accountId: "string",
name: "string",
description: "string",
autoConnect: 0,
excludeOfficeIps: false,
captivePortal: 0,
"default": false,
allowUpdates: false,
disableAutoFallback: false,
enabled: false,
allowedToLeave: false,
match: "string",
allowModeSwitch: false,
precedence: 0,
serviceModeV2Mode: "string",
serviceModeV2Port: 0,
supportUrl: "string",
switchLocked: false,
tunnelProtocol: "string",
});
type: cloudflare:ZeroTrustDeviceProfiles
properties:
accountId: string
allowModeSwitch: false
allowUpdates: false
allowedToLeave: false
autoConnect: 0
captivePortal: 0
default: false
description: string
disableAutoFallback: false
enabled: false
excludeOfficeIps: false
match: string
name: string
precedence: 0
serviceModeV2Mode: string
serviceModeV2Port: 0
supportUrl: string
switchLocked: false
tunnelProtocol: string
ZeroTrustDeviceProfiles Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZeroTrustDeviceProfiles resource accepts the following input properties:
- Account
Id string - The account identifier to target for the resource.
- Description string
- Description of Policy.
- Name string
- Name of the policy.
- Allow
Mode boolSwitch - Whether to allow mode switch for this policy.
- Allow
Updates bool - Whether to allow updates under this policy.
- Allowed
To boolLeave - Whether to allow devices to leave the organization. Defaults to
true
. - Auto
Connect int - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal int - The captive portal value for this policy. Defaults to
180
. - Default bool
- Whether the policy refers to the default account policy.
- Disable
Auto boolFallback - Whether to disable auto fallback for this policy.
- Enabled bool
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - Exclude
Office boolIps - Whether to add Microsoft IPs to split tunnel exclusions.
- Match string
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- Precedence int
- The precedence of the policy. Lower values indicate higher precedence.
- Service
Mode stringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - Service
Mode intV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - Support
Url string - The support URL that will be opened when sending feedback.
- Switch
Locked bool - Enablement of the ZT client switch lock.
- Tunnel
Protocol string - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- Account
Id string - The account identifier to target for the resource.
- Description string
- Description of Policy.
- Name string
- Name of the policy.
- Allow
Mode boolSwitch - Whether to allow mode switch for this policy.
- Allow
Updates bool - Whether to allow updates under this policy.
- Allowed
To boolLeave - Whether to allow devices to leave the organization. Defaults to
true
. - Auto
Connect int - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal int - The captive portal value for this policy. Defaults to
180
. - Default bool
- Whether the policy refers to the default account policy.
- Disable
Auto boolFallback - Whether to disable auto fallback for this policy.
- Enabled bool
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - Exclude
Office boolIps - Whether to add Microsoft IPs to split tunnel exclusions.
- Match string
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- Precedence int
- The precedence of the policy. Lower values indicate higher precedence.
- Service
Mode stringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - Service
Mode intV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - Support
Url string - The support URL that will be opened when sending feedback.
- Switch
Locked bool - Enablement of the ZT client switch lock.
- Tunnel
Protocol string - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account
Id String - The account identifier to target for the resource.
- description String
- Description of Policy.
- name String
- Name of the policy.
- allow
Mode BooleanSwitch - Whether to allow mode switch for this policy.
- allow
Updates Boolean - Whether to allow updates under this policy.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization. Defaults to
true
. - auto
Connect Integer - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Integer - The captive portal value for this policy. Defaults to
180
. - default_ Boolean
- Whether the policy refers to the default account policy.
- disable
Auto BooleanFallback - Whether to disable auto fallback for this policy.
- enabled Boolean
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude
Office BooleanIps - Whether to add Microsoft IPs to split tunnel exclusions.
- match String
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- precedence Integer
- The precedence of the policy. Lower values indicate higher precedence.
- service
Mode StringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service
Mode IntegerV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support
Url String - The support URL that will be opened when sending feedback.
- switch
Locked Boolean - Enablement of the ZT client switch lock.
- tunnel
Protocol String - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account
Id string - The account identifier to target for the resource.
- description string
- Description of Policy.
- name string
- Name of the policy.
- allow
Mode booleanSwitch - Whether to allow mode switch for this policy.
- allow
Updates boolean - Whether to allow updates under this policy.
- allowed
To booleanLeave - Whether to allow devices to leave the organization. Defaults to
true
. - auto
Connect number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal number - The captive portal value for this policy. Defaults to
180
. - default boolean
- Whether the policy refers to the default account policy.
- disable
Auto booleanFallback - Whether to disable auto fallback for this policy.
- enabled boolean
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude
Office booleanIps - Whether to add Microsoft IPs to split tunnel exclusions.
- match string
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- precedence number
- The precedence of the policy. Lower values indicate higher precedence.
- service
Mode stringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service
Mode numberV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support
Url string - The support URL that will be opened when sending feedback.
- switch
Locked boolean - Enablement of the ZT client switch lock.
- tunnel
Protocol string - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account_
id str - The account identifier to target for the resource.
- description str
- Description of Policy.
- name str
- Name of the policy.
- allow_
mode_ boolswitch - Whether to allow mode switch for this policy.
- allow_
updates bool - Whether to allow updates under this policy.
- allowed_
to_ boolleave - Whether to allow devices to leave the organization. Defaults to
true
. - auto_
connect int - The amount of time in seconds to reconnect after having been disabled.
- captive_
portal int - The captive portal value for this policy. Defaults to
180
. - default bool
- Whether the policy refers to the default account policy.
- disable_
auto_ boolfallback - Whether to disable auto fallback for this policy.
- enabled bool
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude_
office_ boolips - Whether to add Microsoft IPs to split tunnel exclusions.
- match str
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- precedence int
- The precedence of the policy. Lower values indicate higher precedence.
- service_
mode_ strv2_ mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service_
mode_ intv2_ port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support_
url str - The support URL that will be opened when sending feedback.
- switch_
locked bool - Enablement of the ZT client switch lock.
- tunnel_
protocol str - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account
Id String - The account identifier to target for the resource.
- description String
- Description of Policy.
- name String
- Name of the policy.
- allow
Mode BooleanSwitch - Whether to allow mode switch for this policy.
- allow
Updates Boolean - Whether to allow updates under this policy.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization. Defaults to
true
. - auto
Connect Number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Number - The captive portal value for this policy. Defaults to
180
. - default Boolean
- Whether the policy refers to the default account policy.
- disable
Auto BooleanFallback - Whether to disable auto fallback for this policy.
- enabled Boolean
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude
Office BooleanIps - Whether to add Microsoft IPs to split tunnel exclusions.
- match String
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- precedence Number
- The precedence of the policy. Lower values indicate higher precedence.
- service
Mode StringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service
Mode NumberV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support
Url String - The support URL that will be opened when sending feedback.
- switch
Locked Boolean - Enablement of the ZT client switch lock.
- tunnel
Protocol String - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
Outputs
All input properties are implicitly available as output properties. Additionally, the ZeroTrustDeviceProfiles resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ZeroTrustDeviceProfiles Resource
Get an existing ZeroTrustDeviceProfiles resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZeroTrustDeviceProfilesState, opts?: CustomResourceOptions): ZeroTrustDeviceProfiles
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
allow_mode_switch: Optional[bool] = None,
allow_updates: Optional[bool] = None,
allowed_to_leave: Optional[bool] = None,
auto_connect: Optional[int] = None,
captive_portal: Optional[int] = None,
default: Optional[bool] = None,
description: Optional[str] = None,
disable_auto_fallback: Optional[bool] = None,
enabled: Optional[bool] = None,
exclude_office_ips: Optional[bool] = None,
match: Optional[str] = None,
name: Optional[str] = None,
precedence: Optional[int] = None,
service_mode_v2_mode: Optional[str] = None,
service_mode_v2_port: Optional[int] = None,
support_url: Optional[str] = None,
switch_locked: Optional[bool] = None,
tunnel_protocol: Optional[str] = None) -> ZeroTrustDeviceProfiles
func GetZeroTrustDeviceProfiles(ctx *Context, name string, id IDInput, state *ZeroTrustDeviceProfilesState, opts ...ResourceOption) (*ZeroTrustDeviceProfiles, error)
public static ZeroTrustDeviceProfiles Get(string name, Input<string> id, ZeroTrustDeviceProfilesState? state, CustomResourceOptions? opts = null)
public static ZeroTrustDeviceProfiles get(String name, Output<String> id, ZeroTrustDeviceProfilesState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource.
- Allow
Mode boolSwitch - Whether to allow mode switch for this policy.
- Allow
Updates bool - Whether to allow updates under this policy.
- Allowed
To boolLeave - Whether to allow devices to leave the organization. Defaults to
true
. - Auto
Connect int - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal int - The captive portal value for this policy. Defaults to
180
. - Default bool
- Whether the policy refers to the default account policy.
- Description string
- Description of Policy.
- Disable
Auto boolFallback - Whether to disable auto fallback for this policy.
- Enabled bool
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - Exclude
Office boolIps - Whether to add Microsoft IPs to split tunnel exclusions.
- Match string
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- Name string
- Name of the policy.
- Precedence int
- The precedence of the policy. Lower values indicate higher precedence.
- Service
Mode stringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - Service
Mode intV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - Support
Url string - The support URL that will be opened when sending feedback.
- Switch
Locked bool - Enablement of the ZT client switch lock.
- Tunnel
Protocol string - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- Account
Id string - The account identifier to target for the resource.
- Allow
Mode boolSwitch - Whether to allow mode switch for this policy.
- Allow
Updates bool - Whether to allow updates under this policy.
- Allowed
To boolLeave - Whether to allow devices to leave the organization. Defaults to
true
. - Auto
Connect int - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal int - The captive portal value for this policy. Defaults to
180
. - Default bool
- Whether the policy refers to the default account policy.
- Description string
- Description of Policy.
- Disable
Auto boolFallback - Whether to disable auto fallback for this policy.
- Enabled bool
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - Exclude
Office boolIps - Whether to add Microsoft IPs to split tunnel exclusions.
- Match string
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- Name string
- Name of the policy.
- Precedence int
- The precedence of the policy. Lower values indicate higher precedence.
- Service
Mode stringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - Service
Mode intV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - Support
Url string - The support URL that will be opened when sending feedback.
- Switch
Locked bool - Enablement of the ZT client switch lock.
- Tunnel
Protocol string - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account
Id String - The account identifier to target for the resource.
- allow
Mode BooleanSwitch - Whether to allow mode switch for this policy.
- allow
Updates Boolean - Whether to allow updates under this policy.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization. Defaults to
true
. - auto
Connect Integer - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Integer - The captive portal value for this policy. Defaults to
180
. - default_ Boolean
- Whether the policy refers to the default account policy.
- description String
- Description of Policy.
- disable
Auto BooleanFallback - Whether to disable auto fallback for this policy.
- enabled Boolean
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude
Office BooleanIps - Whether to add Microsoft IPs to split tunnel exclusions.
- match String
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- name String
- Name of the policy.
- precedence Integer
- The precedence of the policy. Lower values indicate higher precedence.
- service
Mode StringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service
Mode IntegerV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support
Url String - The support URL that will be opened when sending feedback.
- switch
Locked Boolean - Enablement of the ZT client switch lock.
- tunnel
Protocol String - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account
Id string - The account identifier to target for the resource.
- allow
Mode booleanSwitch - Whether to allow mode switch for this policy.
- allow
Updates boolean - Whether to allow updates under this policy.
- allowed
To booleanLeave - Whether to allow devices to leave the organization. Defaults to
true
. - auto
Connect number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal number - The captive portal value for this policy. Defaults to
180
. - default boolean
- Whether the policy refers to the default account policy.
- description string
- Description of Policy.
- disable
Auto booleanFallback - Whether to disable auto fallback for this policy.
- enabled boolean
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude
Office booleanIps - Whether to add Microsoft IPs to split tunnel exclusions.
- match string
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- name string
- Name of the policy.
- precedence number
- The precedence of the policy. Lower values indicate higher precedence.
- service
Mode stringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service
Mode numberV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support
Url string - The support URL that will be opened when sending feedback.
- switch
Locked boolean - Enablement of the ZT client switch lock.
- tunnel
Protocol string - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account_
id str - The account identifier to target for the resource.
- allow_
mode_ boolswitch - Whether to allow mode switch for this policy.
- allow_
updates bool - Whether to allow updates under this policy.
- allowed_
to_ boolleave - Whether to allow devices to leave the organization. Defaults to
true
. - auto_
connect int - The amount of time in seconds to reconnect after having been disabled.
- captive_
portal int - The captive portal value for this policy. Defaults to
180
. - default bool
- Whether the policy refers to the default account policy.
- description str
- Description of Policy.
- disable_
auto_ boolfallback - Whether to disable auto fallback for this policy.
- enabled bool
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude_
office_ boolips - Whether to add Microsoft IPs to split tunnel exclusions.
- match str
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- name str
- Name of the policy.
- precedence int
- The precedence of the policy. Lower values indicate higher precedence.
- service_
mode_ strv2_ mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service_
mode_ intv2_ port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support_
url str - The support URL that will be opened when sending feedback.
- switch_
locked bool - Enablement of the ZT client switch lock.
- tunnel_
protocol str - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
- account
Id String - The account identifier to target for the resource.
- allow
Mode BooleanSwitch - Whether to allow mode switch for this policy.
- allow
Updates Boolean - Whether to allow updates under this policy.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization. Defaults to
true
. - auto
Connect Number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Number - The captive portal value for this policy. Defaults to
180
. - default Boolean
- Whether the policy refers to the default account policy.
- description String
- Description of Policy.
- disable
Auto BooleanFallback - Whether to disable auto fallback for this policy.
- enabled Boolean
- Whether the policy is enabled (cannot be set for default policies). Defaults to
true
. - exclude
Office BooleanIps - Whether to add Microsoft IPs to split tunnel exclusions.
- match String
- Wirefilter expression to match a device against when evaluating whether this policy should take effect for that device.
- name String
- Name of the policy.
- precedence Number
- The precedence of the policy. Lower values indicate higher precedence.
- service
Mode StringV2Mode - The service mode. Available values:
1dot1
,warp
,proxy
,posture_only
,warp_tunnel_only
. Defaults towarp
. - service
Mode NumberV2Port - The port to use for the proxy service mode. Required when using
service_mode_v2_mode
. - support
Url String - The support URL that will be opened when sending feedback.
- switch
Locked Boolean - Enablement of the ZT client switch lock.
- tunnel
Protocol String - Determines which tunnel protocol to use. Available values:
""
,wireguard
,masque
. Defaults towireguard
.
Import
For default device settings policies you must use “default” as the policy ID.
$ pulumi import cloudflare:index/zeroTrustDeviceProfiles:ZeroTrustDeviceProfiles example <account_id>/<device_policy_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflare
Terraform Provider.