Customizing session duration limits for devices on Cloudflare Access
TypeScriptCustomizing session duration limits for devices on Cloudflare Access involves setting a
sessionDuration
within an Access Application. This specifies the time period during which a signed-in device remains authenticated before needing to re-authenticate. In Pulumi's Cloudflare provider, this configuration can be accomplished using thecloudflare.AccessApplication
resource.Below is a Pulumi program written in TypeScript that demonstrates how to set up an Access Application with a custom session duration. This program uses the
cloudflare
package to configure an Access Application.First, you'll need to import the
cloudflare
package. Then you'll create an instance of theAccessApplication
resource. ThesessionDuration
parameter takes a string that defines the length of the session. The format is a combination of days (d
), hours (h
), minutes (m
), and seconds (s
). For example,1d
would set the session duration to 1 day.Here's the program:
import * as cloudflare from "@pulumi/cloudflare"; // Example values for the access application parameters const zoneId = "your-cloudflare-zone-id"; const accountId = "your-cloudflare-account-id"; const appName = "example-application"; const appDomain = "example-application.yourdomain.com"; // Create a new Cloudflare Access Application with custom session duration const accessApplication = new cloudflare.AccessApplication(appName, { zoneId: zoneId, accountId: accountId, name: appName, domain: appDomain, // Set session duration to 8 hours sessionDuration: "8h", }); // Export the ID of the new Access Application export const accessApplicationId = accessApplication.id;
In this example, replace
your-cloudflare-zone-id
andyour-cloudflare-account-id
with your actual Cloudflare Zone ID and Account ID respectively. Also,example-application
would be the name you would like to give to your Access Application, andexample-application.yourdomain.com
should be the domain that the application should protect.The
sessionDuration
is set to "8h" which indicates that the authenticated device will stay signed in for 8 hours. You can customize this value to match your desired session duration.After defining the
accessApplication
, we export the ID of the Access Application for reference, which can be helpful if you want to retrieve or modify it in the future.To apply this Pulumi program, you should have the Pulumi CLI installed and configured for use with your Cloudflare account. You would run
pulumi up
, which will provision the resources defined in the code. The CLI will output theaccessApplicationId
after the resources are provisioned.For more information about the properties you can set on an Access Application, you can refer to the Cloudflare Access Application documentation.