AccessPolicy
Provides a Cloudflare Access Policy resource. Access Policies are used in conjunction with Access Applications to restrict access to a particular resource.
Example Usage
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
class MyStack : Stack
{
public MyStack()
{
// Allowing access to `test@example.com` email address only
var testPolicyAccessPolicy = new Cloudflare.AccessPolicy("testPolicyAccessPolicy", new Cloudflare.AccessPolicyArgs
{
ApplicationId = "cb029e245cfdd66dc8d2e570d5dd3322",
ZoneId = "d41d8cd98f00b204e9800998ecf8427e",
Name = "staging policy",
Precedence = 1,
Decision = "allow",
Includes =
{
new Cloudflare.Inputs.AccessPolicyIncludeArgs
{
Emails =
{
"test@example.com",
},
},
},
});
// Allowing `test@example.com` to access but only when coming from a
// specific IP.
var testPolicyIndex_accessPolicyAccessPolicy = new Cloudflare.AccessPolicy("testPolicyIndex/accessPolicyAccessPolicy", new Cloudflare.AccessPolicyArgs
{
ApplicationId = "cb029e245cfdd66dc8d2e570d5dd3322",
ZoneId = "d41d8cd98f00b204e9800998ecf8427e",
Name = "staging policy",
Precedence = 1,
Decision = "allow",
Includes =
{
new Cloudflare.Inputs.AccessPolicyIncludeArgs
{
Emails =
{
"test@example.com",
},
},
},
Requires =
{
{ "ips",
{
@var.Office_ip,
} },
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v2/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewAccessPolicy(ctx, "testPolicyAccessPolicy", &cloudflare.AccessPolicyArgs{
ApplicationId: pulumi.String("cb029e245cfdd66dc8d2e570d5dd3322"),
ZoneId: pulumi.String("d41d8cd98f00b204e9800998ecf8427e"),
Name: pulumi.String("staging policy"),
Precedence: pulumi.Int(1),
Decision: pulumi.String("allow"),
Includes: cloudflare.AccessPolicyIncludeArray{
&cloudflare.AccessPolicyIncludeArgs{
Emails: pulumi.StringArray{
pulumi.String("test@example.com"),
},
},
},
})
if err != nil {
return err
}
_, err = cloudflare.NewAccessPolicy(ctx, "testPolicyIndex_accessPolicyAccessPolicy", &cloudflare.AccessPolicyArgs{
ApplicationId: pulumi.String("cb029e245cfdd66dc8d2e570d5dd3322"),
ZoneId: pulumi.String("d41d8cd98f00b204e9800998ecf8427e"),
Name: pulumi.String("staging policy"),
Precedence: pulumi.Int(1),
Decision: pulumi.String("allow"),
Includes: cloudflare.AccessPolicyIncludeArray{
&cloudflare.AccessPolicyIncludeArgs{
Emails: pulumi.StringArray{
pulumi.String("test@example.com"),
},
},
},
Requires: cloudflare.AccessPolicyRequireArray{
Ips: cloudflare.AccessPolicyRequireArgs{
pulumi.Any(_var.Office_ip),
},
},
})
if err != nil {
return err
}
return nil
})
}
import pulumi
import pulumi_cloudflare as cloudflare
# Allowing access to `test@example.com` email address only
test_policy_access_policy = cloudflare.AccessPolicy("testPolicyAccessPolicy",
application_id="cb029e245cfdd66dc8d2e570d5dd3322",
zone_id="d41d8cd98f00b204e9800998ecf8427e",
name="staging policy",
precedence=1,
decision="allow",
includes=[cloudflare.AccessPolicyIncludeArgs(
emails=["test@example.com"],
)])
# Allowing `test@example.com` to access but only when coming from a
# specific IP.
test_policy_index_access_policy_access_policy = cloudflare.AccessPolicy("testPolicyIndex/accessPolicyAccessPolicy",
application_id="cb029e245cfdd66dc8d2e570d5dd3322",
zone_id="d41d8cd98f00b204e9800998ecf8427e",
name="staging policy",
precedence=1,
decision="allow",
includes=[cloudflare.AccessPolicyIncludeArgs(
emails=["test@example.com"],
)],
requires={
"ips": [var["office_ip"]],
})
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Allowing access to `test@example.com` email address only
const testPolicyAccessPolicy = new cloudflare.AccessPolicy("testPolicyAccessPolicy", {
applicationId: "cb029e245cfdd66dc8d2e570d5dd3322",
zoneId: "d41d8cd98f00b204e9800998ecf8427e",
name: "staging policy",
precedence: "1",
decision: "allow",
includes: [{
emails: ["test@example.com"],
}],
});
// Allowing `test@example.com` to access but only when coming from a
// specific IP.
const testPolicyIndex_accessPolicyAccessPolicy = new cloudflare.AccessPolicy("testPolicyIndex/accessPolicyAccessPolicy", {
applicationId: "cb029e245cfdd66dc8d2e570d5dd3322",
zoneId: "d41d8cd98f00b204e9800998ecf8427e",
name: "staging policy",
precedence: "1",
decision: "allow",
includes: [{
emails: ["test@example.com"],
}],
requires: {
ips: [_var.office_ip],
},
});
Create a AccessPolicy Resource
new AccessPolicy(name: string, args: AccessPolicyArgs, opts?: CustomResourceOptions);
def AccessPolicy(resource_name: str, opts: Optional[ResourceOptions] = None, account_id: Optional[str] = None, application_id: Optional[str] = None, decision: Optional[str] = None, excludes: Optional[Sequence[AccessPolicyExcludeArgs]] = None, includes: Optional[Sequence[AccessPolicyIncludeArgs]] = None, name: Optional[str] = None, precedence: Optional[int] = None, requires: Optional[Sequence[AccessPolicyRequireArgs]] = None, zone_id: Optional[str] = None)
func NewAccessPolicy(ctx *Context, name string, args AccessPolicyArgs, opts ...ResourceOption) (*AccessPolicy, error)
public AccessPolicy(string name, AccessPolicyArgs args, CustomResourceOptions? opts = null)
- name string
- The unique name of the resource.
- args AccessPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
AccessPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The AccessPolicy resource accepts the following input properties:
- Application
Id string The ID of the application the policy is associated with.
- Decision string
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- Includes
List<Access
Policy Include Args> A series of access conditions, see Access Groups.
- Name string
Friendly name of the Access Application.
- Account
Id string The account to which the access rule should be added. Conflicts with
zone_id
.- Excludes
List<Access
Policy Exclude Args> A series of access conditions, see Access Groups.
- Precedence int
The unique precedence for policies on a single application. Integer.
- Requires
List<Access
Policy Require Args> A series of access conditions, see Access Groups.
- Zone
Id string The DNS zone to which the access rule should be added. Conflicts with
account_id
.
- Application
Id string The ID of the application the policy is associated with.
- Decision string
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- Includes
[]Access
Policy Include A series of access conditions, see Access Groups.
- Name string
Friendly name of the Access Application.
- Account
Id string The account to which the access rule should be added. Conflicts with
zone_id
.- Excludes
[]Access
Policy Exclude A series of access conditions, see Access Groups.
- Precedence int
The unique precedence for policies on a single application. Integer.
- Requires
[]Access
Policy Require A series of access conditions, see Access Groups.
- Zone
Id string The DNS zone to which the access rule should be added. Conflicts with
account_id
.
- application
Id string The ID of the application the policy is associated with.
- decision string
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- includes
Access
Policy Include[] A series of access conditions, see Access Groups.
- name string
Friendly name of the Access Application.
- account
Id string The account to which the access rule should be added. Conflicts with
zone_id
.- excludes
Access
Policy Exclude[] A series of access conditions, see Access Groups.
- precedence number
The unique precedence for policies on a single application. Integer.
- requires
Access
Policy Require[] A series of access conditions, see Access Groups.
- zone
Id string The DNS zone to which the access rule should be added. Conflicts with
account_id
.
- application_
id str The ID of the application the policy is associated with.
- decision str
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- includes
Sequence[Access
Policy Include Args] A series of access conditions, see Access Groups.
- name str
Friendly name of the Access Application.
- account_
id str The account to which the access rule should be added. Conflicts with
zone_id
.- excludes
Sequence[Access
Policy Exclude Args] A series of access conditions, see Access Groups.
- precedence int
The unique precedence for policies on a single application. Integer.
- requires
Sequence[Access
Policy Require Args] A series of access conditions, see Access Groups.
- zone_
id str The DNS zone to which the access rule should be added. Conflicts with
account_id
.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccessPolicy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
Look up an Existing AccessPolicy Resource
Get an existing AccessPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessPolicyState, opts?: CustomResourceOptions): AccessPolicy
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, account_id: Optional[str] = None, application_id: Optional[str] = None, decision: Optional[str] = None, excludes: Optional[Sequence[AccessPolicyExcludeArgs]] = None, includes: Optional[Sequence[AccessPolicyIncludeArgs]] = None, name: Optional[str] = None, precedence: Optional[int] = None, requires: Optional[Sequence[AccessPolicyRequireArgs]] = None, zone_id: Optional[str] = None) -> AccessPolicy
func GetAccessPolicy(ctx *Context, name string, id IDInput, state *AccessPolicyState, opts ...ResourceOption) (*AccessPolicy, error)
public static AccessPolicy Get(string name, Input<string> id, AccessPolicyState? state, CustomResourceOptions? opts = null)
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Account
Id string The account to which the access rule should be added. Conflicts with
zone_id
.- Application
Id string The ID of the application the policy is associated with.
- Decision string
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- Excludes
List<Access
Policy Exclude Args> A series of access conditions, see Access Groups.
- Includes
List<Access
Policy Include Args> A series of access conditions, see Access Groups.
- Name string
Friendly name of the Access Application.
- Precedence int
The unique precedence for policies on a single application. Integer.
- Requires
List<Access
Policy Require Args> A series of access conditions, see Access Groups.
- Zone
Id string The DNS zone to which the access rule should be added. Conflicts with
account_id
.
- Account
Id string The account to which the access rule should be added. Conflicts with
zone_id
.- Application
Id string The ID of the application the policy is associated with.
- Decision string
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- Excludes
[]Access
Policy Exclude A series of access conditions, see Access Groups.
- Includes
[]Access
Policy Include A series of access conditions, see Access Groups.
- Name string
Friendly name of the Access Application.
- Precedence int
The unique precedence for policies on a single application. Integer.
- Requires
[]Access
Policy Require A series of access conditions, see Access Groups.
- Zone
Id string The DNS zone to which the access rule should be added. Conflicts with
account_id
.
- account
Id string The account to which the access rule should be added. Conflicts with
zone_id
.- application
Id string The ID of the application the policy is associated with.
- decision string
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- excludes
Access
Policy Exclude[] A series of access conditions, see Access Groups.
- includes
Access
Policy Include[] A series of access conditions, see Access Groups.
- name string
Friendly name of the Access Application.
- precedence number
The unique precedence for policies on a single application. Integer.
- requires
Access
Policy Require[] A series of access conditions, see Access Groups.
- zone
Id string The DNS zone to which the access rule should be added. Conflicts with
account_id
.
- account_
id str The account to which the access rule should be added. Conflicts with
zone_id
.- application_
id str The ID of the application the policy is associated with.
- decision str
Defines the action Access will take if the policy matches the user. Allowed values:
allow
,deny
,non_identity
,bypass
- excludes
Sequence[Access
Policy Exclude Args] A series of access conditions, see Access Groups.
- includes
Sequence[Access
Policy Include Args] A series of access conditions, see Access Groups.
- name str
Friendly name of the Access Application.
- precedence int
The unique precedence for policies on a single application. Integer.
- requires
Sequence[Access
Policy Require Args] A series of access conditions, see Access Groups.
- zone_
id str The DNS zone to which the access rule should be added. Conflicts with
account_id
.
Supporting Types
AccessPolicyExclude
- Any
Valid boolService Token - Auth
Method string - Azures
List<Access
Policy Exclude Azure Args> - Certificate bool
- Common
Name string - Email
Domains List<string> - Emails List<string>
- Everyone bool
- Geos List<string>
- Githubs
List<Access
Policy Exclude Github Args> - Groups List<string>
- Gsuites
List<Access
Policy Exclude Gsuite Args> - Ips List<string>
- Oktas
List<Access
Policy Exclude Okta Args> - Samls
List<Access
Policy Exclude Saml Args> - Service
Tokens List<string>
- Any
Valid boolService Token - Auth
Method string - Azures
[]Access
Policy Exclude Azure - Certificate bool
- Common
Name string - Email
Domains []string - Emails []string
- Everyone bool
- Geos []string
- Githubs
[]Access
Policy Exclude Github - Groups []string
- Gsuites
[]Access
Policy Exclude Gsuite - Ips []string
- Oktas
[]Access
Policy Exclude Okta - Samls
[]Access
Policy Exclude Saml - Service
Tokens []string
- any
Valid booleanService Token - auth
Method string - azures
Access
Policy Exclude Azure[] - certificate boolean
- common
Name string - email
Domains string[] - emails string[]
- everyone boolean
- geos string[]
- githubs
Access
Policy Exclude Github[] - groups string[]
- gsuites
Access
Policy Exclude Gsuite[] - ips string[]
- oktas
Access
Policy Exclude Okta[] - samls
Access
Policy Exclude Saml[] - service
Tokens string[]
- any_
valid_ boolservice_ token - auth_
method str - azures
Sequence[Access
Policy Exclude Azure Args] - certificate bool
- common_
name str - email_
domains Sequence[str] - emails Sequence[str]
- everyone bool
- geos Sequence[str]
- githubs
Sequence[Access
Policy Exclude Github Args] - groups Sequence[str]
- gsuites
Sequence[Access
Policy Exclude Gsuite Args] - ips Sequence[str]
- oktas
Sequence[Access
Policy Exclude Okta Args] - samls
Sequence[Access
Policy Exclude Saml Args] - service_
tokens Sequence[str]
AccessPolicyExcludeAzure
- Identity
Provider stringId - Ids List<string>
- Identity
Provider stringId - Ids []string
- identity
Provider stringId - ids string[]
- identity_
provider_ strid - ids Sequence[str]
AccessPolicyExcludeGithub
- Identity
Provider stringId - Name string
Friendly name of the Access Application.
- Teams List<string>
- Identity
Provider stringId - Name string
Friendly name of the Access Application.
- Teams []string
- identity
Provider stringId - name string
Friendly name of the Access Application.
- teams string[]
- identity_
provider_ strid - name str
Friendly name of the Access Application.
- teams Sequence[str]
AccessPolicyExcludeGsuite
- Emails List<string>
- Identity
Provider stringId
- Emails []string
- Identity
Provider stringId
- emails string[]
- identity
Provider stringId
- emails Sequence[str]
- identity_
provider_ strid
AccessPolicyExcludeOkta
- Identity
Provider stringId - Names List<string>
Friendly name of the Access Application.
- Identity
Provider stringId - Names []string
Friendly name of the Access Application.
- identity
Provider stringId - names string[]
Friendly name of the Access Application.
- identity_
provider_ strid - names Sequence[str]
Friendly name of the Access Application.
AccessPolicyExcludeSaml
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- attribute
Name string - attribute
Value string - identity
Provider stringId
AccessPolicyInclude
- Any
Valid boolService Token - Auth
Method string - Azures
List<Access
Policy Include Azure Args> - Certificate bool
- Common
Name string - Email
Domains List<string> - Emails List<string>
- Everyone bool
- Geos List<string>
- Githubs
List<Access
Policy Include Github Args> - Groups List<string>
- Gsuites
List<Access
Policy Include Gsuite Args> - Ips List<string>
- Oktas
List<Access
Policy Include Okta Args> - Samls
List<Access
Policy Include Saml Args> - Service
Tokens List<string>
- Any
Valid boolService Token - Auth
Method string - Azures
[]Access
Policy Include Azure - Certificate bool
- Common
Name string - Email
Domains []string - Emails []string
- Everyone bool
- Geos []string
- Githubs
[]Access
Policy Include Github - Groups []string
- Gsuites
[]Access
Policy Include Gsuite - Ips []string
- Oktas
[]Access
Policy Include Okta - Samls
[]Access
Policy Include Saml - Service
Tokens []string
- any
Valid booleanService Token - auth
Method string - azures
Access
Policy Include Azure[] - certificate boolean
- common
Name string - email
Domains string[] - emails string[]
- everyone boolean
- geos string[]
- githubs
Access
Policy Include Github[] - groups string[]
- gsuites
Access
Policy Include Gsuite[] - ips string[]
- oktas
Access
Policy Include Okta[] - samls
Access
Policy Include Saml[] - service
Tokens string[]
- any_
valid_ boolservice_ token - auth_
method str - azures
Sequence[Access
Policy Include Azure Args] - certificate bool
- common_
name str - email_
domains Sequence[str] - emails Sequence[str]
- everyone bool
- geos Sequence[str]
- githubs
Sequence[Access
Policy Include Github Args] - groups Sequence[str]
- gsuites
Sequence[Access
Policy Include Gsuite Args] - ips Sequence[str]
- oktas
Sequence[Access
Policy Include Okta Args] - samls
Sequence[Access
Policy Include Saml Args] - service_
tokens Sequence[str]
AccessPolicyIncludeAzure
- Identity
Provider stringId - Ids List<string>
- Identity
Provider stringId - Ids []string
- identity
Provider stringId - ids string[]
- identity_
provider_ strid - ids Sequence[str]
AccessPolicyIncludeGithub
- Identity
Provider stringId - Name string
Friendly name of the Access Application.
- Teams List<string>
- Identity
Provider stringId - Name string
Friendly name of the Access Application.
- Teams []string
- identity
Provider stringId - name string
Friendly name of the Access Application.
- teams string[]
- identity_
provider_ strid - name str
Friendly name of the Access Application.
- teams Sequence[str]
AccessPolicyIncludeGsuite
- Emails List<string>
- Identity
Provider stringId
- Emails []string
- Identity
Provider stringId
- emails string[]
- identity
Provider stringId
- emails Sequence[str]
- identity_
provider_ strid
AccessPolicyIncludeOkta
- Identity
Provider stringId - Names List<string>
Friendly name of the Access Application.
- Identity
Provider stringId - Names []string
Friendly name of the Access Application.
- identity
Provider stringId - names string[]
Friendly name of the Access Application.
- identity_
provider_ strid - names Sequence[str]
Friendly name of the Access Application.
AccessPolicyIncludeSaml
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- attribute
Name string - attribute
Value string - identity
Provider stringId
AccessPolicyRequire
- Any
Valid boolService Token - Auth
Method string - Azures
List<Access
Policy Require Azure Args> - Certificate bool
- Common
Name string - Email
Domains List<string> - Emails List<string>
- Everyone bool
- Geos List<string>
- Githubs
List<Access
Policy Require Github Args> - Groups List<string>
- Gsuites
List<Access
Policy Require Gsuite Args> - Ips List<string>
- Oktas
List<Access
Policy Require Okta Args> - Samls
List<Access
Policy Require Saml Args> - Service
Tokens List<string>
- Any
Valid boolService Token - Auth
Method string - Azures
[]Access
Policy Require Azure - Certificate bool
- Common
Name string - Email
Domains []string - Emails []string
- Everyone bool
- Geos []string
- Githubs
[]Access
Policy Require Github - Groups []string
- Gsuites
[]Access
Policy Require Gsuite - Ips []string
- Oktas
[]Access
Policy Require Okta - Samls
[]Access
Policy Require Saml - Service
Tokens []string
- any
Valid booleanService Token - auth
Method string - azures
Access
Policy Require Azure[] - certificate boolean
- common
Name string - email
Domains string[] - emails string[]
- everyone boolean
- geos string[]
- githubs
Access
Policy Require Github[] - groups string[]
- gsuites
Access
Policy Require Gsuite[] - ips string[]
- oktas
Access
Policy Require Okta[] - samls
Access
Policy Require Saml[] - service
Tokens string[]
- any_
valid_ boolservice_ token - auth_
method str - azures
Sequence[Access
Policy Require Azure Args] - certificate bool
- common_
name str - email_
domains Sequence[str] - emails Sequence[str]
- everyone bool
- geos Sequence[str]
- githubs
Sequence[Access
Policy Require Github Args] - groups Sequence[str]
- gsuites
Sequence[Access
Policy Require Gsuite Args] - ips Sequence[str]
- oktas
Sequence[Access
Policy Require Okta Args] - samls
Sequence[Access
Policy Require Saml Args] - service_
tokens Sequence[str]
AccessPolicyRequireAzure
- Identity
Provider stringId - Ids List<string>
- Identity
Provider stringId - Ids []string
- identity
Provider stringId - ids string[]
- identity_
provider_ strid - ids Sequence[str]
AccessPolicyRequireGithub
- Identity
Provider stringId - Name string
Friendly name of the Access Application.
- Teams List<string>
- Identity
Provider stringId - Name string
Friendly name of the Access Application.
- Teams []string
- identity
Provider stringId - name string
Friendly name of the Access Application.
- teams string[]
- identity_
provider_ strid - name str
Friendly name of the Access Application.
- teams Sequence[str]
AccessPolicyRequireGsuite
- Emails List<string>
- Identity
Provider stringId
- Emails []string
- Identity
Provider stringId
- emails string[]
- identity
Provider stringId
- emails Sequence[str]
- identity_
provider_ strid
AccessPolicyRequireOkta
- Identity
Provider stringId - Names List<string>
Friendly name of the Access Application.
- Identity
Provider stringId - Names []string
Friendly name of the Access Application.
- identity
Provider stringId - names string[]
Friendly name of the Access Application.
- identity_
provider_ strid - names Sequence[str]
Friendly name of the Access Application.
AccessPolicyRequireSaml
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- attribute
Name string - attribute
Value string - identity
Provider stringId
Import
Access Policies can be imported using a composite ID formed of zone ID, application ID and policy ID.
$ pulumi import cloudflare:index/accessPolicy:AccessPolicy staging cb029e245cfdd66dc8d2e570d5dd3322/d41d8cd98f00b204e9800998ecf8427e/67ea780ce4982c1cfbe6b7293afc765d
where * cb029e245cfdd66dc8d2e570d5dd3322
- Zone ID * d41d8cd98f00b204e9800998ecf8427e
- Access Application ID * 67ea780ce4982c1cfbe6b7293afc765d
- Access Policy ID
Package Details
- Repository
- https://github.com/pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflare
Terraform Provider.