1. Customizing session duration limits for devices on Cloudflare Access

    TypeScript

    Customizing session duration limits for devices on Cloudflare Access involves setting a sessionDuration within an Access Application. This specifies the time period during which a signed-in device remains authenticated before needing to re-authenticate. In Pulumi's Cloudflare provider, this configuration can be accomplished using the cloudflare.AccessApplication resource.

    Below is a Pulumi program written in TypeScript that demonstrates how to set up an Access Application with a custom session duration. This program uses the cloudflare package to configure an Access Application.

    First, you'll need to import the cloudflare package. Then you'll create an instance of the AccessApplication resource. The sessionDuration parameter takes a string that defines the length of the session. The format is a combination of days (d), hours (h), minutes (m), and seconds (s). For example, 1d would set the session duration to 1 day.

    Here's the program:

    import * as cloudflare from "@pulumi/cloudflare"; // Example values for the access application parameters const zoneId = "your-cloudflare-zone-id"; const accountId = "your-cloudflare-account-id"; const appName = "example-application"; const appDomain = "example-application.yourdomain.com"; // Create a new Cloudflare Access Application with custom session duration const accessApplication = new cloudflare.AccessApplication(appName, { zoneId: zoneId, accountId: accountId, name: appName, domain: appDomain, // Set session duration to 8 hours sessionDuration: "8h", }); // Export the ID of the new Access Application export const accessApplicationId = accessApplication.id;

    In this example, replace your-cloudflare-zone-id and your-cloudflare-account-id with your actual Cloudflare Zone ID and Account ID respectively. Also, example-application would be the name you would like to give to your Access Application, and example-application.yourdomain.com should be the domain that the application should protect.

    The sessionDuration is set to "8h" which indicates that the authenticated device will stay signed in for 8 hours. You can customize this value to match your desired session duration.

    After defining the accessApplication, we export the ID of the Access Application for reference, which can be helpful if you want to retrieve or modify it in the future.

    To apply this Pulumi program, you should have the Pulumi CLI installed and configured for use with your Cloudflare account. You would run pulumi up, which will provision the resources defined in the code. The CLI will output the accessApplicationId after the resources are provisioned.

    For more information about the properties you can set on an Access Application, you can refer to the Cloudflare Access Application documentation.